Cavemanon/piratepoet
8
Fork 0
Code Pull Requests Actions Releases 16 Activity

Merge pull request #1041 from mailpoet/access_control

Browse Source 
Allows granular control of access to various parts of the plugin [MAILPOET-1057] [MAILPOET-1048]
This commit is contained in:
Tautvidas Sipavičius
2017-08-28 16:48:47 +03:00
committed by GitHub
parent 96f77498f7 26bccd95d4
commit e580e6b92b
41 changed files with 890 additions and 323 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/API/JSON/v1/AutomatedLatestContent.php
View File

@@ -1,12 +1,18 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\Config\AccessControl;
use MailPoet\WP\Posts as WPPosts;
if(!defined('ABSPATH')) exit;
class AutomatedLatestContent extends APIEndpoint {
public $ALC;
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_EMAILS
);
function __construct() {
$this->ALC = new \MailPoet\Newsletter\AutomatedLatestContent();

7
lib/API/JSON/v1/CustomFields.php
View File

@@ -1,12 +1,19 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\Config\AccessControl;
use MailPoet\Models\CustomField;
if(!defined('ABSPATH')) exit;
class CustomFields extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_FORMS
);
function getAll() {
$collection = CustomField::orderByAsc('created_at')->findMany();
$custom_fields = array_map(function($custom_field) {

14
lib/API/JSON/v1/Forms.php
View File

@@ -1,17 +1,23 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\Config\AccessControl;
use MailPoet\Form\Renderer as FormRenderer;
use MailPoet\Form\Util;
use MailPoet\Listing;
use MailPoet\Models\Form;
use MailPoet\Models\StatisticsForms;
use MailPoet\Form\Renderer as FormRenderer;
use MailPoet\Listing;
use MailPoet\Form\Util;
if(!defined('ABSPATH')) exit;
class Forms extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_FORMS
);
function get($data = array()) {
$id = (isset($data['id']) ? (int)$data['id'] : false);
$form = Form::findOne($id);

12
lib/API/JSON/v1/ImportExport.php
View File

@@ -1,13 +1,19 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\Subscribers\ImportExport\Import\MailChimp;
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\Config\AccessControl;
use MailPoet\Models\Segment;
use MailPoet\Subscribers\ImportExport\Import\MailChimp;
if(!defined('ABSPATH')) exit;
class ImportExport extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_SUBSCRIBERS
);
function getMailChimpLists($data) {
try {
$mailChimp = new MailChimp($data['api_key']);

22
lib/API/JSON/v1/MP2Migrator.php
View File

@@ -1,18 +1,24 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\Config\AccessControl;
if(!defined('ABSPATH')) exit;
class MP2Migrator extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_SETTINGS
);
public function __construct() {
$this->MP2Migrator = new \MailPoet\Config\MP2Migrator();
}
/**
* Import end point
*
*
* @param object $data
* @return object
*/
@@ -26,10 +32,10 @@ class MP2Migrator extends APIEndpoint {
));
}
}
/**
* Stop import end point
*
*
* @param object $data
* @return object
*/
@@ -43,10 +49,10 @@ class MP2Migrator extends APIEndpoint {
));
}
}
/**
* Skip import end point
*
*
* @param object $data
* @return object
*/
@@ -60,5 +66,5 @@ class MP2Migrator extends APIEndpoint {
));
}
}
}

7
lib/API/JSON/v1/Mailer.php
View File

@@ -1,12 +1,19 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\Config\AccessControl;
use MailPoet\Mailer\MailerLog;
if(!defined('ABSPATH')) exit;
class Mailer extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_EMAILS
);
function send($data = array()) {
try {
$mailer = new \MailPoet\Mailer\Mailer(

8
lib/API/JSON/v1/NewsletterTemplates.php
View File

@@ -1,13 +1,19 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\Config\AccessControl;
use MailPoet\Models\NewsletterTemplate;
if(!defined('ABSPATH')) exit;
class NewsletterTemplates extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_EMAILS
);
function get($data = array()) {
$id = (isset($data['id']) ? (int)$data['id'] : false);
$template = NewsletterTemplate::findOne($id);

