class.jetpack-admin.php — Jetpack – WP Security, Backup, Speed, & Growth 13.3.2

jetpack / class.jetpack-admin.php

jetpack Last commit date

class.jetpack-admin.php

610 lines

1	<?php // phpcs:ignore WordPress.Files.FileName.InvalidClassFileName
2	/**
3	* Build the Jetpack admin menu as a whole.
4	*
5	* @package automattic/jetpack
6	*/
7
8	use Automattic\Jetpack\Admin_UI\Admin_Menu;
9	use Automattic\Jetpack\Current_Plan as Jetpack_Plan;
10	use Automattic\Jetpack\Partner_Coupon as Jetpack_Partner_Coupon;
11	use Automattic\Jetpack\Status;
12	use Automattic\Jetpack\Status\Host;
13
14	/**
15	* Build the Jetpack admin menu as a whole.
16	*/
17	class Jetpack_Admin {
18
19	/**
20	* Static instance.
21	*
22	* @var Jetpack_Admin
23	*/
24	private static $instance = null;
25
26	/**
27	* Initialize and fetch the static instance.
28	*
29	* @return self
30	*/
31	public static function init() {
32	// phpcs:ignore WordPress.Security.NonceVerification.Recommended
33	if ( isset( $_GET['page'] ) && 'jetpack' === $_GET['page'] ) {
34	add_filter( 'nocache_headers', array( 'Jetpack_Admin', 'add_no_store_header' ), 100 );
35	}
36
37	if ( self::$instance === null ) {
38	self::$instance = new Jetpack_Admin();
39	}
40	return self::$instance;
41	}
42
43	/**
44	* Filter callback to add `no-store` to the `Cache-Control` header.
45	*
46	* @param array $headers Headers array.
47	* @return array Modified headers array.
48	*/
49	public static function add_no_store_header( $headers ) {
50	$headers['Cache-Control'] .= ', no-store';
51	return $headers;
52	}
53
54	/** Constructor. */
55	private function __construct() {
56	require_once JETPACK__PLUGIN_DIR . '_inc/lib/admin-pages/class.jetpack-react-page.php';
57	$jetpack_react = new Jetpack_React_Page();
58
59	require_once JETPACK__PLUGIN_DIR . '_inc/lib/admin-pages/class.jetpack-settings-page.php';
60	$fallback_page = new Jetpack_Settings_Page();
61
62	require_once JETPACK__PLUGIN_DIR . '_inc/lib/admin-pages/class-jetpack-about-page.php';
63	$jetpack_about = new Jetpack_About_Page();
64
65	add_action( 'admin_init', array( $jetpack_react, 'react_redirects' ), 0 );
66	add_action( 'admin_menu', array( $jetpack_react, 'add_actions' ), 998 );
67	add_action( 'jetpack_admin_menu', array( $jetpack_react, 'jetpack_add_dashboard_sub_nav_item' ) );
68	add_action( 'jetpack_admin_menu', array( $jetpack_react, 'jetpack_add_settings_sub_nav_item' ) );
69	add_action( 'jetpack_admin_menu', array( $this, 'admin_menu_debugger' ) );
70	add_action( 'jetpack_admin_menu', array( $fallback_page, 'add_actions' ) );
71	add_action( 'jetpack_admin_menu', array( $jetpack_about, 'add_actions' ) );
72
73	// Add redirect to current page for activation/deactivation of modules.
74	add_action( 'jetpack_pre_activate_module', array( $this, 'fix_redirect' ), 10, 2 );
75	add_action( 'jetpack_pre_deactivate_module', array( $this, 'fix_redirect' ), 10, 2 );
76
77	// Add module bulk actions handler.
78	add_action( 'jetpack_unrecognized_action', array( $this, 'handle_unrecognized_action' ) );
79
80	if ( class_exists( 'Akismet_Admin' ) ) {
81	// If the site has Jetpack Anti-spam, change the Akismet menu label and logo accordingly.
