Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: missing args for several endpoints in the Stores API endpoints #2442

Open
wants to merge 3 commits into
base: develop
Choose a base branch
from
Open

fix: missing args for several endpoints in the Stores API endpoints #2442

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
dcb6134
fix: args for /dokan/v1/stores/check
pronob1010 Nov 19, 2024
15e49f4
feat : /dokan/v1/stores :POST args added
pronob1010 Nov 25, 2024
2f8552c
feat: args added to /dokan/v1/stores/batch(POST, PUT,PATCH)
pronob1010 Nov 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
137 changes: 137 additions & 0 deletions includes/REST/StoreController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,99 @@
'methods' => WP_REST_Server::CREATABLE,
'callback' => [ $this, 'create_store' ],
'permission_callback' => [ $this, 'permission_check_for_manageable_part' ],
'args' => [
'user_login' => [
'required' => false,
'type' => 'string',
'description' => __( 'The username for the store owner. If not provided, it will be auto-generated.', 'dokan-lite' ),
],
'email' => [
'required' => true,
'type' => 'string',
'format' => 'email',
'description' => __( 'The email address for the store owner.', 'dokan-lite' ),
],
'store_name' => [
'required' => true,
'type' => 'string',
'description' => __( 'The name of the store.', 'dokan-lite' ),
],
Comment on lines +67 to +71
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add validation constraints for store_name field

The store_name field should include length and character constraints to ensure valid store names.

         'store_name' => [
             'required'    => true,
             'type'        => 'string',
             'description' => __( 'The name of the store.', 'dokan-lite' ),
+            'minLength'   => 1,
+            'maxLength'   => 100,
+            'pattern'     => '^[a-zA-Z0-9\s\-\_\.]+$'
         ],
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
'store_name' => [
'required' => true,
'type' => 'string',
'description' => __( 'The name of the store.', 'dokan-lite' ),
],
'store_name' => [
'required' => true,
'type' => 'string',
'description' => __( 'The name of the store.', 'dokan-lite' ),
'minLength' => 1,
'maxLength' => 100,
'pattern' => '^[a-zA-Z0-9\s\-\_\.]+$'
],

'social' => [
'required' => false,
'type' => 'array',
'description' => __( 'An array of social media details for the store.', 'dokan-lite' ),
],
Comment on lines +72 to +76
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add validation for social and payment array structures

The social and payment arrays lack structure validation. Consider adding properties schema to ensure data consistency.

Add validation by extending the schema:

         'social' => [
             'required'    => false,
             'type'        => 'array',
             'description' => __( 'An array of social media details for the store.', 'dokan-lite' ),
+            'items'       => [
+                'type'       => 'object',
+                'properties' => [
+                    'network'  => [
+                        'type'        => 'string',
+                        'description' => __( 'Social network name', 'dokan-lite' ),
+                        'enum'        => ['facebook', 'twitter', 'instagram', 'youtube']
+                    ],
+                    'url'      => [
+                        'type'        => 'string',
+                        'format'      => 'uri',
+                        'description' => __( 'Social profile URL', 'dokan-lite' )
+                    ]
+                ]
+            ]
         ],
         'payment' => [
             'required'    => false,
             'type'        => 'array',
             'description' => __( 'Payment details for the store. E.g., PayPal or bank details.', 'dokan-lite' ),
+            'items'       => [
+                'type'       => 'object',
+                'properties' => [
+                    'method'  => [
+                        'type'        => 'string',
+                        'description' => __( 'Payment method', 'dokan-lite' ),
+                        'enum'        => ['paypal', 'bank']
+                    ],
+                    'details' => [
+                        'type'        => 'object',
+                        'description' => __( 'Payment method details', 'dokan-lite' )
+                    ]
+                ]
+            ]
         ],

Also applies to: 77-81

'payment' => [
'required' => false,
'type' => 'array',
'description' => __( 'Payment details for the store. E.g., PayPal or bank details.', 'dokan-lite' ),
],
'phone' => [
'required' => false,
'type' => 'string',
'description' => __( 'The contact phone number for the store.', 'dokan-lite' ),
],
Comment on lines +82 to +86
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add phone number format validation

The phone field should include format validation to ensure valid phone numbers are provided.

