geno/wp-content/plugins/mailpoet/lib/API/JSON/v1/Forms.php

<?php // phpcs:ignore SlevomatCodingStandard.TypeHints.DeclareStrictTypes.DeclareStrictTypesMissing

namespace MailPoet\API\JSON\v1;

if (!defined('ABSPATH')) exit;


use Exception;
use MailPoet\API\JSON\Endpoint as APIEndpoint;
use MailPoet\API\JSON\Error;
use MailPoet\API\JSON\Error as APIError;
use MailPoet\API\JSON\Response;
use MailPoet\API\JSON\ResponseBuilders\FormsResponseBuilder;
use MailPoet\API\JSON\SuccessResponse;
use MailPoet\Config\AccessControl;
use MailPoet\Entities\FormEntity;
use MailPoet\Form\ApiDataSanitizer;
use MailPoet\Form\DisplayFormInWPContent;
use MailPoet\Form\FormSaveController;
use MailPoet\Form\FormsRepository;
use MailPoet\Form\Listing\FormListingRepository;
use MailPoet\Form\PreviewPage;
use MailPoet\Form\Templates\TemplateRepository;
use MailPoet\Listing;
use MailPoet\Settings\UserFlagsController;
use MailPoet\Tags\TagRepository;
use MailPoet\UnexpectedValueException;
use MailPoet\WP\Emoji;
use MailPoet\WP\Functions as WPFunctions;

class Forms extends APIEndpoint {
  public $permissions = [
    'global' => AccessControl::PERMISSION_MANAGE_FORMS,
  ];

  /** @var Listing\Handler */
  private $listingHandler;

  /** @var UserFlagsController */
  private $userFlags;

  /** @var FormsResponseBuilder */
  private $formsResponseBuilder;

  /** @var WPFunctions */
  private $wp;

  /** @var FormsRepository */
  private $formsRepository;

  /** @var TemplateRepository */
  private $templateRepository;

  /** @var FormListingRepository */
  private $formListingRepository;

  /** @var Emoji */
  private $emoji;

  /** @var ApiDataSanitizer */
  private $dataSanitizer;

  /** @var TagRepository */
  private $tagRepository;

  /** @var FormSaveController */
  private $formSaveController;

  public function __construct(
    Listing\Handler $listingHandler,
    UserFlagsController $userFlags,
    FormsRepository $formsRepository,
    TemplateRepository $templateRepository,
    FormListingRepository $formListingRepository,
    FormsResponseBuilder $formsResponseBuilder,
    WPFunctions $wp,
    Emoji $emoji,
    ApiDataSanitizer $dataSanitizer,
    TagRepository $tagRepository,
    FormSaveController $formSaveController
  ) {
    $this->listingHandler = $listingHandler;
    $this->userFlags = $userFlags;
    $this->wp = $wp;
    $this->formsRepository = $formsRepository;
    $this->templateRepository = $templateRepository;
    $this->formListingRepository = $formListingRepository;
    $this->formsResponseBuilder = $formsResponseBuilder;
    $this->emoji = $emoji;
    $this->dataSanitizer = $dataSanitizer;
    $this->tagRepository = $tagRepository;
    $this->formSaveController = $formSaveController;
  }

  public function get($data = []) {
    $id = (isset($data['id']) ? (int)$data['id'] : false);
    $form = $this->formsRepository->findOneById($id);
    if ($form instanceof FormEntity) {
      return $this->successResponse($this->formsResponseBuilder->build($form));
    }
    return $this->errorResponse([
      APIError::NOT_FOUND => __('This form does not exist.', 'mailpoet'),
    ]);
  }

  public function setStatus($data = []) {
    $status = (isset($data['status']) ? $data['status'] : null);

    if (!$status) {
      return $this->badRequest([
        APIError::BAD_REQUEST => __('You need to specify a status.', 'mailpoet'),
      ]);
    }

