Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: missing args for several endpoints in the Stores API endpoints #2442

Open
wants to merge 5 commits into
base: develop
Choose a base branch
from
Open
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
111 changes: 111 additions & 0 deletions includes/REST/StoreController.php
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,99 @@
'methods' => WP_REST_Server::CREATABLE,
'callback' => [ $this, 'create_store' ],
'permission_callback' => [ $this, 'permission_check_for_manageable_part' ],
'args' => [
'user_login' => [
'required' => false,
'type' => 'string',
'description' => __( 'The username for the store owner. If not provided, it will be auto-generated.', 'dokan-lite' ),
],
Comment on lines +56 to +60
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add validation constraints for user_login field.

The user_login field should include validation to ensure it meets WordPress username requirements.

Apply this diff:

                        'user_login' => [
                            'required'    => false,
                            'type'        => 'string',
                            'description' => __( 'The username for the store owner. If not provided, it will be auto-generated.', 'dokan-lite' ),
+                            'pattern'     => '^[a-zA-Z0-9_]{3,}$',
+                            'minLength'   => 3,
+                            'maxLength'   => 60,
                        ],
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
'user_login' => [
'required' => false,
'type' => 'string',
'description' => __( 'The username for the store owner. If not provided, it will be auto-generated.', 'dokan-lite' ),
],
'user_login' => [
'required' => false,
'type' => 'string',
'description' => __( 'The username for the store owner. If not provided, it will be auto-generated.', 'dokan-lite' ),
'pattern' => '^[a-zA-Z0-9_]{3,}$',
'minLength' => 3,
'maxLength' => 60,
],

'email' => [
'required' => true,
'type' => 'string',
'format' => 'email',
'description' => __( 'The email address for the store owner.', 'dokan-lite' ),
],
'store_name' => [
'required' => true,
'type' => 'string',
'description' => __( 'The name of the store.', 'dokan-lite' ),
],
Comment on lines +67 to +71
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add validation constraints for store_name field

The store_name field should include length and character constraints to ensure valid store names.

         'store_name' => [
             'required'    => true,
             'type'        => 'string',
             'description' => __( 'The name of the store.', 'dokan-lite' ),
+            'minLength'   => 1,
+            'maxLength'   => 100,
+            'pattern'     => '^[a-zA-Z0-9\s\-\_\.]+$'
         ],
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
'store_name' => [
'required' => true,
'type' => 'string',
'description' => __( 'The name of the store.', 'dokan-lite' ),
],
'store_name' => [
'required' => true,
'type' => 'string',
'description' => __( 'The name of the store.', 'dokan-lite' ),
'minLength' => 1,
'maxLength' => 100,
'pattern' => '^[a-zA-Z0-9\s\-\_\.]+$'
],

'social' => [
'required' => false,
'type' => 'array',
'description' => __( 'An array of social media details for the store.', 'dokan-lite' ),
],
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add validation for social and payment array structures

The social and payment arrays lack structure validation. Consider adding properties schema to ensure data consistency.

Add validation by extending the schema:

         'social' => [
             'required'    => false,
             'type'        => 'array',
             'description' => __( 'An array of social media details for the store.', 'dokan-lite' ),
+            'items'       => [
+                'type'       => 'object',
+                'properties' => [
+                    'network'  => [
+                        'type'        => 'string',
+                        'description' => __( 'Social network name', 'dokan-lite' ),
+                        'enum'        => ['facebook', 'twitter', 'instagram', 'youtube']
+                    ],
+                    'url'      => [
+                        'type'        => 'string',
+                        'format'      => 'uri',
+                        'description' => __( 'Social profile URL', 'dokan-lite' )
+                    ]
+                ]
+            ]
         ],
         'payment' => [
             'required'    => false,
             'type'        => 'array',
             'description' => __( 'Payment details for the store. E.g., PayPal or bank details.', 'dokan-lite' ),
+            'items'       => [
+                'type'       => 'object',
+                'properties' => [
+                    'method'  => [
+                        'type'        => 'string',
+                        'description' => __( 'Payment method', 'dokan-lite' ),
+                        'enum'        => ['paypal', 'bank']
+                    ],
+                    'details' => [
+                        'type'        => 'object',
+                        'description' => __( 'Payment method details', 'dokan-lite' )
+                    ]
+                ]
+            ]
         ],

Also applies to: 77-81

'payment' => [
'required' => false,
'type' => 'array',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pls define the array type properly to enforce the format of each item in the array. Pls see https://developer.wordpress.org/rest-api/extending-the-rest-api/schema/#arrays

'description' => __( 'Payment details for the store. E.g., PayPal or bank details.', 'dokan-lite' ),
],
'phone' => [
'required' => false,
'type' => 'string',
'description' => __( 'The contact phone number for the store.', 'dokan-lite' ),
],
Comment on lines +99 to +103
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add phone number format validation

The phone field should include format validation to ensure valid phone numbers are provided.