82	$site_products = array_column( Jetpack_Plan::get_products(), 'product_slug' );
83	$has_anti_spam_product = count( array_intersect( array( 'jetpack_anti_spam', 'jetpack_anti_spam_monthly' ), $site_products ) ) > 0;
84
85	if ( Jetpack_Plan::supports( 'akismet' ) \|\| Jetpack_Plan::supports( 'antispam' ) \|\| $has_anti_spam_product ) {
86	// Prevent Akismet from adding a menu item.
87	add_action(
88	'admin_menu',
89	function () {
90	remove_action( 'admin_menu', array( 'Akismet_Admin', 'admin_menu' ), 5 );
91	},
92	4
93	);
94
95	// Add an Anti-spam menu item for Jetpack. This is handled automatically by the Admin_Menu as long as it has been initialized.
96	Admin_Menu::init();
97	add_action( 'admin_enqueue_scripts', array( $this, 'akismet_logo_replacement_styles' ) );
98	}
99	}
100
101	// Ensure an Additional CSS menu item is added to the Appearance menu whenever Jetpack is connected.
102	add_action( 'admin_menu', array( $this, 'additional_css_menu' ) );
103
104	add_filter( 'jetpack_display_jitms_on_screen', array( $this, 'should_display_jitms_on_screen' ), 10, 2 );
105
106	// Register Jetpack partner coupon hooks.
107	Jetpack_Partner_Coupon::register_coupon_admin_hooks( 'jetpack', Jetpack::admin_url() );
108	}
109
110	/**
111	* Generate styles to replace Akismet logo for the Jetpack Akismet Anti-spam logo.
112	Without this, we would have to change the logo from Akismet codebase and we want to avoid that.
113	*/
114	public function akismet_logo_replacement_styles() {
115	$logo_url = esc_url( plugins_url( 'images/products/logo-anti-spam.svg', JETPACK__PLUGIN_FILE ) );
116	$style = ".akismet-masthead__logo-container { background: url({$logo_url}) no-repeat; min-height: 42px; margin: 20px 0; padding: 0 !important; } .akismet-masthead__logo { display: none; }";
117	$style .= '@media screen and (max-width: 782px) { .akismet-masthead__logo-container { margin-left: 4px; } }';
118	wp_add_inline_style( 'admin-bar', $style );
119	}
120
121	/**
122	* Handle our Additional CSS menu item and legacy page declaration.
123	*
124	* @since 11.0 . Prior to that, this function was located in custom-css-4.7.php (now custom-css.php).
125	*/
126	public static function additional_css_menu() {
127	/*
128	* Custom CSS for the Customizer is deprecated for block themes as of WP 6.1, so we only expose it with a menu
129	* if the site already has existing CSS code.
130	*/
131	if ( wp_is_block_theme() ) {
132	$styles = wp_get_custom_css();
133	if ( ! $styles ) {
134	return;
135	}
136	}
137
138	// If the site is a WoA site and the custom-css feature is not available, return.
139	// See https://github.com/Automattic/jetpack/pull/19965 for more on how this menu item is dealt with on WoA sites.
140	if ( ( new Host() )->is_woa_site() && ! ( in_array( 'custom-css', Jetpack::get_available_modules(), true ) ) ) {
141	return;
142	} elseif ( class_exists( 'Jetpack' ) && Jetpack::is_module_active( 'custom-css' ) ) { // If the Custom CSS module is enabled, add the Additional CSS menu item and link to the Customizer.
143	// Add in our legacy page to support old bookmarks and such.
144	add_submenu_page( '', __( 'CSS', 'jetpack' ), __( 'Additional CSS', 'jetpack' ), 'edit_theme_options', 'editcss', array( __CLASS__, 'customizer_redirect' ) );
145
146	// Add in our new page slug that will redirect to the customizer.