    $id = (isset($data['id'])) ? (int)$data['id'] : false;
    $form = $this->formsRepository->findOneById($id);

    if (!$form instanceof FormEntity) {
      return $this->errorResponse([
        APIError::NOT_FOUND => __('This form does not exist.', 'mailpoet'),
      ]);
    }

    if (!in_array($status, [FormEntity::STATUS_ENABLED, FormEntity::STATUS_DISABLED])) {
      return $this->badRequest([
        APIError::BAD_REQUEST =>
          sprintf(
          // translators: %1$s is a comma-seperated list of allowed values, %2$s the status the user specified.
            __('Invalid status. Allowed values are (%1$s), you specified %2$s', 'mailpoet'),
            join(', ', [FormEntity::STATUS_ENABLED, FormEntity::STATUS_DISABLED]),
            $status
          ),
      ]);
    }

    $form->setStatus($status);
    $this->formsRepository->flush();

    if ($status === FormEntity::STATUS_ENABLED) {
      $this->wp->deleteTransient(DisplayFormInWPContent::NO_FORM_TRANSIENT_KEY);
    }

    $form = $this->formsRepository->findOneById($id);
    if (!$form instanceof FormEntity) return $this->errorResponse();
    return $this->successResponse(
      $form->toArray()
    );
  }

  public function listing($data = []) {
    $data['sort_order'] = $data['sort_order'] ?? 'desc';
    $data['sort_by'] = $data['sort_by'] ?? 'updatedAt';

    $definition = $this->listingHandler->getListingDefinition($data);
    $items = $this->formListingRepository->getData($definition);
    $count = $this->formListingRepository->getCount($definition);
    $filters = $this->formListingRepository->getFilters($definition);
    $groups = $this->formListingRepository->getGroups($definition);

    return $this->successResponse($this->formsResponseBuilder->buildForListing($items), [
      'count' => $count,
      'filters' => $filters,
      'groups' => $groups,
    ]);
  }

  public function previewEditor($data = []) {
    // We want to allow preview for unsaved forms
    $formId = $data['id'] ?? 0;
    $this->wp->setTransient(PreviewPage::PREVIEW_DATA_TRANSIENT_PREFIX . $formId, $data, PreviewPage::PREVIEW_DATA_EXPIRATION);
    return $this->successResponse();
  }

  public function saveEditor($data = []) {
    $formId = (isset($data['id']) ? (int)$data['id'] : 0);
    $initialForm = $this->getFormTemplateData(TemplateRepository::INITIAL_FORM_TEMPLATE);
    $name = ($data['name'] ?? __('New form', 'mailpoet'));
    $body = ($data['body'] ?? $initialForm['body']);
    $body = $this->dataSanitizer->sanitizeBody($body);
    $settings = ($data['settings'] ?? $initialForm['settings']);
    $styles = ($data['styles'] ?? $initialForm['styles']);
    $status = ($data['status'] ?? FormEntity::STATUS_ENABLED);

    // check if the form is used as a widget
    $isWidget = false;
    $widgets = $this->wp->getOption('widget_mailpoet_form');
    if (!empty($widgets)) {
      foreach ($widgets as $widget) {
        if (isset($widget['form']) && (int)$widget['form'] === $formId) {
          $isWidget = true;
          break;
        }
      }
    }

    // Reset no form cache
    $this->wp->deleteTransient(DisplayFormInWPContent::NO_FORM_TRANSIENT_KEY);

    // check if the user gets to pick his own lists
    // or if it's selected by the admin
    $formEntity = new FormEntity($name);
    $formEntity->setBody($body);
    $listSelection = $formEntity->getSegmentBlocksSegmentIds();

    // check list selection
    if (count($listSelection)) {
      $settings['segments_selected_by'] = 'user';
      $settings['segments'] = $listSelection;
    } else {
      $settings['segments_selected_by'] = 'admin';
    }

    // check tags and create them if they don't exist
    if (isset($settings['tags'])) {
      $this->createTagsIfDoNotExist($settings['tags']);
    }

    // Check Custom HTML block permissions
    $customHtmlBlocks = $formEntity->getBlocksByTypes([FormEntity::HTML_BLOCK_TYPE]);
    if (count($customHtmlBlocks) && !$this->wp->currentUserCan('administrator')) {
      return $this->errorResponse([
        Error::FORBIDDEN => __('Only administrator can edit forms containing Custom HTML block.', 'mailpoet'),
      ], [], Response::STATUS_FORBIDDEN);
    }

    if ($body !== null) {
      $body = $this->emoji->sanitizeEmojisInFormBody($body);
    }

