Making WordPress.org

Changeset 13610


Ignore:
Timestamp:
04/29/2024 07:36:53 AM (10 months ago)
Author:
dd32
Message:

Plugin Directory: Add a 'pending plugin' API endpoint to fetch information about a plugin in review.

This is intended to be used by the Reviewer tools, such that the tools can use information known to the plugin directory about the ZIP being reviewed.

See #7385.

Location:
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory
Files:
1 added
4 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/api/class-base.php

    r12999 r13610  
    4040        new Routes\Plugin_Upload();
    4141        new Routes\Plugin_Blueprint();
     42        new Routes\Pending_Plugin();
    4243    }
    4344
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/api/routes/class-plugin.php

    r13147 r13610  
    3939     */
    4040    function plugin_info( $request ) {
    41         $plugin_slug = $request['plugin_slug'];
    42 
    43         global $post;
    44         $post = Plugin_Directory::get_plugin_post( $plugin_slug );
    45 
    46         if ( 'publish' != $post->post_status ) {
     41        $post = Plugin_Directory::get_plugin_post( $request['plugin_slug'] );
     42
     43        if ( ! $post || 'publish' != $post->post_status ) {
    4744            // Copy what the REST API does if the param is incorrect
    4845            return new \WP_Error(
     
    5855        }
    5956
     57        return $this->plugin_info_data( $request, $post );
     58    }
     59
     60    /**
     61     * The underlying API for the plugin information.
     62     *
     63     * Expects that the input has been validated, and that the $post object is safe for display.
     64     * This is shared with/called from Pending_Plugin too.
     65     *
     66     * @param \WP_REST_Request $request The request object.
     67     * @param \WP_Post         $post    The post object for the plugin.
     68     * @return array The formatted array of all the data for the plugin.
     69     */
     70    public function plugin_info_data( $request, $post ) {
     71        $GLOBALS['post'] = $post;
     72        $plugin_slug     = $post->post_name;
     73        $post_id         = $post->ID;
     74
    6075        // Support returning API data in different locales, even on wordpress.org (for api.wordpress.org usage)
    6176        if ( ! empty( $request['locale'] ) && ! in_array( strtolower( $request['locale'] ), array( 'en_us', 'en' ) ) ) {
    6277            switch_to_locale( $request['locale'] );
    6378        }
    64 
    65         $post_id = $post->ID;
    6679
    6780        $result            = array();
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-plugin-directory.php

    r13438 r13610  
    5252        add_action( 'wp_head', array( Template::class, 'hreflang_link_attributes' ), 2 );
    5353        add_filter( 'allowed_redirect_hosts', array( $this, 'filter_redirect_hosts' ) );
     54        add_filter( 'wp_get_attachment_url', array( $this, 'add_info_to_zip_url' ), 100, 2 );
    5455
    5556        // Add no-index headers where appropriate.
     
    18321833
    18331834        return update_post_meta( $plugin->ID, 'releases', $releases );
     1835    }
     1836
     1837    /**
     1838     * Add additional context to ZIP urls.
     1839     *
     1840     * The ZIP URL will have a 'info' key attached which is a rest api URL to information about the plugin.
     1841     *
     1842     * @param string $url           The URL to the ZIP file.
     1843     * @param int    $attachment_id The attachment ID.
     1844     * @return string The URL to the ZIP file.
     1845     */
     1846    public function add_info_to_zip_url( $url, $attachment_id ) {
     1847        $attachment = get_post( $attachment_id );
     1848        $post       = get_post( $attachment->post_parent );
     1849        $token      = $post->{'_pending_access_token'} ?? false;
     1850
     1851        if ( ! $url || ! $attachment || ! $post || ! $token || ! current_user_can( 'edit_post', $post->ID ) ) {
     1852            return $url;
     1853        }
     1854
     1855        $url = add_query_arg(
     1856            'info',
     1857            urlencode( rest_url( sprintf(
     1858                'plugins/v1/pending-plugin/%d-%s/',
     1859                $post->ID,
     1860                $token
     1861            ) ) ),
     1862            $url
     1863        );
     1864
     1865        return $url;
    18341866    }
    18351867
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/shortcodes/class-upload-handler.php

    r13609 r13610  
    469469        // First time submission, track some additional metadata.
    470470        if ( ! $updating_existing ) {
    471             $post_args['meta_input']['_author_ip']        = preg_replace( '/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR'] );
    472             $post_args['meta_input']['_submitted_date']   = time();
    473             $post_args['meta_input']['_used_upload_token'] = $has_upload_token;
     471            $post_args['meta_input']['_author_ip']            = preg_replace( '/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR'] );
     472            $post_args['meta_input']['_submitted_date']       = time();
     473            $post_args['meta_input']['_used_upload_token']    = $has_upload_token;
     474            $post_args['meta_input']['_pending_access_token'] = md5( wp_generate_password( 32, true, true ) );
    474475        }
    475476
Note: See TracChangeset for help on using the changeset viewer.