142 lines
4.1 KiB
PHP
142 lines
4.1 KiB
PHP
|
<?php
|
||
|
|
class WPCOM_JSON_API_Update_Invites_Endpoint extends WPCOM_JSON_API_Endpoint {
|
||
|
|
public $blog_id;
|
||
|
|
public $invite_id;
|
||
|
|
public $is_wpcom;
|
||
|
|
public $invite;
|
||
|
|
|
||
|
|
function callback( $path = '', $blog_id = 0, $invite_id = 0 ) {
|
||
|
|
$blog_id = $this->api->switch_to_blog_and_validate_user( $this->api->get_blog_id( $blog_id ) );
|
||
|
|
if ( is_wp_error( $blog_id ) ) {
|
||
|
|
return $blog_id;
|
||
|
|
}
|
||
|
|
|
||
|
|
if ( ! is_multisite() ) {
|
||
|
|
return new WP_Error( 'forbidden', 'To modify invites, site must be on a multisite installation.', 403 );
|
||
|
|
}
|
||
|
|
|
||
|
|
if ( ! current_user_can( 'promote_users' ) ) {
|
||
|
|
return new WP_Error( 'unauthorized', 'Your token must have permission to promote users on this blog.', 401 );
|
||
|
|
}
|
||
|
|
|
||
|
|
$this->blog_id = $blog_id;
|
||
|
|
$this->invite_id = $invite_id;
|
||
|
|
$this->is_wpcom = defined( 'IS_WPCOM' ) && IS_WPCOM;
|
||
|
|
|
||
|
|
$invite = $this->get_invite();
|
||
|
|
if ( false === $invite ) {
|
||
|
|
return new WP_Error( 'unknown_invite', 'Requested invite was not found.', 404 );
|
||
|
|
}
|
||
|
|
|
||
|
|
$this->invite = $invite;
|
||
|
|
|
||
|
|
$returnValue = false;
|
||
|
|
if ( $this->api->ends_with( $this->path, '/delete' ) ) {
|
||
|
|
$returnValue = array(
|
||
|
|
'invite_key' => $invite_id,
|
||
|
|
'deleted' => $this->delete_invite(),
|
||
|
|
);
|
||
|
|
} else {
|
||
|
|
$returnValue = array(
|
||
|
|
'result' => $this->is_wpcom ? $this->resend_wpcom_invite() : $this->resend_self_hosted_invite()
|
||
|
|
);
|
||
|
|
}
|
||
|
|
|
||
|
|
return $returnValue;
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Returns an invite if found or false if not found.
|
||
|
|
*
|
||
|
|
* @return bool|object
|
||
|
|
*/
|
||
|
|
function get_invite() {
|
||
|
|
global $wpdb, $wpcom_invite_users;
|
||
|
|
|
||
|
|
$invite = false;
|
||
|
|
if ( $this->is_wpcom ) {
|
||
|
|
$invite = $wpcom_invite_users->get_invitation( $this->invite_id );
|
||
|
|
} else {
|
||
|
|
$query = $wpdb->prepare( "SELECT * FROM $wpdb->options WHERE option_name = %s LIMIT 1", $this->invite_id );
|
||
|
|
$invite = $wpdb->get_results( $query );
|
||
|
|
|
||
|
|
$invite = empty( $invite ) ? false : $invite;
|
||
|
|
}
|
||
|
|
|
||
|
|
return $invite;
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Deletes an invitation.
|
||
|
|
*
|
||
|
|
* @return bool Whether the invite was deleted successfully.
|
||
|
|
*/
|
||
|
|
function delete_invite() {
|
||
|
|
global $wpdb, $wpcom_invite_users;
|
||
|
|
|
||
|
|
if ( $this->is_wpcom ) {
|
||
|
|
return (bool) $wpcom_invite_users->delete_invitation( $this->invite_id );
|
||
|
|
} else {
|
||
|
|
$query = $wpdb->prepare( "DELETE FROM $wpdb->options WHERE option_name = %s", $this->invite_id );
|
||
|
|
return 0 < $wpdb->query( $query );
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Sends an invitation email to a user to join a self-hosted site.
|
||
|
|
*
|
||
|
|
* This method duplicates the invitation email functionality that is present
|
||
|
|
* in wp-admin/user-new.php. Ideally, we should factor out the functionality
|
||
|
|
* in wp-admin/user-new.php that actually invites a user and sends the invite
|
||
|
|
* from the data validation checks that expect $_POST and $_REQUEST.
|
||
|
|
*
|
||
|
|
* @return bool Whether the email was sent successfully.
|
||
|
|
*/
|
||
|
|
function resend_self_hosted_invite() {
|
||
|
|
$invite = (array) unserialize( $this->invite[0]->option_value );
|
||
|
|
$roles = get_editable_roles();
|
||
|
|
$role = $roles[ $invite['role'] ];
|
||
|
|
$newuser_key = str_replace( 'new_user_', '', $this->invite_id );
|
||
|
|
|
||
|
|
/* translators: 1: Site title 2: Site URL 3: Role name 4: URL to accept invitation */
|
||
|
|
$message = __( 'Hi,
|
||
|
|
|
||
|
|
You\'ve been invited to join \'%1$s\' at
|
||
|
|
%2$s with the role of %3$s.
|
||
|
|
|
||
|
|
Please click the following link to confirm the invite:
|
||
|
|
%4$s', 'jetpack' );
|
||
|
|
|
||
|
|
return wp_mail(
|
||
|
|
$invite['email'],
|
||
|
|
sprintf( __( '[%s] Joining confirmation', 'jetpack' ), wp_specialchars_decode( get_option( 'blogname' ) ) ),
|
||
|
|
sprintf(
|
||
|
|
$message,
|
||
|
|
get_option( 'blogname' ),
|
||
|
|
home_url(),
|
||
|
|
wp_specialchars_decode( translate_user_role( $role['name'] ) ),
|
||
|
|
home_url( "/newbloguser/$newuser_key/" )
|
||
|
|
)
|
||
|
|
);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Sends an invitation email to a user to join a WordPress.com site.
|
||
|
|
*
|
||
|
|
* @return bool Whether the invitation was sent successfully.
|
||
|
|
*/
|
||
|
|
function resend_wpcom_invite() {
|
||
|
|
global $wpcom_invite_users;
|
||
|
|
|
||
|
|
$wpcom_invite_users->update_invitation( $this->invite->invite_slug, array( 'invite_date' => gmdate( 'Y-m-d H:i:s' ) ) );
|
||
|
|
|
||
|
|
if ( 'follower' == $this->invite->meta['role'] && ! is_private_blog() ) {
|
||
|
|
$wpcom_invite_users->invite_followers( $this->invite->meta['sent_to'] );
|
||
|
|
} else {
|
||
|
|
$wpcom_invite_users->send_invitation( $this->invite->invite_slug );
|
||
|
|
}
|
||
|
|
|
||
|
|
return true;
|
||
|
|
}
|
||
|
|
}
|