16
lib/API/JSON/v1/Newsletters.php
View File

@@ -1,17 +1,19 @@
<?php
namespace MailPoet\API\JSON\v1;
use Carbon\Carbon;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\Config\AccessControl;
use MailPoet\Listing;
use MailPoet\Models\Newsletter;
use MailPoet\Models\NewsletterOption;
use MailPoet\Models\NewsletterOptionField;
use MailPoet\Models\NewsletterSegment;
use MailPoet\Models\NewsletterTemplate;
use MailPoet\Models\SendingQueue;
use MailPoet\Models\Setting;
use MailPoet\Models\Newsletter;
use MailPoet\Models\NewsletterTemplate;
use MailPoet\Models\NewsletterSegment;
use MailPoet\Models\NewsletterOptionField;
use MailPoet\Models\NewsletterOption;
use MailPoet\Models\Subscriber;
use MailPoet\Newsletter\Renderer\Renderer;
use MailPoet\Newsletter\Scheduler\Scheduler;
@@ -23,6 +25,10 @@ if(!defined('ABSPATH')) exit;
require_once(ABSPATH . 'wp-includes/pluggable.php');
class Newsletters extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_EMAILS
);
function get($data = array()) {
$id = (isset($data['id']) ? (int)$data['id'] : false);
$newsletter = Newsletter::findOne($id);

10
lib/API/JSON/v1/Segments.php
View File

@@ -1,15 +1,21 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\Models\Segment;
use MailPoet\Config\AccessControl;
use MailPoet\Listing;
use MailPoet\Models\Segment;
use MailPoet\Segments\WP;
if(!defined('ABSPATH')) exit;
class Segments extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_SEGMENTS
);
function get($data = array()) {
$id = (isset($data['id']) ? (int)$data['id'] : false);
$segment = Segment::findOne($id);

10
lib/API/JSON/v1/SendingQueue.php
View File

@@ -1,18 +1,24 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\Config\AccessControl;
use MailPoet\Mailer\Mailer;
use MailPoet\Models\Newsletter;
use MailPoet\Models\SendingQueue as SendingQueueModel;
use MailPoet\Models\Subscriber;
use MailPoet\Newsletter\Scheduler\Scheduler;
use MailPoet\Models\SendingQueue as SendingQueueModel;
use MailPoet\Util\Helpers;
if(!defined('ABSPATH')) exit;
class SendingQueue extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_EMAILS
);
function add($data = array()) {
$newsletter_id = (isset($data['newsletter_id'])
? (int)$data['newsletter_id']

6
lib/API/JSON/v1/Services.php
View File

@@ -1,11 +1,12 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\Config\AccessControl;
use MailPoet\Config\Installer;
use MailPoet\Services\Bridge;
use MailPoet\Util\License\License;
use MailPoet\WP\DateTime;
if(!defined('ABSPATH')) exit;
@@ -13,6 +14,9 @@ if(!defined('ABSPATH')) exit;
class Services extends APIEndpoint {
public $bridge;
public $date_time;
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_SETTINGS
);
function __construct() {
$this->bridge = new Bridge();

15
lib/API/JSON/v1/Settings.php
View File

@@ -1,24 +1,31 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\Config\AccessControl;
use MailPoet\Models\Setting;
use MailPoet\Services\Bridge;
if(!defined('ABSPATH')) exit;
class Settings extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_SETTINGS
);
function get() {
return $this->successResponse(Setting::getAll());
}
function set($settings = array()) {
if(empty($settings)) {
return $this->badRequest(array(
APIError::BAD_REQUEST =>
__('You have not specified any settings to be saved.', 'mailpoet')
));
return $this->badRequest(
array(
APIError::BAD_REQUEST =>
__('You have not specified any settings to be saved.', 'mailpoet')
));
} else {
foreach($settings as $name => $value) {
Setting::setValue($name, $value);

6
lib/API/JSON/v1/Setup.php
View File

@@ -1,13 +1,19 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\Config\AccessControl;
use MailPoet\Config\Activator;
use MailPoet\WP\Hooks;
if(!defined('ABSPATH')) exit;
class Setup extends APIEndpoint {
public $permissions = array(
'global' => AccessControl::PERMISSION_MANAGE_SETTINGS
);
function reset() {
try {
$activator = new Activator();

13
lib/API/JSON/v1/Subscribers.php
View File

@@ -1,21 +1,22 @@
<?php
namespace MailPoet\API\JSON\v1;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\API\JSON\Access as APIAccess;
use MailPoet\Form\Util\FieldNameObfuscator;
use MailPoet\Config\AccessControl;
use MailPoet\Listing;
use MailPoet\Models\Subscriber;
use MailPoet\Form\Util\FieldNameObfuscator;
use MailPoet\Models\Form;
use MailPoet\Models\StatisticsForms;
use MailPoet\Models\Subscriber;
if(!defined('ABSPATH')) exit;
class Subscribers extends APIEndpoint {
public $permissions = array(
'subscribe' => APIAccess::ALL
'global' => AccessControl::PERMISSION_MANAGE_SUBSCRIBERS,
'methods' => array('subscribe' => AccessControl::NO_ACCESS_RESTRICTION)
);
function get($data = array()) {