/**
* Publish snapshot changes when snapshot post is being published.
*
* The logic in here is the inverse of to publish_snapshot_with_customize_save_after.
*
* The meat of the logic that manipulates the post_content and validates the settings
* needs to be done in wp_insert_post_data filter in like a
* filter_insert_post_data_to_validate_published_snapshot method? This would
* have the benefit of reducing one wp_insert_post() call.
*
* @todo Consider using wp_insert_post_data to prevent double calls to wp_insert_post().
* @see Customize_Snapshot_Manager::publish_snapshot_with_customize_save_after()
*
* @param string $new_status New status.
* @param string $old_status Old status.
* @param \WP_Post $post Post object.
* @return bool Whether the settings were saved.
*/
public function save_settings_with_publish_snapshot($new_status, $old_status, $post)
{
// Abort if not transitioning a snapshot post to publish from a non-publish status.
if (Post_Type::SLUG !== $post->post_type || 'publish' !== $new_status || $new_status === $old_status) {
return false;
}
$this->ensure_customize_manager();
if ($this->doing_customize_save_ajax()) {
// Short circuit because customize_save ajax call is changing status.
return false;
}
if (!did_action('customize_register')) {
/*
* When running from CLI or Cron, we have to remove the action because
* it will get added with a default priority of 10, after themes and plugins
* have already done add_action( 'customize_register' ), resulting in them
* being called first at the priority 10. So we manually call the
* prerequisite function WP_Customize_Manager::register_controls() and
* remove it from being called when the customize_register action fires.
*/
remove_action('customize_register', array($this->customize_manager, 'register_controls'));
$this->customize_manager->register_controls();
/*
* Unfortunate hack to prevent \WP_Customize_Widgets::customize_register()
* from calling preview() on settings. This needs to be cleaned up in core.
* It is important for previewing to be prevented because if an option has
* a filter it will short-circuit when an update is attempted since it
* detects that there is no change to be put into the DB.
* See: https://github.com/xwp/wordpress-develop/blob/e8c58c47db1421a1d0b2afa9ad4b9eb9e1e338e0/src/wp-includes/class-wp-customize-widgets.php#L208-L217
*/
if (!defined('DOING_AJAX')) {
define('DOING_AJAX', true);
}
$_REQUEST['action'] = 'customize_save';
/** This action is documented in wp-includes/class-wp-customize-manager.php */
do_action('customize_register', $this->customize_manager);
// undefine( 'DOING_AJAX' )... just kidding. This is the end of the unfortunate hack and it should be fixed in Core.
unset($_REQUEST['action']);
}
$snapshot_content = $this->post_type->get_post_content($post);
if (method_exists($this->customize_manager, 'validate_setting_values')) {
/** This action is documented in wp-includes/class-wp-customize-manager.php */
do_action('customize_save_validation_before', $this->customize_manager);
}
$setting_ids = array_keys($snapshot_content);
$this->customize_manager->add_dynamic_settings($setting_ids);
/** This action is documented in wp-includes/class-wp-customize-manager.php */
do_action('customize_save', $this->customize_manager);
/**
* Settings to save.
*
* @var \WP_Customize_Setting[]
*/
$settings = array();
$publish_error_count = 0;
foreach ($snapshot_content as $setting_id => &$setting_params) {
// Missing value error.
if (!isset($setting_params['value']) || is_null($setting_params['value'])) {
if (!is_array($setting_params)) {
if (!empty($setting_params)) {
$setting_params = array('value' => $setting_params);
} else {
$setting_params = array();
}
}
$setting_params['publish_error'] = 'null_value';
$publish_error_count += 1;
continue;
}
// Unrecognized setting error.
$this->customize_manager->set_post_value($setting_id, $setting_params['value']);
$setting = $this->customize_manager->get_setting($setting_id);
if (!$setting instanceof \WP_Customize_Setting) {
$setting_params['publish_error'] = 'unrecognized_setting';
$publish_error_count += 1;
continue;
}
// Validate setting value.
if (method_exists($setting, 'validate')) {
$validity = $setting->validate($setting_params['value']);
if (is_wp_error($validity)) {
$setting_params['publish_error'] = $validity->get_error_code();
$publish_error_count += 1;
continue;
}
}
// Validate sanitized setting value.