147	$hook = add_theme_page( __( 'CSS', 'jetpack' ), __( 'Additional CSS', 'jetpack' ), 'edit_theme_options', 'editcss-customizer-redirect', array( __CLASS__, 'customizer_redirect' ) );
148	add_action( "load-{$hook}", array( __CLASS__, 'customizer_redirect' ) );
149	} elseif ( class_exists( 'Jetpack' ) && Jetpack::is_connection_ready() ) { // Link to the Jetpack Settings > Writing page, highlighting the Custom CSS setting.
150	add_submenu_page( '', __( 'CSS', 'jetpack' ), __( 'Additional CSS', 'jetpack' ), 'edit_theme_options', 'editcss', array( __CLASS__, 'theme_enhancements_redirect' ) );
151
152	$hook = add_theme_page( __( 'CSS', 'jetpack' ), __( 'Additional CSS', 'jetpack' ), 'edit_theme_options', 'editcss-theme-enhancements-redirect', array( __CLASS__, 'theme_enhancements_redirect' ) );
153	add_action( "load-{$hook}", array( __CLASS__, 'theme_enhancements_redirect' ) );
154	}
155	}
156
157	/**
158	* Handle the redirect for the customizer. This is necessary because
159	* we can't directly add customizer links to the admin menu.
160	*
161	* @since 11.0 . Prior to that, this function was located in custom-css-4.7.php (now custom-css.php).
162	*
163	* There is a core patch in trac that would make this unnecessary.
164	*
165	* @link https://core.trac.wordpress.org/ticket/39050
166	*
167	* @return never
168	*/
169	public static function customizer_redirect() {
170	wp_safe_redirect(
171	self::customizer_link(
172	array(
173	'return_url' => wp_get_referer(),
174	)
175	)
176	);
177	exit;
178	}
179
180	/**
181	* Handle the Additional CSS redirect to the Jetpack settings Theme Enhancements section.
182	*
183	* @since 11.0
184	*
185	* @return never
186	*/
187	public static function theme_enhancements_redirect() {
188	wp_safe_redirect(
189	'admin.php?page=jetpack#/writing?term=custom-css'
190	);
191	exit;
192	}
193
194	/**
195	* Build the URL to deep link to the Customizer.
196	*
197	* You can modify the return url via $args.
198	*
199	* @since 11.0 in this file. This method is also located in custom-css-4.7.php to cover legacy scenarios.
200	*
201	* @param array $args Array of parameters.
202	* @return string
203	*/
204	public static function customizer_link( $args = array() ) {
205	if ( isset( $_SERVER['REQUEST_URI'] ) ) {
206	$args = wp_parse_args(
207	$args,
208	array(
209	'return_url' => rawurlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
210	)
211	);
212	}
213
214	return add_query_arg(
215	array(
216	array(
217	'autofocus' => array(
218	'section' => 'custom_css',
219	),
220	),
221	'return' => $args['return_url'],
222	),
223	admin_url( 'customize.php' )
224	);
225	}
226
227	/**
228	* Sort callback to put modules with `requires_connection` last.
229	*
230	* @param array $module1 Module data.
231	* @param array $module2 Module data.
232	* @return int Indicating the relative ordering of module1 and module2.
233	*/
234	public static function sort_requires_connection_last( $module1, $module2 ) {
235	return ( (bool) $module1['requires_connection'] ) <=> ( (bool) $module2['requires_connection'] );
236	}
237
238	/**
239	* Produce JS understandable objects of modules containing information for
240	* presentation like description, name, configuration url, etc.
241	*/
242	public function get_modules() {
243	include_once JETPACK__PLUGIN_DIR . 'modules/module-info.php';
244	$available_modules = Jetpack::get_available_modules();
245	$active_modules = Jetpack::get_active_modules();
246	$modules = array();
247	$jetpack_active = Jetpack::is_connection_ready() \|\| ( new Status() )->is_offline_mode();
248	$overrides = Jetpack_Modules_Overrides::instance();
249	foreach ( $available_modules as $module ) {
250	$module_array = Jetpack::get_module( $module );
251	if ( $module_array ) {
252	/**
253	* Filters each module's short description.
