PluginProbe ʕ •ᴥ•ʔ
Jetpack – WP Security, Backup, Speed, & Growth / 15.9-a.1
Jetpack – WP Security, Backup, Speed, & Growth v15.9-a.1
15.9-a.7 15.9-a.5 15.9-a.3 15.9-a.1 15.8 15.8-beta 15.8-a.7 15.8-a.5 5.2.5 5.3.4 5.4.4 5.5.5 5.6.5 5.7.5 5.8.4 5.9.4 6.0.4 6.1 6.1.1 6.1.2 6.1.3 6.1.4 6.1.5 6.2 6.2.1 6.2.2 6.2.3 6.2.4 6.2.5 6.3 6.3.1 6.3.2 6.3.3 6.3.4 6.3.5 6.3.6 6.3.7 6.4 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 6.4.6 6.5 6.5.1 6.5.2 6.5.3 6.5.4 6.6 6.6.1 6.6.2 6.6.3 6.6.4 6.6.5 6.7 6.7.1 6.7.2 6.7.3 6.7.4 6.8 6.8.1 6.8.2 6.8.3 6.8.4 6.8.5 6.9 6.9.1 6.9.2 6.9.3 6.9.4 7.0 7.0.1 7.0.2 7.0.3 7.0.4 7.0.5 7.1 7.1.1 7.1.2 7.1.3 7.1.4 7.1.5 7.2 7.2.1 7.2.1.1 7.2.2 7.2.3 7.2.4 7.2.5 7.3 7.3.0.1 7.3.1 7.3.1.1 7.3.2 7.3.3 7.3.4 7.3.5 7.4 7.4.1 7.4.2 7.4.3 7.4.4 7.4.5 7.5 7.5.0.1 7.5.1 7.5.2 7.5.3 7.5.4 7.5.5 7.5.6 7.5.7 7.6 7.6.1 7.6.2 7.6.3 7.6.4 7.7 7.7.1 7.7.2 7.7.3 7.7.4 7.7.5 7.7.6 7.8 7.8.1 7.8.2 7.8.3 7.8.4 7.9 7.9.1 7.9.2 7.9.3 7.9.4 8.0 8.0.1 8.0.2 8.0.3 8.1 8.1.1 8.1.2 8.1.3 8.1.4 8.2 8.2.0.1 8.2.1 8.2.2 8.2.3 8.2.4 8.2.5 8.2.6 8.3 8.3.1 8.3.2 8.3.3 8.4 8.4.1 8.4.2 8.4.3 8.4.4 8.4.5 8.5 8.5.1 8.5.2 8.5.3 8.6 8.6.1 8.6.2 8.6.3 8.6.4 8.7 8.7.0.1 8.7.1 8.7.2 8.7.3 8.7.4 8.8 8.8.1 8.8.2 8.8.3 8.8.4 8.8.5 8.9 8.9.1 8.9.2 8.9.3 8.9.4 9.0 9.0.1 9.0.2 9.0.3 9.0.4 9.0.5 9.1 9.1.1 9.1.2 9.1.3 9.2 9.2.1 9.2.2 9.2.3 9.2.4 9.3 9.3.1 9.3.2 9.3.3 9.3.4 9.3.5 9.4 9.4.1 9.4.2 9.4.3 9.4.4 9.5 9.5.1 9.5.2 9.5.3 9.5.4 9.5.5 9.6 9.6.1 9.6.2 9.6.3 9.6.4 9.7 9.7.1 9.7.2 15.7-beta.2 9.7.3 15.7.1 9.8 15.8-a.1 9.8.1 15.8-a.3 9.8.2 2.0.9 9.8.3 2.1.7 9.9 2.2.10 9.9.1 2.3.10 9.9.2 2.4.7 9.9.3 2.5.5 2.6.6 2.7.5 2.8.5 2.9.6 3.0.6 3.1.5 3.2.5 3.3.6 3.4.6 3.5.6 3.6.4 3.7.5 3.8.5 3.9.10 4.0.7 4.1.4 4.2.5 4.3.5 4.4.5 4.5.3 4.6.3 4.7.4 4.8.5 4.9.3 5.0.3 5.1.4 trunk 10.0 10.0.1 10.0.2 10.1 10.1.1 10.1.2 10.2 10.2.1 10.2.2 10.2.3 10.3 10.3.1 10.3.2 10.4 10.4.1 10.4.2 10.5 10.5.1 10.5.2 10.5.3 10.6 10.6.1 10.6.2 10.7 10.7.1 10.7.2 10.8 10.8.1 10.8.2 10.9 10.9.1 10.9.2 10.9.3 11.0 11.0.1 11.0.2 11.1 11.1.1 11.1.2 11.1.3 11.1.4 11.2 11.2.1 11.2.2 11.3 11.3.1 11.3.2 11.3.3 11.3.4 11.4 11.4.1 11.4.2 11.5 11.5.1 11.5.2 11.5.3 11.6 11.6.1 11.6.2 11.7 11.7.1 11.7.2 11.7.3 11.8 11.8.3 11.8.4 11.8.5 11.8.6 11.9 11.9.1 11.9.2 11.9.3 12.0 12.0.1 12.0.2 12.1 12.1.1 12.1.2 12.2 12.2.1 12.2.2 12.3 12.3.1 12.4 12.4.1 12.5 12.5.1 12.6 12.6.1 12.6.2 12.6.3 12.7 12.7.1 12.7.2 12.8 12.8.1 12.8.2 12.9 12.9.1 12.9.2 12.9.3 12.9.4 13.0 13.0.1 13.1 13.1.1 13.1.2 13.1.3 13.1.4 13.2 13.2.1 13.2.2 13.2.3 13.3 13.3.1 13.3.2 13.4 13.4.1 13.4.2 13.4.3 13.4.4 13.5 13.5.1 13.6 13.6.1 13.7 13.7.1 13.8 13.8.1 13.8.2 13.9 13.9.1 14.0 14.1 14.2 14.2.1 14.3 14.4 14.4.1 14.5 14.6 14.7 14.8 14.9 14.9.1 15.0 15.0.1 15.0.2 15.1 15.1.1 15.2 15.3 15.3.1 15.4 15.5 15.6 15.7 15.7-a.1 15.7-a.3 15.7-a.5 15.7-a.7 15.7-beta
jetpack / json-endpoints / class.wpcom-json-api-site-user-endpoint.php
jetpack / json-endpoints Last commit date