    $form = $this->getForm($data);

    if (!$form instanceof FormEntity) {
      $form = new FormEntity($name);
    }
    $form->setName($name);
    $form->setBody($body);
    $form->setSettings($settings);
    $form->setStyles($styles);
    $form->setStatus($status);
    $this->formsRepository->persist($form);

    try {
      $this->formsRepository->flush();
    } catch (\Exception $e) {
      return $this->badRequest();
    }

    if (isset($data['editor_version']) && $data['editor_version'] === "2") {
      $this->userFlags->set('display_new_form_editor_nps_survey', true);
    }

    $form = $this->getForm(['id' => $form->getId()]);
    if(!$form instanceof FormEntity) return $this->errorResponse();
    return $this->successResponse(
      $this->formsResponseBuilder->build($form),
      ['is_widget' => $isWidget]
    );
  }

  public function restore($data = []) {
    $form = $this->getForm($data);

    if ($form instanceof FormEntity) {
      $this->formsRepository->restore($form);
      return $this->successResponse(
        $form->toArray(),
        ['count' => 1]
      );
    } else {
      return $this->errorResponse([
        APIError::NOT_FOUND => __('This form does not exist.', 'mailpoet'),
      ]);
    }
  }

  public function trash($data = []) {
    $form = $this->getForm($data);

    if ($form instanceof FormEntity) {
      $this->formsRepository->trash($form);
      return $this->successResponse(
        $form->toArray(),
        ['count' => 1]
      );
    } else {
      return $this->errorResponse([
        APIError::NOT_FOUND => __('This form does not exist.', 'mailpoet'),
      ]);
    }
  }

  public function delete($data = []) {
    $form = $this->getForm($data);

    if ($form instanceof FormEntity) {
      $this->formsRepository->delete($form);

      return $this->successResponse(null, ['count' => 1]);
    } else {
      return $this->errorResponse([
        APIError::NOT_FOUND => __('This form does not exist.', 'mailpoet'),
      ]);
    }
  }

  public function duplicate($data = []) {
    $form = $this->getForm($data);

    if ($form instanceof FormEntity) {
      try {
        $duplicate = $this->formSaveController->duplicate($form);
      } catch (Exception $e) {
        return $this->errorResponse([
          APIError::UNKNOWN => __('Duplicating form failed.', 'mailpoet'),
        ], [], Response::STATUS_UNKNOWN);
      }
      return $this->successResponse(
        $this->formsResponseBuilder->build($duplicate),
        ['count' => 1]
      );
    } else {
      return $this->errorResponse([
        APIError::NOT_FOUND => __('This form does not exist.', 'mailpoet'),
      ]);
    }
  }

  public function bulkAction($data = []): SuccessResponse {
    $definition = $this->listingHandler->getListingDefinition($data['listing']);
    $ids = $this->formListingRepository->getActionableIds($definition);
    if ($data['action'] === 'trash') {
      $this->formsRepository->bulkTrash($ids);
    } elseif ($data['action'] === 'restore') {
      $this->formsRepository->bulkRestore($ids);
    } elseif ($data['action'] === 'delete') {
      $this->formsRepository->bulkDelete($ids);
    } else {
      throw UnexpectedValueException::create()
        ->withErrors([APIError::BAD_REQUEST => "Invalid bulk action '{$data['action']}' provided."]);
    }
    return $this->successResponse(null, ['count' => count($ids)]);
  }

  private function getForm(array $data): ?FormEntity {
    return isset($data['id'])
      ? $this->formsRepository->findOneById((int)$data['id'])
      : null;
  }

  private function getFormTemplateData(string $templateId): array {
    $formTemplate = $this->templateRepository->getFormTemplate($templateId);
    $form = $formTemplate->toFormEntity();
    return $form->toArray();
  }

  private function createTagsIfDoNotExist(array $tagNames): void {
    foreach ($tagNames as $tagName) {
      $this->tagRepository->createOrUpdate(['name' => $tagName]);
    }
  }
}