$sanitized_value = $setting->sanitize($setting_params['value']);
if (is_null($sanitized_value) || is_wp_error($sanitized_value)) {
$setting_params['publish_error'] = is_wp_error($sanitized_value) ? $sanitized_value->get_error_code() : 'invalid_value';
$publish_error_count += 1;
continue;
}
$settings[] = $setting;
unset($setting_params['publish_error']);
}
// Handle error scenarios.
if ($publish_error_count > 0) {
$update_setting_args = array('ID' => $post->ID, 'post_content' => Customize_Snapshot_Manager::encode_json($snapshot_content), 'post_status' => 'pending');
wp_update_post(wp_slash($update_setting_args));
update_post_meta($post->ID, 'snapshot_error_on_publish', $publish_error_count);
add_filter('redirect_post_location', function ($location) {
$location = add_query_arg('snapshot_error_on_publish', '1', $location);
return $location;
});
return false;
}
/*
* Change all setting capabilities temporarily to 'exist' to allow them to
* be saved regardless of current user, such as when WP-Cron is publishing
* the snapshot post if it was scheduled. It is safe to do this because
* a setting can only be written into a snapshot by users who have the
* capability, so after it has been added to a snapshot it is good to commit.
*/
$existing_caps = wp_list_pluck($settings, 'capability');
foreach ($settings as $setting) {
$setting->capability = 'exist';
}
// Persist the settings in the DB.
foreach ($settings as $setting) {
$setting->save();
}
// Restore setting capabilities.
foreach ($existing_caps as $setting_id => $existing_cap) {
$settings[$setting_id]->capability = $existing_cap;
}
/** This action is documented in wp-includes/class-wp-customize-manager.php */
do_action('customize_save_after', $this->customize_manager);
// Remove any previous error on setting.
delete_post_meta($post->ID, 'snapshot_error_on_publish');
return true;
}
/**
* Prepare a single post output for response.
*
* @param \WP_Post $post Post object.
* @param \WP_REST_Request $request Request object.
* @return \WP_REST_Response $response Response.
*/
public function prepare_item_for_response($post, $request)
{
$response = parent::prepare_item_for_response($post, $request);
$response->data['content'] = $this->snapshot_post_type->get_post_content($post);
return $response;
}
/**
* Test persisting the data in the snapshot post content.
*
* @see Post_Type::save()
*/
public function test_save()
{
$post_type = new Post_Type($this->plugin->customize_snapshot_manager);
$post_type->register();
// Error: missing_valid_uuid.
$r = $post_type->save(array('id' => 'nouuid'));
$this->assertInstanceOf('WP_Error', $r);
$this->assertEquals('missing_valid_uuid', $r->get_error_code());
$r = $post_type->save(array('uuid' => 'baduuid'));
$this->assertInstanceOf('WP_Error', $r);
$this->assertEquals('missing_valid_uuid', $r->get_error_code());
$r = $post_type->save(array('uuid' => self::UUID, 'data' => 'bad'));
$this->assertInstanceOf('WP_Error', $r);
$this->assertEquals('missing_data', $r->get_error_code());
// Error: bad_setting_params.
$r = $post_type->save(array('uuid' => self::UUID, 'data' => array('foo' => 'bar')));
$this->assertInstanceOf('WP_Error', $r);
$this->assertEquals('bad_setting_params', $r->get_error_code());
// Error: missing_value_param.
$r = $post_type->save(array('uuid' => self::UUID, 'data' => array('foo' => array('bar' => 'quux'))));
$this->assertInstanceOf('WP_Error', $r);
$this->assertEquals('missing_value_param', $r->get_error_code());
$data = array('foo' => array('value' => 'bar', 'publish_error' => 'unrecognized_setting'));
// Error: bad_status.
$r = $post_type->save(array('uuid' => self::UUID, 'data' => $data, 'status' => 'noooo'));
$this->assertInstanceOf('WP_Error', $r);
$this->assertEquals('bad_status', $r->get_error_code());
// Success without data.
$r = $post_type->save(array('uuid' => self::UUID));
$this->assertInternalType('int', $r);
$this->assertEquals(array(), $post_type->get_post_content(get_post($r)));
wp_delete_post($r, true);
// Success with data.
$r = $post_type->save(array('uuid' => self::UUID, 'data' => $data, 'status' => 'publish', 'theme' => get_stylesheet()));
$this->assertInternalType('int', $r);
$this->assertEquals($data, $post_type->get_post_content(get_post($r)));
$this->assertEquals(get_stylesheet(), get_post_meta($r, '_snapshot_theme', true));
$this->assertEquals($this->plugin->version, get_post_meta($r, '_snapshot_version', true));
// Success with author supplied.
$user_id = $this->factory()->user->create(array('role' => 'administrator'));
$post_id = $post_type->save(array('uuid' => self::UUID, 'data' => $data, 'status' => 'publish', 'author' => $user_id));
$this->assertEquals($user_id, get_post($post_id)->post_author);
// Success with future date.
$post_id = $post_type->save(array('uuid' => self::UUID, 'data' => $data, 'status' => 'publish', 'date_gmt' => gmdate('Y-m-d H:i:s', time() + 24 * 3600)));
$this->assertEquals('future', get_post_status($post_id));
}
