plugin updates

wp/wp-content/plugins/woocommerce/includes/admin/helper/class-wc-helper-admin.php

@@ -39,13 +39,23 @@ class WC_Helper_Admin {
 		$auth_user_data  = WC_Helper_Options::get( 'auth_user_data', array() );
 		$auth_user_email = isset( $auth_user_data['email'] ) ? $auth_user_data['email'] : '';
 
+		// Get the all installed themes and plugins. Knowing this will help us decide to show Add to Store button on product cards.
+		$installed_products = array_merge( WC_Helper::get_local_plugins(), WC_Helper::get_local_themes() );
+		$installed_products = array_map(
+			function ( $product ) {
+				return $product['slug'];
+			},
+			$installed_products
+		);
+
 		$settings['wccomHelper'] = array(
-			'isConnected' => WC_Helper::is_site_connected(),
-			'connectURL'  => self::get_connection_url(),
-			'userEmail'   => $auth_user_email,
-			'userAvatar'  => get_avatar_url( $auth_user_email, array( 'size' => '48' ) ),
-			'storeCountry' => wc_get_base_location()['country'],
+			'isConnected'            => WC_Helper::is_site_connected(),
+			'connectURL'             => self::get_connection_url(),
+			'userEmail'              => $auth_user_email,
+			'userAvatar'             => get_avatar_url( $auth_user_email, array( 'size' => '48' ) ),
+			'storeCountry'           => wc_get_base_location()['country'],
 			'inAppPurchaseURLParams' => WC_Admin_Addons::get_in_app_purchase_url_params(),
+			'installedProducts'      => $installed_products,
 		);
 
 		return $settings;
@@ -74,10 +84,6 @@ class WC_Helper_Admin {
 			$connect_url_args['wc-helper-nonce']   = wp_create_nonce( 'connect' );
 		}
 
-		if ( isset( $current_screen->id ) && 'woocommerce_page_wc-admin' === $current_screen->id ) {
-			$connect_url_args['redirect-to-wc-admin'] = 1;
-		}
-
 		return add_query_arg(
 			$connect_url_args,
 			admin_url( 'admin.php' )

wp/wp-content/plugins/woocommerce/includes/admin/helper/class-wc-helper-orders-api.php

@@ -0,0 +1,107 @@
+<?php
+/**
+ * WooCommerce Admin Helper - React admin interface
+ *
+ * @package WooCommerce\Admin\Helper
+ */
+
+if ( ! defined( 'ABSPATH' ) ) {
+	exit;
+}
+
+/**
+ * WC_Helper_Orders_API
+ *
+ * Pings Woo.com to create an order and pull in the necessary data to start the installation process.
+ */
+class WC_Helper_Orders_API {
+	/**
+	 * Loads the class, runs on init
+	 *
+	 * @return void
+	 */
+	public static function load() {
+		add_filter( 'rest_api_init', array( __CLASS__, 'register_rest_routes' ) );
+	}
+
+	/**
+	 * Registers the REST routes for the Marketplace Orders API.
+	 * These endpoints are used by the Marketplace Subscriptions React UI.
+	 */
+	public static function register_rest_routes() {
+		register_rest_route(
+			'wc/v3',
+			'/marketplace/create-order',
+			array(
+				'methods'             => 'POST',
+				'callback'            => array( __CLASS__, 'create_order' ),
+				'permission_callback' => array( __CLASS__, 'get_permission' ),
+				'args'                => array(
+					'product_id' => array(
+						'required'          => true,
+						'validate_callback' => function( $argument ) {
+							return is_int( $argument );
+						},
+					),
+				),
+			)
+		);
+	}
+
+	/**
+	 * The Extensions page can only be accessed by users with the manage_woocommerce
+	 * capability. So the API mimics that behavior.
+	 *
+	 * @return bool
+	 */
+	public static function get_permission() {
+		return WC_Helper_Subscriptions_API::get_permission();
+	}
+
+	/**
+	 * Core function to create an order on Woo.com. Pings the API and catches the exceptions if any.
+	 *
+	 * @param WP_REST_Request $request Request object.
+	 *
+	 * @return WP_REST_Response
+	 */
+	public static function create_order( $request ) {
+		if ( ! current_user_can( 'install_plugins' ) ) {
+			return new \WP_REST_Response(
+				array(
+					'message' => __( 'You do not have permission to install plugins.', 'woocommerce' ),
+				),
+				403
+			);
+		}
+
+		try {
+			$response = WC_Helper_API::post(
+				'create-order',
+				array(
+					'authenticated' => true,
+					'body'          => http_build_query(
+						array(
+							'product_id' => $request['product_id'],
+						),
+					),
+				)
+			);
+
+			return new \WP_REST_Response(
+				json_decode( wp_remote_retrieve_body( $response ), true ),
+				wp_remote_retrieve_response_code( $response )
+			);
+		} catch ( Exception $e ) {
+			return new \WP_REST_Response(
+				array(
+					'message' => __( 'Could not start the installation process. Reason: ', 'woocommerce' ) . $e->getMessage(),
+					'code'    => 'could-not-install',
+				),
+				500
+			);
+		}
+	}
+}
+
+WC_Helper_Orders_API::load();

wp/wp-content/plugins/woocommerce/includes/admin/helper/class-wc-helper.php

@@ -61,6 +61,7 @@ class WC_Helper {
 		include_once dirname( __FILE__ ) . '/class-wc-helper-compat.php';
 		include_once dirname( __FILE__ ) . '/class-wc-helper-admin.php';
 		include_once dirname( __FILE__ ) . '/class-wc-helper-subscriptions-api.php';
+		include_once dirname( __FILE__ ) . '/class-wc-helper-orders-api.php';
 	}
 