Add format validation:

         'phone' => [
             'required'    => false,
             'type'        => 'string',
             'description' => __( 'The contact phone number for the store.', 'dokan-lite' ),
+            'pattern'     => '^\+?[1-9]\d{1,14}$',
+            'minLength'   => 10,
+            'maxLength'   => 15
         ],
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
'phone' => [
'required' => false,
'type' => 'string',
'description' => __( 'The contact phone number for the store.', 'dokan-lite' ),
],
'phone' => [
'required' => false,
'type' => 'string',
'description' => __( 'The contact phone number for the store.', 'dokan-lite' ),
'pattern' => '^\+?[1-9]\d{1,14}$',
'minLength' => 10,
'maxLength' => 15
],

'show_email' => [
'required' => false,
'type' => 'string', // Updated from boolean
'description' => __( 'Whether to show the store email publicly.', 'dokan-lite' ),
],
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix type inconsistency for boolean fields

The following fields are marked as string type but should be boolean since they represent true/false values:

  • show_email
  • enable_tnc
  • show_min_order_discount

Apply this diff to fix the type declarations:

-            'type'        => 'string', // Updated from boolean
+            'type'        => 'boolean',
             'description' => __( 'Whether to show the store email publicly.', 'dokan-lite' ),

-            'type'        => 'string', // Updated from boolean
+            'type'        => 'boolean',
             'description' => __( 'Enable Terms and Conditions for the store.', 'dokan-lite' ),

-            'type'        => 'string', // Updated from boolean
+            'type'        => 'boolean',
             'description' => __( 'Whether to show minimum order discount information.', 'dokan-lite' ),

Also applies to: 117-121, 127-131

'address' => [
'required' => false,
'type' => 'array',
'description' => __( 'Address details of the store.', 'dokan-lite' ),
],
'location' => [ // Newly added
'required' => false,
'type' => 'string',
'description' => __( 'Geographical location of the store.', 'dokan-lite' ),
],
'banner_id' => [
'required' => false,
'type' => 'integer',
'description' => __( 'ID of the banner image for the store.', 'dokan-lite' ),
],
'icon' => [
'required' => false,
'type' => 'string',
'description' => __( 'URL of the icon image for the store.', 'dokan-lite' ),
],
'gravatar_id' => [
'required' => false,
'type' => 'integer',
'description' => __( 'ID of the gravatar image for the store.', 'dokan-lite' ),
],
'enable_tnc' => [
'required' => false,
'type' => 'string', // Updated from boolean
'description' => __( 'Enable Terms and Conditions for the store.', 'dokan-lite' ),
],
'store_tnc' => [
'required' => false,
'type' => 'string',
'description' => __( 'Terms and Conditions text for the store.', 'dokan-lite' ),
],
'show_min_order_discount' => [
'required' => false,
'type' => 'string', // Updated from boolean
'description' => __( 'Whether to show minimum order discount information.', 'dokan-lite' ),
],
'store_seo' => [
'required' => false,
'type' => 'array',
'description' => __( 'SEO metadata for the store.', 'dokan-lite' ),
],
'store_open_close' => [
'required' => false,
'type' => 'array',
'description' => __( 'Opening and closing times for the store.', 'dokan-lite' ),
],
'notify_vendor' => [
'required' => false,
'type' => 'boolean',
'description' => __( 'Whether to notify the vendor after creation.', 'dokan-lite' ),
],
],
],
]
);
Expand Down Expand Up @@ -131,6 +224,24 @@
'methods' => WP_REST_Server::READABLE,
'callback' => [ $this, 'check_store_availability' ],
'permission_callback' => '__return_true',
'args' => [
'store_slug' => [
'required' => false,
'type' => 'string',
'description' => __( 'Slug of the store to check availability.', 'dokan-lite' ),
],
'username' => [
'required' => false,
'type' => 'string',
'description' => __( 'Username to check availability.', 'dokan-lite' ),
],
Comment on lines +262 to +271
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add pattern validation for store_slug and username

The store_slug and username fields should include pattern validation to ensure they meet WordPress naming conventions.

Add pattern validation:

         'store_slug' => [
             'required' => false,
             'type' => 'string',
             'description' => __( 'Slug of the store to check availability.', 'dokan-lite' ),
+            'pattern' => '^[a-zA-Z0-9-_]+$',
+            'minLength' => 3,
+            'maxLength' => 50
         ],
         'username' => [
             'required' => false,
             'type' => 'string',
             'description' => __( 'Username to check availability.', 'dokan-lite' ),
+            'pattern' => '^[a-zA-Z0-9-_]+$',
+            'minLength' => 3,
+            'maxLength' => 50
         ],
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
'store_slug' => [
'required' => false,
'type' => 'string',
'description' => __( 'Slug of the store to check availability.', 'dokan-lite' ),
],
'username' => [
'required' => false,
'type' => 'string',
'description' => __( 'Username to check availability.', 'dokan-lite' ),
],
'store_slug' => [
'required' => false,
'type' => 'string',
'description' => __( 'Slug of the store to check availability.', 'dokan-lite' ),
'pattern' => '^[a-zA-Z0-9-_]+$',
'minLength' => 3,
'maxLength' => 50
],
'username' => [
'required' => false,
'type' => 'string',
'description' => __( 'Username to check availability.', 'dokan-lite' ),
'pattern' => '^[a-zA-Z0-9-_]+$',
'minLength' => 3,
'maxLength' => 50
],

'email' => [
'required' => false,
'type' => 'string',
'description' => __( 'Email address to check availability.', 'dokan-lite' ),
'format' => 'email',
],
],
],
]
);
Expand Down Expand Up @@ -438,7 +549,7 @@
*
* @return array Links for the given post.
*/
protected function prepare_links( $object, $request ) {

Check warning on line 552 in includes/REST/StoreController.php

View workflow job for this annotation

GitHub Actions / Run PHPCS inspection

It is recommended not to use reserved keyword "object" as function parameter name. Found: $object
$links = [
'self' => [
'href' => rest_url( sprintf( '/%s/%s/%d', $this->namespace, $this->base, $object['id'] ) ),
Expand Down
Loading