Add format validation:

         'phone' => [
             'required'    => false,
             'type'        => 'string',
             'description' => __( 'The contact phone number for the store.', 'dokan-lite' ),
+            'pattern'     => '^\+?[1-9]\d{1,14}$',
+            'minLength'   => 10,
+            'maxLength'   => 15
         ],
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
'phone' => [
'required' => false,
'type' => 'string',
'description' => __( 'The contact phone number for the store.', 'dokan-lite' ),
],
'phone' => [
'required' => false,
'type' => 'string',
'description' => __( 'The contact phone number for the store.', 'dokan-lite' ),
'pattern' => '^\+?[1-9]\d{1,14}$',
'minLength' => 10,
'maxLength' => 15
],

'show_email' => [
'required' => false,
'type' => 'string',
'description' => __( 'Whether to show the store email publicly.', 'dokan-lite' ),
],
'address' => [
'required' => false,
'type' => 'array',
'description' => __( 'Address details of the store.', 'dokan-lite' ),
],
'location' => [
'required' => false,
'type' => 'string',
'description' => __( 'Geographical location of the store.', 'dokan-lite' ),
],
'banner_id' => [
'required' => false,
'type' => 'integer',
'description' => __( 'ID of the banner image for the store.', 'dokan-lite' ),
],
'icon' => [
'required' => false,
'type' => 'string',
'description' => __( 'URL of the icon image for the store.', 'dokan-lite' ),
],
'gravatar_id' => [
'required' => false,
'type' => 'integer',
'description' => __( 'ID of the gravatar image for the store.', 'dokan-lite' ),
],
'enable_tnc' => [
'required' => false,
'type' => 'string',
'description' => __( 'Enable Terms and Conditions for the store.', 'dokan-lite' ),
],
'store_tnc' => [
'required' => false,
'type' => 'string',
'description' => __( 'Terms and Conditions text for the store.', 'dokan-lite' ),
],
'show_min_order_discount' => [
'required' => false,
'type' => 'string',
'description' => __( 'Whether to show minimum order discount information.', 'dokan-lite' ),
],
'store_seo' => [
'required' => false,
'type' => 'array',
'description' => __( 'SEO metadata for the store.', 'dokan-lite' ),
],
'store_open_close' => [
'required' => false,
'type' => 'array',
'description' => __( 'Opening and closing times for the store.', 'dokan-lite' ),
],
'notify_vendor' => [
'required' => false,
'type' => 'boolean',
'description' => __( 'Whether to notify the vendor after creation.', 'dokan-lite' ),
],
],
],
]
);
Expand Down Expand Up @@ -131,6 +224,24 @@
'methods' => WP_REST_Server::READABLE,
'callback' => [ $this, 'check_store_availability' ],
'permission_callback' => '__return_true',
'args' => [
'store_slug' => [
'required' => false,
'type' => 'string',
'description' => __( 'Slug of the store to check availability.', 'dokan-lite' ),
],
'username' => [
'required' => false,
'type' => 'string',
'description' => __( 'Username to check availability.', 'dokan-lite' ),
],
Comment on lines +228 to +237
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add pattern validation for store_slug and username

The store_slug and username fields should include pattern validation to ensure they meet WordPress naming conventions.

Add pattern validation:

         'store_slug' => [
             'required' => false,
             'type' => 'string',
             'description' => __( 'Slug of the store to check availability.', 'dokan-lite' ),
+            'pattern' => '^[a-zA-Z0-9-_]+$',
+            'minLength' => 3,
+            'maxLength' => 50
         ],
         'username' => [
             'required' => false,
             'type' => 'string',
             'description' => __( 'Username to check availability.', 'dokan-lite' ),
+            'pattern' => '^[a-zA-Z0-9-_]+$',
+            'minLength' => 3,
+            'maxLength' => 50
         ],
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
'store_slug' => [
'required' => false,
'type' => 'string',
'description' => __( 'Slug of the store to check availability.', 'dokan-lite' ),
],
'username' => [
'required' => false,
'type' => 'string',
'description' => __( 'Username to check availability.', 'dokan-lite' ),
],
'store_slug' => [
'required' => false,
'type' => 'string',
'description' => __( 'Slug of the store to check availability.', 'dokan-lite' ),
'pattern' => '^[a-zA-Z0-9-_]+$',
'minLength' => 3,
'maxLength' => 50
],
'username' => [
'required' => false,
'type' => 'string',
'description' => __( 'Username to check availability.', 'dokan-lite' ),
'pattern' => '^[a-zA-Z0-9-_]+$',
'minLength' => 3,
'maxLength' => 50
],

