updated plugin Jetpack Protect version 4.0.0
This commit is contained in:
Gitium
@ -6,7 +6,7 @@
|
||||
*/
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
exit( 0 );
|
||||
}
|
||||
|
||||
use Automattic\Jetpack\Admin_UI\Admin_Menu;
|
||||
@ -19,10 +19,12 @@ use Automattic\Jetpack\Modules;
|
||||
use Automattic\Jetpack\My_Jetpack\Initializer as My_Jetpack_Initializer;
|
||||
use Automattic\Jetpack\My_Jetpack\Products as My_Jetpack_Products;
|
||||
use Automattic\Jetpack\Plugins_Installer;
|
||||
use Automattic\Jetpack\Protect\Credentials;
|
||||
use Automattic\Jetpack\Protect\Onboarding;
|
||||
use Automattic\Jetpack\Protect\REST_Controller;
|
||||
use Automattic\Jetpack\Protect\Scan_History;
|
||||
use Automattic\Jetpack\Protect\Site_Health;
|
||||
use Automattic\Jetpack\Protect\Threats;
|
||||
use Automattic\Jetpack\Protect_Status\Plan;
|
||||
use Automattic\Jetpack\Protect_Status\Protect_Status;
|
||||
use Automattic\Jetpack\Protect_Status\Scan_Status;
|
||||
@ -38,11 +40,6 @@ use Automattic\Jetpack\Waf\Waf_Stats;
|
||||
*/
|
||||
class Jetpack_Protect {
|
||||
|
||||
/**
|
||||
* Licenses product ID.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
const JETPACK_SCAN_PRODUCT_IDS = array(
|
||||
2010, // JETPACK_SECURITY_DAILY.
|
||||
2011, // JETPACK_SECURITY_DAILY_MOTNHLY.
|
||||
@ -208,14 +205,20 @@ class Jetpack_Protect {
|
||||
*/
|
||||
public function initial_state() {
|
||||
global $wp_version;
|
||||
// phpcs:disable WordPress.Security.NonceVerification.Recommended
|
||||
$refresh_status_from_wpcom = isset( $_GET['checkPlan'] );
|
||||
$initial_state = array(
|
||||
|
||||
// Always fetch the latest plan status from WPCOM.
|
||||
$has_plan = Plan::has_required_plan( true );
|
||||
|
||||
$status = Status::get_status();
|
||||
|
||||
$initial_state = array(
|
||||
'apiRoot' => esc_url_raw( rest_url() ),
|
||||
'apiNonce' => wp_create_nonce( 'wp_rest' ),
|
||||
'registrationNonce' => wp_create_nonce( 'jetpack-registration-nonce' ),
|
||||
'status' => Status::get_status( $refresh_status_from_wpcom ),
|
||||
'scanHistory' => Scan_History::get_scan_history( $refresh_status_from_wpcom ),
|
||||
'credentials' => Credentials::get_credential_array(),
|
||||
'status' => $status,
|
||||
'fixerStatus' => Threats::fix_threats_status( $status->fixable_threat_ids ),
|
||||
'scanHistory' => Scan_History::get_scan_history(),
|
||||
'installedPlugins' => Plugins_Installer::get_plugins(),
|
||||
'installedThemes' => Sync_Functions::get_themes(),
|
||||
'wpVersion' => $wp_version,
|
||||
@ -223,17 +226,14 @@ class Jetpack_Protect {
|
||||
'siteSuffix' => ( new Jetpack_Status() )->get_site_suffix(),
|
||||
'blogID' => Connection_Manager::get_site_id( true ),
|
||||
'jetpackScan' => My_Jetpack_Products::get_product( 'scan' ),
|
||||
'hasRequiredPlan' => Plan::has_required_plan(),
|
||||
'hasPlan' => $has_plan,
|
||||
'onboardingProgress' => Onboarding::get_current_user_progress(),
|
||||
'waf' => array(
|
||||
'wafSupported' => Waf_Runner::is_supported_environment(),
|
||||
'currentIp' => IP_Utils::get_ip(),
|
||||
'isSeen' => self::get_waf_seen_status(),
|
||||
'upgradeIsSeen' => self::get_waf_upgrade_seen_status(),
|
||||
'displayUpgradeBadge' => self::get_waf_upgrade_badge_display_status(),
|
||||
'isEnabled' => Waf_Runner::is_enabled(),
|
||||
'isToggling' => false,
|
||||
'isUpdating' => false,
|
||||
'config' => Waf_Runner::get_config(),
|
||||
'stats' => self::get_waf_stats(),
|
||||
'globalStats' => Waf_Stats::get_global_stats(),
|
||||
@ -372,24 +372,6 @@ class Jetpack_Protect {
|
||||
return $license_found;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get WAF "Seen" Status
|
||||
*
|
||||
* @return bool Whether the current user has viewed the WAF screen.