jetpack 4 weeks ago class.wpcom-json-api-add-widget-endpoint.php 6 months ago class.wpcom-json-api-autosave-post-v1-1-endpoint.php 6 months ago class.wpcom-json-api-bulk-delete-post-endpoint.php 6 months ago class.wpcom-json-api-bulk-restore-post-endpoint.php 6 months ago class.wpcom-json-api-bulk-update-comments-endpoint.php 6 months ago class.wpcom-json-api-comment-endpoint.php 6 months ago class.wpcom-json-api-delete-media-endpoint.php 6 months ago class.wpcom-json-api-delete-media-v1-1-endpoint.php 6 months ago class.wpcom-json-api-edit-media-v1-2-endpoint.php 6 months ago class.wpcom-json-api-get-autosave-v1-1-endpoint.php 6 months ago class.wpcom-json-api-get-comment-counts-endpoint.php 6 months ago class.wpcom-json-api-get-comment-endpoint.php 6 months ago class.wpcom-json-api-get-comment-history-endpoint.php 6 months ago class.wpcom-json-api-get-comments-tree-endpoint.php 6 months ago class.wpcom-json-api-get-comments-tree-v1-1-endpoint.php 6 months ago class.wpcom-json-api-get-comments-tree-v1-2-endpoint.php 6 months ago class.wpcom-json-api-get-customcss.php 6 months ago class.wpcom-json-api-get-media-endpoint.php 6 months ago class.wpcom-json-api-get-media-v1-1-endpoint.php 6 months ago class.wpcom-json-api-get-media-v1-2-endpoint.php 6 months ago class.wpcom-json-api-get-post-counts-v1-1-endpoint.php 6 months ago class.wpcom-json-api-get-post-endpoint.php 6 months ago class.wpcom-json-api-get-post-v1-1-endpoint.php 6 months ago class.wpcom-json-api-get-site-endpoint.php 4 weeks ago class.wpcom-json-api-get-site-v1-2-endpoint.php 3 months ago class.wpcom-json-api-get-taxonomies-endpoint.php 1 month ago class.wpcom-json-api-get-taxonomy-endpoint.php 6 months ago class.wpcom-json-api-get-term-endpoint.php 6 months ago class.wpcom-json-api-list-comments-endpoint.php 6 months ago class.wpcom-json-api-list-dropdown-pages-endpoint.php 6 months ago class.wpcom-json-api-list-embeds-endpoint.php 6 months ago class.wpcom-json-api-list-media-endpoint.php 6 months ago class.wpcom-json-api-list-media-v1-1-endpoint.php 6 months ago class.wpcom-json-api-list-media-v1-2-endpoint.php 6 months ago class.wpcom-json-api-list-post-type-taxonomies-endpoint.php 6 months ago class.wpcom-json-api-list-post-types-endpoint.php 6 months ago class.wpcom-json-api-list-posts-endpoint.php 6 months ago class.wpcom-json-api-list-posts-v1-1-endpoint.php 6 months ago class.wpcom-json-api-list-posts-v1-2-endpoint.php 6 months ago class.wpcom-json-api-list-roles-endpoint.php 6 months ago class.wpcom-json-api-list-shortcodes-endpoint.php 6 months ago class.wpcom-json-api-list-terms-endpoint.php 6 months ago class.wpcom-json-api-list-users-endpoint.php 6 months ago class.wpcom-json-api-menus-v1-1-endpoint.php 6 months ago class.wpcom-json-api-post-endpoint.php 6 months ago class.wpcom-json-api-post-v1-1-endpoint.php 1 month ago class.wpcom-json-api-render-embed-endpoint.php 6 months ago class.wpcom-json-api-render-embed-reversal-endpoint.php 6 months ago class.wpcom-json-api-render-endpoint.php 4 months ago class.wpcom-json-api-render-shortcode-endpoint.php 