254	*
255	* @since 3.0.0
256	*
257	* @param string $module_array['description'] Module description.
258	* @param string $module Module slug.
259	*/
260	$short_desc = apply_filters( 'jetpack_short_module_description', $module_array['description'], $module );
261	// Fix: correct multibyte strings truncate with checking for mbstring extension.
262	$short_desc_trunc = ( function_exists( 'mb_strlen' ) )
263	? ( ( mb_strlen( $short_desc ) > 143 )
264	? mb_substr( $short_desc, 0, 140 ) . '...'
265	: $short_desc )
266	: ( ( strlen( $short_desc ) > 143 )
267	? substr( $short_desc, 0, 140 ) . '...'
268	: $short_desc );
269
270	$module_array['module'] = $module;
271
272	$is_available = self::is_module_available( $module_array );
273
274	$module_array['activated'] = ( $jetpack_active ? in_array( $module, $active_modules, true ) : false );
275	$module_array['deactivate_nonce'] = wp_create_nonce( 'jetpack_deactivate-' . $module );
276	$module_array['activate_nonce'] = wp_create_nonce( 'jetpack_activate-' . $module );
277	$module_array['available'] = $is_available;
278	$module_array['unavailable_reason'] = $is_available ? false : self::get_module_unavailable_reason( $module_array );
279	$module_array['short_description'] = $short_desc_trunc;
280	$module_array['configure_url'] = Jetpack::module_configuration_url( $module );
281	$module_array['override'] = $overrides->get_module_override( $module );
282	$module_array['disabled'] = $is_available ? '' : 'disabled="disabled"';
283
284	ob_start();
285	/**
286	* Allow the display of a "Learn More" button.
287	* The dynamic part of the action, $module, is the module slug.
288	*
289	* @since 3.0.0
290	*/
291	do_action( 'jetpack_learn_more_button_' . $module );
292	$module_array['learn_more_button'] = ob_get_clean();
293
294	ob_start();
295	/**
296	* Allow the display of information text when Jetpack is connected to WordPress.com.
297	* The dynamic part of the action, $module, is the module slug.
298	*
299	* @since 3.0.0
300	*/
301	do_action( 'jetpack_module_more_info_' . $module );
302
303	/**
304	* Filter the long description of a module.
305	*
306	* @since 3.5.0
307	*
308	* @param string ob_get_clean() The module long description.
309	* @param string $module The module name.
310	*/
311	$module_array['long_description'] = apply_filters( 'jetpack_long_module_description', ob_get_clean(), $module );
312
313	ob_start();
314	/**
315	* Filter the search terms for a module
316	*
317	* Search terms are typically added to the module headers, under "Additional Search Queries".
318	*
319	* Use syntax:
320	* function jetpack_$module_search_terms( $terms ) {
321	* $terms = _x( 'term 1, term 2', 'search terms', 'jetpack' );
322	* return $terms;
323	* }
324	* add_filter( 'jetpack_search_terms_$module', 'jetpack_$module_search_terms' );
325	*
326	* @since 3.5.0
327	*
328	* @param string The search terms (comma separated).
329	*/
330	echo apply_filters( 'jetpack_search_terms_' . $module, $module_array['additional_search_queries'] ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
331	$module_array['search_terms'] = ob_get_clean();
332
333	$module_array['configurable'] = false;
334	if (
335	current_user_can( 'manage_options' ) &&
336	/**
337	* Allow the display of a configuration link in the Jetpack Settings screen.
338	*
339	* @since 3.0.0
340	*
341	* @param string $module Module name.
342	* @param bool false Should the Configure module link be displayed? Default to false.
343	*/
344	apply_filters( 'jetpack_module_configurable_' . $module, false )
345	) {
346	$module_array['configurable'] = sprintf( '<a href="%1$s">%2$s</a>', esc_url( $module_array['configure_url'] ), __( 'Configure', 'jetpack' ) );
347	}
348
349	$modules[ $module ] = $module_array;
350	}
351	}
352
353	uasort( $modules, array( 'Jetpack', 'sort_modules' ) );
354
355	if ( ! Jetpack::is_connection_ready() ) {
356	uasort( $modules, array( __CLASS__, 'sort_requires_connection_last' ) );
357	}
358
359	return $modules;
360	}
361
362	/**
363	* Check if a module is available.