|
||||
*/
|
||||
public static function get_waf_seen_status() {
|
||||
return (bool) get_user_meta( get_current_user_id(), 'jetpack_protect_waf_seen', true );
|
||||
}
|
||||
|
||||
/**
|
||||
* Set WAF "Seen" Status
|
||||
*
|
||||
* @return bool True if seen status updated to true, false on failure.
|
||||
*/
|
||||
public static function set_waf_seen_status() {
|
||||
return (bool) update_user_meta( get_current_user_id(), 'jetpack_protect_waf_seen', true );
|
||||
}
|
||||
|
||||
/**
|
||||
* Get WAF Upgrade "Seen" Status
|
||||
*
|
||||
@ -458,8 +440,7 @@ class Jetpack_Protect {
|
||||
}
|
||||
|
||||
return array(
|
||||
'ipAllowListCount' => Waf_Stats::get_ip_allow_list_count(),
|
||||
'ipBlockListCount' => Waf_Stats::get_ip_block_list_count(),
|
||||
'blockedRequests' => Plan::has_required_plan() ? Waf_Stats::get_blocked_requests() : false,
|
||||
'automaticRulesLastUpdated' => Waf_Stats::get_automatic_rules_last_updated(),
|
||||
);
|
||||
}
|
||||
|
||||
@ -10,8 +10,10 @@
|
||||
namespace Automattic\Jetpack\Protect;
|
||||
|
||||
use Automattic\Jetpack\Connection\Rest_Authentication as Connection_Rest_Authentication;
|
||||
use Automattic\Jetpack\IP\Utils as IP_Utils;
|
||||
use Automattic\Jetpack\Protect_Status\REST_Controller as Protect_Status_REST_Controller;
|
||||
use Automattic\Jetpack\Waf\Waf_Runner;
|
||||
use Automattic\Jetpack\Waf\Waf_Stats;
|
||||
use Jetpack_Protect;
|
||||
use WP_Error;
|
||||
use WP_REST_Request;
|
||||
@ -139,30 +141,6 @@ class REST_Controller {
|
||||
)
|
||||
);
|
||||
|
||||
register_rest_route(
|
||||
'jetpack-protect/v1',
|
||||
'waf-seen',
|
||||
array(
|
||||
'methods' => \WP_REST_Server::READABLE,
|
||||
'callback' => __CLASS__ . '::api_get_waf_seen_status',
|
||||
'permission_callback' => function () {
|
||||
return current_user_can( 'manage_options' );
|
||||
},
|
||||
)
|
||||
);
|
||||
|
||||
register_rest_route(
|
||||
'jetpack-protect/v1',
|
||||
'waf-seen',
|
||||
array(
|
||||
'methods' => \WP_REST_Server::EDITABLE,
|
||||
'callback' => __CLASS__ . '::api_set_waf_seen_status',
|
||||
'permission_callback' => function () {
|
||||
return current_user_can( 'manage_options' );
|
||||
},
|
||||
)
|
||||
);
|
||||
|
||||
register_rest_route(
|
||||
'jetpack-protect/v1',
|
||||
'waf-upgrade-seen',
|
||||
@ -239,7 +217,7 @@ class REST_Controller {
|
||||
$threat_ignored = Threats::ignore_threat( $request['threat_id'] );
|
||||
|
||||
if ( ! $threat_ignored ) {
|
||||
return new WP_REST_Response( 'An error occured while attempting to ignore the threat.', 500 );
|
||||
return new WP_REST_Response( 'An error occurred while attempting to ignore the threat.', 500 );
|
||||
}
|
||||
|
||||
return new WP_REST_Response( 'Threat ignored.' );
|
||||
@ -260,7 +238,7 @@ class REST_Controller {
|
||||
$threat_ignored = Threats::unignore_threat( $request['threat_id'] );
|
||||
|
||||
if ( ! $threat_ignored ) {
|
||||
return new WP_REST_Response( 'An error occured while attempting to unignore the threat.', 500 );
|
||||
return new WP_REST_Response( 'An error occurred while attempting to unignore the threat.', 500 );
|
||||
}
|
||||
|
||||
return new WP_REST_Response( 'Threat unignored.' );
|
||||
@ -281,7 +259,7 @@ class REST_Controller {
|
||||
$threats_fixed = Threats::fix_threats( $request['threat_ids'] );