6 months ago class.wpcom-json-api-sharing-buttons-endpoint.php 6 months ago class.wpcom-json-api-site-settings-endpoint.php 2 months ago class.wpcom-json-api-site-settings-v1-2-endpoint.php 6 months ago class.wpcom-json-api-site-settings-v1-3-endpoint.php 6 months ago class.wpcom-json-api-site-settings-v1-4-endpoint.php 2 months ago class.wpcom-json-api-site-user-endpoint.php 6 months ago class.wpcom-json-api-taxonomy-endpoint.php 6 months ago class.wpcom-json-api-update-comment-endpoint.php 4 months ago class.wpcom-json-api-update-customcss.php 6 months ago class.wpcom-json-api-update-media-endpoint.php 6 months ago class.wpcom-json-api-update-media-v1-1-endpoint.php 6 months ago class.wpcom-json-api-update-post-endpoint.php 6 months ago class.wpcom-json-api-update-post-v1-1-endpoint.php 6 months ago class.wpcom-json-api-update-post-v1-2-endpoint.php 6 months ago class.wpcom-json-api-update-site-homepage-endpoint.php 6 months ago class.wpcom-json-api-update-site-logo-endpoint.php 6 months ago class.wpcom-json-api-update-taxonomy-endpoint.php 5 months ago class.wpcom-json-api-update-term-endpoint.php 6 months ago class.wpcom-json-api-update-user-endpoint.php 6 months ago class.wpcom-json-api-upload-media-endpoint.php 6 months ago class.wpcom-json-api-upload-media-v1-1-endpoint.php 6 months ago
class.wpcom-json-api-site-user-endpoint.php
273 lines
1 <?php // phpcs:ignore WordPress.Files.FileName.InvalidClassFileName
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit( 0 );
5 }
6
7 new WPCOM_JSON_API_Site_User_Endpoint(
8 array(
9 'description' => 'Get details of a user of a site by ID.',
10 'group' => '__do_not_document', // 'users'
11 'stat' => 'sites:1:user',
12 'method' => 'GET',
13 'path' => '/sites/%s/users/%d',
14 'path_labels' => array(
15 '$site' => '(int|string) Site ID or domain',
16 '$user_id' => '(int) User ID',
17 ),
18 'response_format' => WPCOM_JSON_API_Site_User_Endpoint::$user_format,
19 'example_request' => 'https://public-api.wordpress.com/rest/v1/sites/30434183/user/23',
20 'example_request_data' => array(
21 'headers' => array(
22 'authorization' => 'Bearer YOUR_API_TOKEN',
23 ),
24 ),
25 'example_response' => '{
26 "ID": 18342963,
27 "login": "binarysmash",
28 "email": false,
29 "name": "binarysmash",
30 "URL": "http:\/\/binarysmash.wordpress.com",
31 "avatar_URL": "http:\/\/0.gravatar.com\/avatar\/a178ebb1731d432338e6bb0158720fcc?s=96&d=identicon&r=G",
32 "profile_URL": "http:\/\/gravatar.com\/binarysmash",
33 "roles": [ "administrator" ]
34 }',
35 )
36 );
37
38 new WPCOM_JSON_API_Site_User_Endpoint(
39 array(
40 'description' => 'Get details of a user of a site by login.',
41 'group' => 'users',
42 'stat' => 'sites:1:user',
43 'method' => 'GET',
44 'path' => '/sites/%s/users/login:%s',
45 'path_labels' => array(
46 '$site' => '(int|string) The site ID or domain.',
47 '$user_id' => '(string) The user\'s login.',
48 ),
49 'response_format' => WPCOM_JSON_API_Site_User_Endpoint::$user_format,