'email' => [
'required' => false,
'type' => 'string',
'description' => __( 'Email address to check availability.', 'dokan-lite' ),
'format' => 'email',
],
],
],
]
);
Expand Down Expand Up @@ -197,6 +308,32 @@
'methods' => WP_REST_Server::EDITABLE,
'callback' => [ $this, 'batch_update' ],
'permission_callback' => [ $this, 'permission_check_for_manageable_part' ],
'args' => [
'approved' => [
'type' => 'array',
'required' => false,
'items' => [
'type' => 'integer',
],
'description' => __( 'List of vendor IDs to approve.', 'dokan-lite' ),
],
'pending' => [
'type' => 'array',
'required' => false,
'items' => [
'type' => 'integer',
],
'description' => __( 'List of vendor IDs to set as pending.', 'dokan-lite' ),
],
'delete' => [
'type' => 'array',
'required' => false,
'items' => [
'type' => 'integer',
],
'description' => __( 'List of vendor IDs to delete.', 'dokan-lite' ),
],
],
Comment on lines +311 to +336
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add size limits for batch operations

The batch operation arrays should have size limits to prevent performance issues with large batches.

         'args'                => [
             'approved' => [
                 'type'        => 'array',
                 'required'    => false,
                 'items'       => [
                     'type' => 'integer',
                 ],
                 'description' => __( 'List of vendor IDs to approve.', 'dokan-lite' ),
+                'maxItems'    => 100,
             ],
             'pending'  => [
                 'type'        => 'array',
                 'required'    => false,
                 'items'       => [
                     'type' => 'integer',
                 ],
                 'description' => __( 'List of vendor IDs to set as pending.', 'dokan-lite' ),
+                'maxItems'    => 100,
             ],
             'delete'   => [
                 'type'        => 'array',
                 'required'    => false,
                 'items'       => [
                     'type' => 'integer',
                 ],
                 'description' => __( 'List of vendor IDs to delete.', 'dokan-lite' ),
+                'maxItems'    => 100,
             ],
         ],
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
'args' => [
'approved' => [
'type' => 'array',
'required' => false,
'items' => [
'type' => 'integer',
],
'description' => __( 'List of vendor IDs to approve.', 'dokan-lite' ),
],
'pending' => [
'type' => 'array',
'required' => false,
'items' => [
'type' => 'integer',
],
'description' => __( 'List of vendor IDs to set as pending.', 'dokan-lite' ),
],
'delete' => [
'type' => 'array',
'required' => false,
'items' => [
'type' => 'integer',
],
'description' => __( 'List of vendor IDs to delete.', 'dokan-lite' ),
],
],
'args' => [
'approved' => [
'type' => 'array',
'required' => false,
'items' => [
'type' => 'integer',
],
'description' => __( 'List of vendor IDs to approve.', 'dokan-lite' ),
'maxItems' => 100,
],
'pending' => [
'type' => 'array',
'required' => false,
'items' => [
'type' => 'integer',
],
'description' => __( 'List of vendor IDs to set as pending.', 'dokan-lite' ),
'maxItems' => 100,
],
'delete' => [
'type' => 'array',
'required' => false,
'items' => [
'type' => 'integer',
],
'description' => __( 'List of vendor IDs to delete.', 'dokan-lite' ),
'maxItems' => 100,
],
],

],
]
);
Expand Down Expand Up @@ -438,7 +575,7 @@
*
* @return array Links for the given post.
*/
protected function prepare_links( $object, $request ) {

Check warning on line 578 in includes/REST/StoreController.php

View workflow job for this annotation

GitHub Actions / Run PHPCS inspection 

It is recommended not to use reserved keyword "object" as function parameter name. Found: $object
$links = [
'self' => [
'href' => rest_url( sprintf( '/%s/%s/%d', $this->namespace, $this->base, $object['id'] ) ),
Expand Down
Loading