/** * Provides the handler for saving/updating source data * * @return bool/WP_Error */ public function save_account() { global $bc_accounts; if (!isset($_POST['brightcove-check_oauth'])) { return false; } if (!current_user_can('brightcove_manipulate_accounts')) { $error_message = esc_html__('You do not have permission to manage this account.', 'brightcove'); BC_Logging::log(sprintf('ACCOUNT: %s', $error_message)); $this->notices[] = array('message' => $error_message, 'type' => 'error'); return new WP_Error('brightcove-account-manage-permissions', $error_message); } if (!wp_verify_nonce($_POST['brightcove-check_oauth'], '_brightcove_check_oauth_for_source')) { return false; } // Only go through the oAuth credential validation when we're adding a new account or editing the account's credentials (not default players etc) if ('create' === $_POST['source-action']) { $required_keys = array('brightcove-check_oauth', 'source-account-id', 'source-client-id', 'source-client-secret', 'source-name'); foreach ($required_keys as $key) { if (!array_key_exists($key, $_POST)) { return false; } } $account_id = BC_Utility::sanitize_id($_POST['source-account-id']); $client_id = sanitize_text_field($_POST['source-client-id']); $client_secret = BC_Utility::get_sanitized_client_secret($_POST['source-client-secret']); $account_name = sanitize_text_field(stripslashes_deep($_POST['source-name'])); $set_default = isset($_POST['source-default-account']) && 'on' === $_POST['source-default-account'] ? 'default' : ''; $hash = BC_Utility::get_hash_for_account(array('account_id' => $account_id, 'client_id' => $client_id, 'client_secret' => $client_secret)); $account = $bc_accounts->get_account_by_hash($hash); if ($account) { // Account already exists $error_message = esc_html__('The Brightcove credentials provided already exist.', 'brightcove'); BC_Logging::log(sprintf('BC ACCOUNTS: %s', $error_message)); $this->notices[] = array('message' => $error_message, 'type' => 'error'); return new WP_Error('bc-account-exists-error', $error_message); } if (!$bc_accounts->add_account($account_id, $client_id, $client_secret, $account_name, $set_default, false)) { $error_message = esc_html__('We could not authenticate your credentials with Brightcove', 'brightcove'); BC_Logging::log(sprintf('BC OAUTH ERROR: %s', $error_message)); $this->notices[] = array('message' => $error_message, 'type' => 'error'); return new WP_Error('bc-oauth-error', $error_message); } BC_Utility::clear_cached_api_requests('all'); $bc_accounts->set_current_account_by_id($account_id); $players = new BC_Players(); $players->sync_players(); } if ('update' === $_POST['source-action']) { if (isset($_POST['source-default-account']) && 'on' === $_POST['source-default-account']) { update_option('_brightcove_default_account', sanitize_text_field($_POST['hash'])); } } // Deleting transient to allow syncing from the new account, otherwise we won't be able to sync it until this transient expires. delete_transient('brightcove_sync_videos'); $this->notices[] = array('message' => sprintf('%s <a href="%s">%s</a>.', esc_html__('Congratulations! Your credentials have been authenticated. Return to', 'brightcove'), admin_url('admin.php?page=brightcove-sources '), esc_html__('Settings', 'brightcove')), 'type' => 'updated'); return true; }
protected function is_valid_account($account_id, $client_id, $client_secret, $account_name, $check_access = true) { // Save current account as $old_account. $old_account = $this->current_account; $new_account = array('account_id' => $account_id, 'client_id' => $client_id, 'client_secret' => $client_secret, 'account_name' => $account_name); $new_account['hash'] = BC_Utility::get_hash_for_account($new_account); // Set new account as $account. $this->current_account = $new_account; $oauth = new BC_Oauth_API(); // Obtain session token with oAuth. $valid_credentials = $oauth->is_valid_account_credentials(); $errors = array(); if (!$valid_credentials) { $errors[] = new WP_Error('account-invalid-credentials', esc_html__('Invalid account credentials', 'brightcove')); } else { if ($check_access) { $permission_issues = $this->check_permissions_level(); if (count($permission_issues) > 0) { $errors[] = new WP_Error('account-permission-issue', esc_html__("Supplied account doesn't have the following permissions: ", 'brightcove') . implode(', ', $permission_issues) . '. ' . esc_html__('Please use an account that has these permissions.', 'brightcove')); } } } // Restore current account transient (if exists). $this->current_account = $old_account; return !empty($errors) ? $errors : true; }
protected function is_valid_account($account_id, $client_id, $client_secret, $account_name, $check_access = true) { // Save current account as $old_account. $old_account = $this->current_account; $new_account = array('account_id' => $account_id, 'client_id' => $client_id, 'client_secret' => $client_secret, 'account_name' => $account_name); $new_account['hash'] = BC_Utility::get_hash_for_account($new_account); // Set new account as $account. $this->current_account = $new_account; $oauth = new BC_Oauth_API(); // Obtain session token with oAuth. $valid_credentials = $oauth->is_valid_account_credentials(); $errors = array(); if (!$valid_credentials) { $errors[] = new WP_Error('account-invalid-credentials', esc_html__('Invalid account credentials', 'brightcove')); } else { if ($check_access) { $errors = array_merge($errors, $this->check_permissions_level()); } } // Restore current account transient (if exists). $this->current_account = $old_account; return !empty($errors) ? $errors : true; }