364	*
365	* @param array $module Module data.
366	*/
367	public static function is_module_available( $module ) {
368	if ( ! is_array( $module ) \|\| empty( $module ) ) {
369	return false;
370	}
371
372	/**
373	* We never want to show VaultPress as activatable through Jetpack.
374	*/
375	if ( 'vaultpress' === $module['module'] ) {
376	return false;
377	}
378
379	/*
380	* WooCommerce Analytics should only be available
381	* when running WooCommerce 3+
382	*/
383	if (
384	'woocommerce-analytics' === $module['module']
385	&& (
386	! class_exists( 'WooCommerce' )
387	\|\| version_compare( WC_VERSION, '3.0', '<' )
388	)
389	) {
390	return false;
391	}
392
393	/*
394	* In Offline mode, modules that require a site or user
395	* level connection should be unavailable.
396	*/
397	if ( ( new Status() )->is_offline_mode() ) {
398	return ! ( $module['requires_connection'] \|\| $module['requires_user_connection'] );
399	}
400
401	/*
402	* Jetpack not connected.
403	*/
404	if ( ! Jetpack::is_connection_ready() ) {
405	return false;
406	}
407
408	/*
409	* Jetpack connected at a site level only. Make sure to make
410	* modules that require a user connection unavailable.
411	*/
412	if ( ! Jetpack::connection()->has_connected_owner() && $module['requires_user_connection'] ) {
413	return false;
414	}
415
416	return Jetpack_Plan::supports( $module['module'] );
417	}
418
419	/**
420	* Returns why a module is unavailable.
421	*
422	* @param array $module The module.
423	* @return string\|false A string stating why the module is not available or false if the module is available.
424	*/
425	public static function get_module_unavailable_reason( $module ) {
426	if ( ! is_array( $module ) \|\| empty( $module ) ) {
427	return false;
428	}
429
430	if ( self::is_module_available( $module ) ) {
431	return false;
432	}
433
434	/**
435	* We never want to show VaultPress as activatable through Jetpack so return an empty string.
436	*/
437	if ( 'vaultpress' === $module['module'] ) {
438	return '';
439	}
440
441	/*
442	* WooCommerce Analytics should only be available
443	* when running WooCommerce 3+
444	*/
445	if (
446	'woocommerce-analytics' === $module['module']
447	&& (
448	! class_exists( 'WooCommerce' )
449	\|\| version_compare( WC_VERSION, '3.0', '<' )
450	)
451	) {
452	return __( 'Requires WooCommerce 3+ plugin', 'jetpack' );
453	}
454
455	/*
456	* In Offline mode, modules that require a site or user
457	* level connection should be unavailable.
458	*/
459	if ( ( new Status() )->is_offline_mode() ) {
460	if ( $module['requires_connection'] \|\| $module['requires_user_connection'] ) {
461	return __( 'Offline mode', 'jetpack' );
462	}
463	}
464
465	/*
466	* Jetpack not connected.
467	*/
468	if ( ! Jetpack::is_connection_ready() ) {
469	return __( 'Jetpack is not connected', 'jetpack' );
470	}
471
472	/*
473	* Jetpack connected at a site level only and module requires a user connection.
474	*/
475	if ( ! Jetpack::connection()->has_connected_owner() && $module['requires_user_connection'] ) {
476	return __( 'Requires a connected WordPress.com account', 'jetpack' );
477	}
478
479	/*
480	* Plan restrictions.
481	*/
482	if ( ! Jetpack_Plan::supports( $module['module'] ) ) {
483	return __( 'Not supported by current plan', 'jetpack' );
484	}
485
486	return '';
487	}
488
489	/**
490	* Handle an unrecognized action.