|
||||
|
||||
if ( ! $threats_fixed ) {
|
||||
return new WP_REST_Response( 'An error occured while attempting to fix the threat.', 500 );
|
||||
return new WP_REST_Response( 'An error occurred while attempting to fix the threat.', 500 );
|
||||
}
|
||||
|
||||
return new WP_REST_Response( $threats_fixed );
|
||||
@ -302,7 +280,7 @@ class REST_Controller {
|
||||
$threats_fixed = Threats::fix_threats_status( $request['threat_ids'] );
|
||||
|
||||
if ( ! $threats_fixed ) {
|
||||
return new WP_REST_Response( 'An error occured while attempting to get the fixer status of the threats.', 500 );
|
||||
return new WP_REST_Response( 'An error occurred while attempting to get the fixer status of the threats.', 500 );
|
||||
}
|
||||
|
||||
return new WP_REST_Response( $threats_fixed );
|
||||
@ -317,7 +295,7 @@ class REST_Controller {
|
||||
$credential_array = Credentials::get_credential_array();
|
||||
|
||||
if ( ! isset( $credential_array ) ) {
|
||||
return new WP_REST_Response( 'An error occured while attempting to fetch the credentials array', 500 );
|
||||
return new WP_REST_Response( 'An error occurred while attempting to fetch the credentials array', 500 );
|
||||
}
|
||||
|
||||
return new WP_REST_Response( $credential_array );
|
||||
@ -332,7 +310,7 @@ class REST_Controller {
|
||||
$scan_enqueued = Threats::scan();
|
||||
|
||||
if ( ! $scan_enqueued ) {
|
||||
return new WP_REST_Response( 'An error occured while attempting to enqueue the scan.', 500 );
|
||||
return new WP_REST_Response( 'An error occurred while attempting to enqueue the scan.', 500 );
|
||||
}
|
||||
|
||||
return new WP_REST_Response( 'Scan enqueued.' );
|
||||
@ -349,7 +327,7 @@ class REST_Controller {
|
||||
if ( ! $disabled ) {
|
||||
return new WP_Error(
|
||||
'waf_disable_failed',
|
||||
__( 'An error occured disabling the firewall.', 'jetpack-protect' ),
|
||||
__( 'An error occurred disabling the firewall.', 'jetpack-protect' ),
|
||||
array( 'status' => 500 )
|
||||
);
|
||||
}
|
||||
@ -361,7 +339,7 @@ class REST_Controller {
|
||||
if ( ! $enabled ) {
|
||||
return new WP_Error(
|
||||
'waf_enable_failed',
|
||||
__( 'An error occured enabling the firewall.', 'jetpack-protect' ),
|
||||
__( 'An error occurred enabling the firewall.', 'jetpack-protect' ),
|
||||
array( 'status' => 500 )
|
||||
);
|
||||
}
|
||||
@ -380,32 +358,18 @@ class REST_Controller {
|
||||
|
||||
return new WP_REST_Response(
|
||||
array(
|
||||
'is_seen' => Jetpack_Protect::get_waf_seen_status(),
|
||||
'is_enabled' => Waf_Runner::is_enabled(),
|
||||
'config' => Waf_Runner::get_config(),
|
||||
'stats' => Jetpack_Protect::get_waf_stats(),
|
||||
'wafSupported' => Waf_Runner::is_supported_environment(),
|
||||
'currentIp' => IP_Utils::get_ip(),
|
||||
'upgradeIsSeen' => Jetpack_Protect::get_waf_upgrade_seen_status(),
|
||||
'displayUpgradeBadge' => Jetpack_Protect::get_waf_upgrade_badge_display_status(),
|
||||
'isEnabled' => Waf_Runner::is_enabled(),
|
||||
'config' => Waf_Runner::get_config(),
|
||||
'stats' => Jetpack_Protect::get_waf_stats(),
|
||||
'globalStats' => Waf_Stats::get_global_stats(),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get WAF "Seen" status for the API endpoint
|
||||
*
|
||||
* @return bool Whether the current user has viewed the WAF screen.
