summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/jetpack/json-endpoints/class.wpcom-json-api-get-site-endpoint.php')
-rw-r--r--plugins/jetpack/json-endpoints/class.wpcom-json-api-get-site-endpoint.php61
1 files changed, 35 insertions, 26 deletions
diff --git a/plugins/jetpack/json-endpoints/class.wpcom-json-api-get-site-endpoint.php b/plugins/jetpack/json-endpoints/class.wpcom-json-api-get-site-endpoint.php
index f7ab0795..59316fc0 100644
--- a/plugins/jetpack/json-endpoints/class.wpcom-json-api-get-site-endpoint.php
+++ b/plugins/jetpack/json-endpoints/class.wpcom-json-api-get-site-endpoint.php
@@ -51,6 +51,7 @@ class WPCOM_JSON_API_GET_Site_Endpoint extends WPCOM_JSON_API_Endpoint {
'meta' => '(object) Meta data',
'quota' => '(array) An array describing how much space a user has left for uploads',
'launch_status' => '(string) A string describing the launch status of a site',
+ 'is_fse_active' => '(bool) If the site has Full Site Editing active or not.',
);
protected static $no_member_fields = array(
@@ -70,6 +71,7 @@ class WPCOM_JSON_API_GET_Site_Endpoint extends WPCOM_JSON_API_Endpoint {
'is_following',
'meta',
'launch_status',
+ 'is_fse_active',
);
protected static $site_options_format = array(
@@ -131,6 +133,7 @@ class WPCOM_JSON_API_GET_Site_Endpoint extends WPCOM_JSON_API_Endpoint {
'design_type',
'site_goals',
'site_segment',
+ 'import_engine',
);
protected static $jetpack_response_field_additions = array(
@@ -153,6 +156,10 @@ class WPCOM_JSON_API_GET_Site_Endpoint extends WPCOM_JSON_API_Endpoint {
'jetpack_frame_nonce',
'design_type',
'wordads',
+ // Use the site registered date from wpcom, since it is only available in a multisite context
+ // and defaults to `0000-00-00T00:00:00+00:00` from the Jetpack site.
+ // See https://github.com/Automattic/jetpack/blob/58638f46094b36f5df9cbc4570006544f0ad300c/sal/class.json-api-site-base.php#L387.
+ 'created_at',
);
private $site;
@@ -220,44 +227,44 @@ class WPCOM_JSON_API_GET_Site_Endpoint extends WPCOM_JSON_API_Endpoint {
array_intersect( $default_fields, $this->fields_to_include ) :
$default_fields;
- if ( ! $this->has_blog_access( $this->api->token_details, $blog_id ) ) {
+ $has_blog_access = $this->has_blog_access( $this->api->token_details );
+ $has_user_access = $this->has_user_access();
+
+ if ( ! $has_user_access && ! $has_blog_access ) {
+ // Public access without user or blog auth, only return `$no_member_fields`.
$response_keys = array_intersect( $response_keys, self::$no_member_fields );
+ } elseif ( $has_user_access && ! current_user_can( 'edit_posts' ) ) {
+ // Subscriber level user, don't return site options.
+ $response_keys = array_diff( $response_keys, array( 'options' ) );
}
return $this->render_response_keys( $response_keys );
}
/**
- * Checks that the current user has access to the current blog,
- * and failing that checks that we have a valid blog token.
+ * Checks that the current user has access to the current blog.
*
- * @param $token_details array Details obtained from the authorization token
- * @param $blog_id int The server-side blog id on wordpress.com
+ * @return bool Whether or not the current user can access the current blog.
+ */
+ private function has_user_access() {
+ return is_user_member_of_blog( get_current_user_id(), get_current_blog_id() );
+ }
+
+ /**
+ * Checks if the request has a valid blog token for the current blog.
*
+ * @param array $token_details Access token for the api request.
* @return bool
*/
- private function has_blog_access( $token_details, $blog_id ) {
- $current_blog_id = ( defined( 'IS_WPCOM' ) && IS_WPCOM ) ?
- $blog_id :
- get_current_blog_id();
-
- if ( is_user_member_of_blog( get_current_user_id(), $current_blog_id ) ) {
- return true;
- }
-
+ private function has_blog_access( $token_details ) {
$token_details = (array) $token_details;
if ( ! isset( $token_details['access'], $token_details['auth'], $token_details['blog_id'] ) ) {
return false;
}
- if (
- 'jetpack' === $token_details['auth'] &&
+ return 'jetpack' === $token_details['auth'] &&
'blog' === $token_details['access'] &&
- $current_blog_id === $token_details['blog_id']
- ) {
- return true;
- }
- return false;
+ get_current_blog_id() === $token_details['blog_id'];
}
private function render_response_keys( &$response_keys ) {
@@ -373,16 +380,15 @@ class WPCOM_JSON_API_GET_Site_Endpoint extends WPCOM_JSON_API_Endpoint {
case 'launch_status' :
$response[ $key ] = $this->site->get_launch_status();
break;
+ case 'is_fse_active':
+ $response[ $key ] = $this->site->is_fse_active();
+ break;
}
do_action( 'post_render_site_response_key', $key );
}
protected function render_option_keys( &$options_response_keys ) {
- if ( ! current_user_can( 'edit_posts' ) ) {
- return array();
- }
-
$options = array();
$site = $this->site;
@@ -576,6 +582,9 @@ class WPCOM_JSON_API_GET_Site_Endpoint extends WPCOM_JSON_API_Endpoint {
case 'site_segment':
$options[ $key ] = $site->get_site_segment();
break;
+ case 'import_engine':
+ $options[ $key ] = $site->get_import_engine();
+ break;
}
}
@@ -615,7 +624,7 @@ class WPCOM_JSON_API_GET_Site_Endpoint extends WPCOM_JSON_API_Endpoint {
$response->{ $key } = $value;
}
- if ( $this->has_blog_access( $this->api->token_details, $response->ID ) ) {
+ if ( $this->has_user_access() || $this->has_blog_access( $this->api->token_details ) ) {
$wpcom_member_response = $this->render_response_keys( self::$jetpack_response_field_member_additions );
foreach( $wpcom_member_response as $key => $value ) {