491	*
492	* @param string $action Action.
493	*/
494	public function handle_unrecognized_action( $action ) {
495	switch ( $action ) {
496	case 'bulk-activate':
497	check_admin_referer( 'bulk-jetpack_page_jetpack_modules' );
498	if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
499	break;
500	}
501
502	$modules = isset( $_GET['modules'] ) ? array_map( 'sanitize_key', wp_unslash( (array) $_GET['modules'] ) ) : array();
503	foreach ( $modules as $module ) {
504	Jetpack::log( 'activate', $module );
505	Jetpack::activate_module( $module, false );
506	}
507	// The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
508	wp_safe_redirect( wp_get_referer() );
509	exit;
510	case 'bulk-deactivate':
511	check_admin_referer( 'bulk-jetpack_page_jetpack_modules' );
512	if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
513	break;
514	}
515
516	$modules = isset( $_GET['modules'] ) ? array_map( 'sanitize_key', wp_unslash( (array) $_GET['modules'] ) ) : array();
517	foreach ( $modules as $module ) {
518	Jetpack::log( 'deactivate', $module );
519	Jetpack::deactivate_module( $module );
520	Jetpack::state( 'message', 'module_deactivated' );
521	}
522	Jetpack::state( 'module', $modules );
523	wp_safe_redirect( wp_get_referer() );
524	exit;
525	default:
526	return;
527	}
528	}
529
530	/**
531	* Fix redirect.
532	*
533	* Apparently we redirect to the referrer instead of whatever WordPress
534	* wants to redirect to when activating and deactivating modules.
535	*
536	* @param string $module Module slug.
537	* @param bool $redirect Should we exit after the module has been activated. Default to true.
538	*/
539	public function fix_redirect( $module, $redirect = true ) {
540	if ( ! $redirect ) {
541	return;
542	}
543	if ( wp_get_referer() ) {
544	add_filter( 'wp_redirect', 'wp_get_referer' );
545	}
546	}
547
548	/**
549	* Add debugger admin menu.
550	*/
551	public function admin_menu_debugger() {
552	require_once JETPACK__PLUGIN_DIR . '_inc/lib/debugger.php';
553	Jetpack_Debugger::disconnect_and_redirect();
554	$debugger_hook = add_submenu_page(
555	'',
556	__( 'Debugging Center', 'jetpack' ),
557	'',
558	'manage_options',
559	'jetpack-debugger',
560	array( $this, 'wrap_debugger_page' )
561	);
562	add_action( "admin_head-$debugger_hook", array( 'Jetpack_Debugger', 'jetpack_debug_admin_head' ) );
563	}
564
565	/**
566	* Wrap debugger page.
567	*/
568	public function wrap_debugger_page() {
569	nocache_headers();
570	if ( ! current_user_can( 'manage_options' ) ) {
571	die( '-1' );
572	}
573	Jetpack_Admin_Page::wrap_ui( array( $this, 'debugger_page' ), array( 'is-wide' => true ) );
574	}
575
576	/**
577	* Display debugger page.
578	*/
579	public function debugger_page() {
580	require_once JETPACK__PLUGIN_DIR . '_inc/lib/debugger.php';
581	Jetpack_Debugger::jetpack_debug_display_handler();
582	}
583
584	/**
585	* Determines if JITMs should display on a particular screen.
586	*
587	* @param bool $value The default value of the filter.
588	* @param string $screen_id The ID of the screen being tested for JITM display.
589	*
590	* @return bool True if JITMs should display, false otherwise.
591	*/
592	public function should_display_jitms_on_screen( $value, $screen_id ) {
593	// Disable all JITMs on these pages.
594	if (
595	in_array(
596	$screen_id,
597	array(
598	'jetpack_page_akismet-key-config',
599	'admin_page_jetpack_modules',
600	),
601	true
602	) ) {
603	return false;
604	}
605
606	return $value;
607	}
608	}
609	Jetpack_Admin::init();
610