50 'example_request' => 'https://public-api.wordpress.com/rest/v1/sites/30434183/user/login:binarysmash',
51 'example_request_data' => array(
52 'headers' => array(
53 'authorization' => 'Bearer YOUR_API_TOKEN',
54 ),
55 ),
56 'example_response' => '{
57 "ID": 18342963,
58 "login": "binarysmash",
59 "email": false,
60 "name": "binarysmash",
61 "URL": "http:\/\/binarysmash.wordpress.com",
62 "avatar_URL": "http:\/\/0.gravatar.com\/avatar\/a178ebb1731d432338e6bb0158720fcc?s=96&d=identicon&r=G",
63 "profile_URL": "http:\/\/gravatar.com\/binarysmash",
64 "roles": [ "administrator" ]
65 }',
66 )
67 );
68
69 new WPCOM_JSON_API_Site_User_Endpoint(
70 array(
71 'description' => 'Update details of a user of a site.',
72 'group' => 'users',
73 'stat' => 'sites:1:user',
74 'method' => 'POST',
75 'path' => '/sites/%s/users/%d',
76 'path_labels' => array(
77 '$site' => '(int|string) The site ID or domain.',
78 '$user_id' => '(int) The user\'s ID.',
79 ),
80 'request_format' => WPCOM_JSON_API_Site_User_Endpoint::$user_format,
81 'response_format' => WPCOM_JSON_API_Site_User_Endpoint::$user_format,
82 'example_request' => 'https://public-api.wordpress.com/rest/v1/sites/30434183/user/23',
83 'example_request_data' => array(
84 'headers' => array(
85 'authorization' => 'Bearer YOUR_API_TOKEN',
86 ),
87 'body' => array(
88 'roles' => array(
89 array(
90 'administrator',
91 ),
92 ),
93 'first_name' => 'Rocco',
94 'last_name' => 'Tripaldi',
95 ),
96 ),
97 'example_response' => '{
98 "ID": 18342963,
99 "login": "binarysmash",
100 "email": false,
101 "name": "binarysmash",
102 "URL": "http:\/\/binarysmash.wordpress.com",
103 "avatar_URL": "http:\/\/0.gravatar.com\/avatar\/a178ebb1731d432338e6bb0158720fcc?s=96&d=identicon&r=G",
104 "profile_URL": "http:\/\/gravatar.com\/binarysmash",
105 "roles": [ "administrator" ]
106 }',
107 )
108 );
109
110 /**
111 * Site user endpoint class.
112 *
113 * /sites/%s/users/%d -> $blog_id, $user_id
114 *
115 * @phan-constructor-used-for-side-effects
116 */
117 class WPCOM_JSON_API_Site_User_Endpoint extends WPCOM_JSON_API_Endpoint {
118
119 /**
120 * User format.
121 *
122 * @var array
123 */
124 public static $user_format = array(
125 'ID' => '(int) The ID of the user',
126 'login' => '(string) The login username of the user',
127 'email' => '(string) The email of the user',
128 'name' => '(string) The name to display for the user',
129 'first_name' => '(string) The first name of the user',
130 'last_name' => '(string) The last name of the user',
131 'nice_name' => '(string) The nice_name to display for the user',
132 'URL' => '(string) The primary blog of the user',
133 'avatar_URL' => '(url) Gravatar image URL',
134 'profile_URL' => '(url) Gravatar Profile URL',
135 'site_ID' => '(int) ID of the user\'s primary blog',
136 'roles' => '(array|string) The role or roles of the user',
137 );
138
139 /**
140 * API Callback.
141 *
142 * @param string $path - the path.
143 * @param int $blog_id - the blog ID.
144 * @param int $user_id - the user ID.