|
||||
*/
|
||||
public static function api_get_waf_seen_status() {
|
||||
return Jetpack_Protect::get_waf_seen_status();
|
||||
}
|
||||
|
||||
/**
|
||||
* Set WAF "Seen" status for the API endpoint
|
||||
*
|
||||
* @return bool True if seen status updated to true, false on failure.
|
||||
*/
|
||||
public static function api_set_waf_seen_status() {
|
||||
return Jetpack_Protect::set_waf_seen_status();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get WAF Upgrade "Seen" Status for the API endpoint
|
||||
*
|
||||
@ -431,7 +395,7 @@ class REST_Controller {
|
||||
*/
|
||||
public static function api_get_onboarding_progress() {
|
||||
$progress = Onboarding::get_current_user_progress();
|
||||
return rest_ensure_response( $progress, 200 );
|
||||
return rest_ensure_response( $progress );
|
||||
}
|
||||
|
||||
/**
|
||||
@ -449,7 +413,7 @@ class REST_Controller {
|
||||
$completed = Onboarding::complete_steps( $request['step_ids'] );
|
||||
|
||||
if ( ! $completed ) {
|
||||
return new WP_REST_Response( 'An error occured completing the onboarding step(s).', 500 );
|
||||
return new WP_REST_Response( 'An error occurred completing the onboarding step(s).', 500 );
|
||||
}
|
||||
|
||||
return new WP_REST_Response( 'Onboarding step(s) completed.' );
|
||||
@ -462,6 +426,6 @@ class REST_Controller {
|
||||
*/
|
||||
public static function api_get_scan_history() {
|
||||
$scan_history = Scan_History::get_scan_history( false );
|
||||
return rest_ensure_response( $scan_history, 200 );
|
||||
return rest_ensure_response( $scan_history );
|
||||
}
|
||||
}
|
||||
|
||||
@ -182,7 +182,10 @@ class Scan_History {
|
||||
$response = Client::wpcom_json_api_request_as_blog(
|
||||
$api_url,
|
||||
'2',
|
||||
array( 'method' => 'GET' ),
|
||||
array(
|
||||
'method' => 'GET',
|
||||
'timeout' => 30,
|
||||
),
|
||||
null,
|
||||
'wpcom'
|
||||
);
|
||||
@ -204,6 +207,8 @@ class Scan_History {
|
||||
* Normalize API Data
|
||||
* Formats the payload from the Scan API into an instance of History_Model.
|
||||
*
|
||||
* @phan-suppress PhanDeprecatedProperty -- Maintaining backwards compatibility.
|
||||
*
|
||||
* @param object $scan_data The data returned by the scan API.
|
||||
* @return History_Model
|
||||
*/
|
||||
@ -247,6 +252,8 @@ class Scan_History {
|
||||
/**
|
||||
* Handles threats for extensions such as plugins or themes.
|
||||
*
|
||||
* @phan-suppress PhanDeprecatedProperty -- Maintaining backwards compatibility.
|
||||
*
|
||||
* @param object $threat The threat object.
|
||||
* @param object $history The history object.
|
||||
* @param string $type The type of extension ('plugin' or 'theme').
|
||||
|
||||
@ -144,6 +144,10 @@ class Threats {
|
||||
* @return bool|array
|
||||
*/
|
||||
public static function fix_threats_status( $threat_ids ) {
|
||||
if ( empty( $threat_ids ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$api_base = self::get_api_base();
|
||||
if ( is_wp_error( $api_base ) ) {
|
||||
return false;
|
||||
|
||||
Reference in New Issue
Block a user