Skip to content

Commit e8e0e85

Browse files
contactashish13contactashish13
authored
Merge pull request #541 from HardeepAsrani/development
Add permission callback
2 parents ffc1659 + 82d80e0 commit e8e0e85

File tree

1 file changed

+21
-6
lines changed

1 file changed

+21
-6
lines changed

classes/Visualizer/Gutenberg/Block.php

Lines changed: 21 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,7 @@ public function enqueue_gutenberg_scripts() {
8787
if ( Visualizer_Module::is_pro() ) {
8888
$type = 'pro';
8989
if ( apply_filters( 'visualizer_is_business', false ) ) {
90-
$type = 'developer';
90+
$type = 'business';
9191
}
9292
}
9393

@@ -156,6 +156,9 @@ public function register_rest_endpoints() {
156156
'sanitize_callback' => 'absint',
157157
),
158158
),
159+
'permission_callback' => function () {
160+
return current_user_can( 'edit_posts' );
161+
},
159162
)
160163
);
161164

@@ -170,6 +173,9 @@ public function register_rest_endpoints() {
170173
'sanitize_callback' => 'esc_url_raw',
171174
),
172175
),
176+
'permission_callback' => function () {
177+
return current_user_can( 'edit_posts' );
178+
},
173179
)
174180
);
175181

@@ -184,6 +190,9 @@ public function register_rest_endpoints() {
184190
'sanitize_callback' => 'sanitize_text_field',
185191
),
186192
),
193+
'permission_callback' => function () {
194+
return current_user_can( 'edit_posts' );
195+
},
187196
)
188197
);
189198
}
@@ -249,15 +258,20 @@ public function update_chart_data( $data ) {
249258

250259
if ( $data['id'] && ! is_wp_error( $data['id'] ) ) {
251260

252-
update_post_meta( $data['id'], Visualizer_Plugin::CF_CHART_TYPE, $data['visualizer-chart-type'] );
253-
update_post_meta( $data['id'], Visualizer_Plugin::CF_SOURCE, $data['visualizer-source'] );
261+
$chart_type = sanitize_text_field( $data['visualizer-chart-type'] );
262+
$source_type = sanitize_text_field( $data['visualizer-source'] );
263+
264+
update_post_meta( $data['id'], Visualizer_Plugin::CF_CHART_TYPE, $chart_type );
265+
update_post_meta( $data['id'], Visualizer_Plugin::CF_SOURCE, $source_type );
254266
update_post_meta( $data['id'], Visualizer_Plugin::CF_DEFAULT_DATA, $data['visualizer-default-data'] );
255267
update_post_meta( $data['id'], Visualizer_Plugin::CF_SERIES, $data['visualizer-series'] );
256268
update_post_meta( $data['id'], Visualizer_Plugin::CF_SETTINGS, $data['visualizer-settings'] );
257269

258270
if ( $data['visualizer-chart-url'] && $data['visualizer-chart-schedule'] ) {
259-
update_post_meta( $data['id'], Visualizer_Plugin::CF_CHART_URL, $data['visualizer-chart-url'] );
260-
apply_filters( 'visualizer_pro_chart_schedule', $data['id'], $data['visualizer-chart-url'], $data['visualizer-chart-schedule'] );
271+
$chart_url = esc_url_raw( $data['visualizer-chart-url'] );
272+
$chart_schedule = intval( $data['visualizer-chart-schedule'] );
273+
update_post_meta( $data['id'], Visualizer_Plugin::CF_CHART_URL, $chart_url );
274+
apply_filters( 'visualizer_pro_chart_schedule', $data['id'], $chart_url, $chart_schedule );
261275
} else {
262276
delete_post_meta( $data['id'], Visualizer_Plugin::CF_CHART_URL );
263277
apply_filters( 'visualizer_pro_remove_schedule', $data['id'] );
@@ -268,7 +282,8 @@ public function update_chart_data( $data ) {
268282
}
269283

270284
if ( $data['visualizer-chart-url'] ) {
271-
$content['source'] = $data['visualizer-chart-url'];
285+
$chart_url = esc_url_raw( $data['visualizer-chart-url'] );
286+
$content['source'] = $chart_url;
272287
$content['data'] = $this->format_chart_data( $data['visualizer-data'], $data['visualizer-series'] );
273288
} else {
274289
$content = $this->format_chart_data( $data['visualizer-data'], $data['visualizer-series'] );

0 commit comments

Comments
 (0)