 	/**
@@ -699,40 +700,53 @@ class WC_Helper {
 				array(
 					'page'    => 'wc-addons',
 					'section' => 'helper',
-				),
-				isset( $_GET['redirect-to-wc-admin'] ),
-				sanitize_text_field( wp_unslash( $_GET['install'] ) )
+				)
 			)
 		);
-		// phpcs:enable WordPress.Security.NonceVerification.Recommended
 	}
 
 	/**
 	 * Get helper redirect URL.
 	 *
-	 * @param array  $args Query args.
-	 * @param bool   $redirect_to_wc_admin Whether to redirect to WC Admin.
-	 * @param string $install_product_key Optional Product key to install.
+	 * @param array $args Query args.
 	 * @return string
 	 */
-	private static function get_helper_redirect_url( $args = array(), $redirect_to_wc_admin = false, $install_product_key = '' ) {
+	private static function get_helper_redirect_url( $args = array() ) {
 		global $current_screen;
+
+		// phpcs:disable WordPress.Security.NonceVerification.Recommended
+		$redirect_admin_url = isset( $_GET['redirect_admin_url'] )
+			? esc_url_raw(
+				urldecode(
+					// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
+					wp_unslash( $_GET['redirect_admin_url'] )
+				)
+			)
+			: '';
+		$install_product_key = isset( $_GET['install'] ) ? sanitize_text_field( wp_unslash( $_GET['install'] ) ) : '';
+		// phpcs:enable WordPress.Security.NonceVerification.Recommended
+
 		if (
 			'woocommerce_page_wc-addons' === $current_screen->id &&
 			FeaturesUtil::feature_is_enabled( 'marketplace' ) &&
 			(
-				true === $redirect_to_wc_admin ||
+				false === empty( $redirect_admin_url ) ||
 				false === empty( $install_product_key )
 			)
 		) {
-			$new_url = add_query_arg(
-				array(
-					'page' => 'wc-admin',
-					'tab'  => 'my-subscriptions',
-					'path' => rawurlencode( '/extensions' ),
-				),
-				admin_url( 'admin.php' )
-			);
+			if ( strpos( $redirect_admin_url, admin_url( 'admin.php' ) ) === 0 ) {
+				$new_url = $redirect_admin_url;
+			} else {
+				$new_url = add_query_arg(
+					array(
+						'page' => 'wc-admin',
+						'tab'  => 'my-subscriptions',
+						'path' => rawurlencode( '/extensions' ),
+					),
+					admin_url( 'admin.php' )
+				);
+			}
+
 			if ( ! empty( $install_product_key ) ) {
 				$new_url = add_query_arg(
 					array(
@@ -766,10 +780,6 @@ class WC_Helper {
 			'wc-helper-nonce'  => wp_create_nonce( 'connect' ),
 		);
 
-		if ( isset( $_GET['redirect-to-wc-admin'] ) ) {
-			$redirect_url_args['redirect-to-wc-admin'] = 1;
-		}
-
 		if ( isset( $_GET['install'] ) ) {
 			$redirect_url_args['install'] = sanitize_text_field( wp_unslash( $_GET['install'] ) );
 		}
@@ -809,9 +819,19 @@ class WC_Helper {
 
 		$connect_url = add_query_arg(
 			array(
-				'home_url'     => rawurlencode( home_url() ),
-				'redirect_uri' => rawurlencode( $redirect_uri ),
-				'secret'       => rawurlencode( $secret ),
+				'home_url'           => rawurlencode( home_url() ),
+				'redirect_uri'       => rawurlencode( $redirect_uri ),
+				'secret'             => rawurlencode( $secret ),
+				'redirect_admin_url' => isset( $_GET['redirect_admin_url'] )
+					? rawurlencode(
+						esc_url_raw(
+							urldecode(
+								// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
+								wp_unslash( $_GET['redirect_admin_url'] )
+							)
+						)
+					)
+					: '',
 			),
 			WC_Helper_API::url( 'oauth/authorize' )
 		);
@@ -841,9 +861,7 @@ class WC_Helper {
 					array(
 						'page'    => 'wc-addons',
 						'section' => 'helper',
-					),
-					isset( $_GET['redirect-to-wc-admin'] ),
-					isset( $_GET['install'] ) ? sanitize_text_field( wp_unslash( $_GET['install'] ) ) : ''
+					)
 				)
 			);
 			die();
@@ -905,9 +923,7 @@ class WC_Helper {
 					'page'             => 'wc-addons',
 					'section'          => 'helper',
 					'wc-helper-status' => 'helper-connected',
-				),
-				isset( $_GET['redirect-to-wc-admin'] ),
-				isset( $_GET['install'] ) ? sanitize_text_field( wp_unslash( $_GET['install'] ) ) : ''
+				)
 			)
 		);
 		die();
@@ -932,9 +948,7 @@ class WC_Helper {
 				'page'             => 'wc-addons',
 				'section'          => 'helper',
 				'wc-helper-status' => 'helper-disconnected',
-			),
-			isset( $_GET['redirect-to-wc-admin'] ),
-			isset( $_GET['install'] ) ? sanitize_text_field( wp_unslash( $_GET['install'] ) ) : ''
+			)
 		);
 
 		self::disconnect();
@@ -960,9 +974,7 @@ class WC_Helper {
 				'section'          => 'helper',
 				'filter'           => self::get_current_filter(),
 				'wc-helper-status' => 'helper-refreshed',
-			),
-			isset( $_GET['redirect-to-wc-admin'] ),
-			isset( $_GET['install'] ) ? sanitize_text_field( wp_unslash( $_GET['install'] ) ) : ''
+			)
 		);
 
 		wp_safe_redirect( $redirect_uri );