145 *
146 * @return array|WP_Error
147 */
148 public function callback( $path = '', $blog_id = 0, $user_id = 0 ) {
149 $blog_id = $this->api->switch_to_blog_and_validate_user( $this->api->get_blog_id( $blog_id ) );
150 if ( is_wp_error( $blog_id ) ) {
151 return $blog_id;
152 }
153 if ( ! current_user_can_for_site( $blog_id, 'list_users' ) ) {
154 return new WP_Error( 'unauthorized', 'User cannot view users for specified site', 403 );
155 }
156
157 // Get the user by ID or login
158 $get_by = str_contains( $path, '/users/login:' ) ? 'login' : 'id';
159 $user = get_user_by( $get_by, $user_id );
160
161 if ( ! $user ) {
162 return new WP_Error( 'unknown_user', 'Unknown user', 404 );
163 }
164
165 if ( ! is_user_member_of_blog( $user->ID, $blog_id ) ) {
166 return new WP_Error( 'unknown_user_for_site', 'Unknown user for site', 404 );
167 }
168
169 if ( 'GET' === $this->api->method ) {
170 return $this->get_user( $user->ID );
171 } elseif ( 'POST' === $this->api->method ) {
172 if ( ! current_user_can_for_site( $blog_id, 'promote_users' ) ) {
173 return new WP_Error( 'unauthorized_no_promote_cap', 'User cannot promote users for specified site', 403 );
174 }
175 return $this->update_user( $user_id, $blog_id );
176 } else {
177 return new WP_Error( 'bad_request', 'An unsupported request method was used.' );
178 }
179 }
180
181 /**
182 * Get the user.
183 *
184 * @param int $user_id - the user ID.
185 *
186 * @return object
187 */
188 public function get_user( $user_id ) {
189 $the_user = $this->get_author( $user_id, true );
190 if ( $the_user && ! is_wp_error( $the_user ) ) {
191 $userdata = get_userdata( $user_id );
192 $the_user->roles = ! is_wp_error( $userdata ) ? array_values( $userdata->roles ) : array();
193 if ( is_multisite() ) {
194 $the_user->is_super_admin = user_can( $the_user->ID, 'manage_network' );
195 }
196 }
197
198 return $the_user;
199 }
200
201 /**
202 * Updates user data.
203 *
204 * @param int $user_id - the user ID.
205 * @param int $blog_id - the blog ID.
206 *
207 * @return array|WP_Error
208 */
209 public function update_user( $user_id, $blog_id ) {
210 $user = array();
211 $input = $this->input();
212 $user['ID'] = $user_id;
213 $is_wpcom = defined( 'IS_WPCOM' ) && IS_WPCOM;
214
215 if ( get_current_user_id() === (int) $user_id && isset( $input['roles'] ) ) {
216 return new WP_Error( 'unauthorized', 'You cannot change your own role', 403 );
217 }
218
219 if ( $is_wpcom && $user_id !== get_current_user_id() && (int) $user_id === wpcom_get_blog_owner( $blog_id ) ) {
220 return new WP_Error( 'unauthorized_edit_owner', 'Current user cannot edit blog owner', 403 );
221 }
222
223 if ( ! $is_wpcom ) {
224 foreach ( $input as $key => $value ) {
225 if ( ! is_array( $value ) ) {
226 $value = trim( $value );
227 }
228 $value = wp_unslash( $value );
229 switch ( $key ) {
230 case 'first_name':
231 case 'last_name':
232 $user[ $key ] = $value;
233 break;
234 case 'display_name':
235 case 'name':
236 $user['display_name'] = $value;
237 break;
238 }
239 }
240 }
241
242 if ( isset( $input['roles'] ) ) {
243 // For now, we only use the first role in the array.
244 if ( is_array( $input['roles'] ) ) {
245 $user['role'] = $input['roles'][0];
246 } elseif ( is_string( $input['roles'] ) ) {
247 $user['role'] = $input['roles'];
248 } else {
249 return new WP_Error( 'invalid_input', __( 'The roles property must be a string or an array.', 'jetpack' ), 400 );
250 }
251
252 $editable_roles = array_keys( get_editable_roles() );
253 if ( ! in_array( $user['role'], $editable_roles, true ) ) {
254 return new WP_Error(
255 'invalid_input',
256 sprintf(
257 /* Translators: placeholder is an invalid role name */
258 esc_html__( '%s is not a valid role.', 'jetpack' ),
259 $editable_roles
260 ),
261 400
262 );
263 }
264 }
265
266 $result = wp_update_user( $user );
267 if ( is_wp_error( $result ) ) {
268 return $result;
269 }
270 return $this->get_user( $user_id );
271 }
272 }
273