Add Settings UI (#10)

Author: thefrosty

.gitignore

@@ -1,5 +1,5 @@
 .DS_Store
 composer.lock
 node_modules/
-phpcs.log
 vendor/
+phpcs-report.xml

README.md

@@ -124,11 +124,11 @@ use FrostyMedia\WpRestCop\RestApi\Rules\IpRulesInterface;
 /**
  * Register routes.
  */
-add_action( 'rest_api_init', static function (): void {
+add_action('rest_api_init', static function (): void {
     register_rest_route( 'myplugin/v1', '/internal/(?P<id>\d+)', [
         'methods' => 'GET',
         'callback' => 'my_awesome_expensive_func',
-        'ips' => [
+        IpRulesInterface::IPS => [
             IpRulesInterface::ALLOW => ['192.168.50.4'],
             IpRulesInterface::DENY => ['66.249.66.1'],
         ],
@@ -154,4 +154,3 @@ A few [WP CLI](http://wp-cli.org/) commands are included to configure the plugin
 * Additional rate limit strategies.
 * More route-level capabilities.
 * Advanced access rules.
-* Administration UI.

composer.json

@@ -37,6 +37,7 @@
   },
   "require": {
     "php": "^8.3",
+    "dwnload/wp-settings-api": "^3.11",
     "pimple/pimple": "~3.0",
     "symfony/http-foundation": "^7.1.7",
     "thefrosty/wp-utilities": "^3.3"

src/Cli/RestCop.php

@@ -4,10 +4,11 @@
 
 namespace FrostyMedia\WpRestCop\Cli;
 
-use FrostyMedia\WpRestCop\RestApi\Officer;
+use Dwnload\WpSettingsApi\Api\Options;
 use FrostyMedia\WpRestCop\RestApi\Rules\IpRules;
 use FrostyMedia\WpRestCop\RestApi\Rules\IpRulesInterface;
 use FrostyMedia\WpRestCop\ServiceProvider;
+use FrostyMedia\WpRestCop\Settings\Settings;
 use TheFrosty\WpUtilities\Plugin\ContainerAwareTrait;
 use WP_CLI;
 use function array_diff;
@@ -98,11 +99,11 @@ public function status(): void
             esc_html__('Source', 'wp-rest-cop'),
         ];
 
-        $settings = Officer::getSettings();
+        $settings = Options::getOption(Settings::SETTINGS);
         $action_l10n = esc_html__('ALLOW', 'wp-rest-cop');
         foreach ($this->getRules()->getAllowed() as $ip) {
             $source = 'code';
-            if (in_array($ip, $settings['rules'][IpRulesInterface::ALLOW], true)) {
+            if (in_array($ip, $settings[Settings::SETTING_ALLOW_RULES], true)) {
                 $source = 'option';
             }
 
@@ -112,7 +113,7 @@ public function status(): void
         $action_l10n = esc_html__('DENY', 'wp-rest-cop');
         foreach ($this->getRules()->getDenied() as $ip) {
             $source = 'code';
-            if (in_array($ip, $settings['rules'][IpRulesInterface::DENY], true)) {
+            if (in_array($ip, $settings[Settings::SETTING_DENY_RULES], true)) {
                 $source = 'option';
             }
 
@@ -139,14 +140,14 @@ public function status(): void
      */
     public function set(array $args): void
     {
-        $settings = Officer::getSettings();
+        $settings = Options::getOption(Settings::SETTINGS);
 
-        if (!in_array($args[0], ['interval', 'limit'], true)) {
+        if (!in_array($args[0], [Settings::SETTING_INTERVAL, Settings::SETTING_LIMIT], true)) {
             WP_CLI::error(sprintf(esc_html__('%s is not a valid setting.', 'wp-rest-cop'), $args[0]));
         }
 
         $settings[$args[0]] = (int)$args[1];
-        update_option(Officer::OPTION, $settings);
+        update_option(Settings::SETTINGS, $settings);
         WP_CLI::success(sprintf(esc_html__('Updated %1$s setting to %2$s.', 'wp-rest-cop'), $args[0], $args[1]));
     }
 
@@ -160,12 +161,22 @@ public function set(array $args): void
      */
     protected function updateOption(string $key, array $args, bool $delete = false): void
     {
-        $settings = Officer::getSettings();
-        $ips = $settings['rules'][$key] ?? [];
-        $ips = $delete ? array_diff($ips, $args) : array_merge($ips, $args);
-        $settings['rules'][$key] = array_unique(array_filter($ips));
-
-        update_option(Officer::OPTION, $settings);
+        $update = static function (string $key) use ($args, $delete): void {
+            $settings = Options::getOption(Settings::SETTINGS);
+            $ips = $settings[$key] ?? [];
+            $ips = $delete ? array_diff($ips, $args) : array_merge($ips, $args);
+            $settings[$key] = array_unique(array_filter($ips));
+            update_option(Settings::SETTINGS, $settings);
+        };
+
+        switch ($key) {
+            case IpRulesInterface::ALLOW:
+                $update(Settings::SETTING_ALLOW_RULES);
+                break;
+            case IpRulesInterface::DENY:
+                $update(Settings::SETTING_DENY_RULES);
+                break;
+        }
     }
 
     /**

src/RestApi/Officer.php

@@ -4,9 +4,10 @@
 
 namespace FrostyMedia\WpRestCop\RestApi;
 
-use FrostyMedia\WpRestCop\RestApi\Rules\IpRules;
+use Dwnload\WpSettingsApi\Api\Options;
 use FrostyMedia\WpRestCop\RestApi\Rules\IpRulesInterface;
 use FrostyMedia\WpRestCop\ServiceProvider;
+use FrostyMedia\WpRestCop\Settings\Settings;
 use Psr\Container\ContainerInterface;
 use TheFrosty\WpUtilities\Plugin\AbstractContainerProvider;
 use TheFrosty\WpUtilities\Plugin\HttpFoundationRequestInterface;
@@ -22,13 +23,11 @@
 use function esc_html__;
 use function filter_var;
 use function get_current_user_id;
-use function get_option;
 use function is_user_logged_in;
 use function rest_convert_error_to_response;
 use function sprintf;
 use function update_option;
 use const FILTER_VALIDATE_BOOLEAN;
-use const MINUTE_IN_SECONDS;
 
 /**
  * RateLimit class.
@@ -39,10 +38,6 @@ class Officer extends AbstractContainerProvider implements HttpFoundationRequest
 
     use HttpFoundationRequestTrait;
 
-    public const string OPTION = 'wp_rest_cop_settings';
-    protected const int DEFAULT_INTERVAL = MINUTE_IN_SECONDS;
-    protected const int DEFAULT_LIMIT = MINUTE_IN_SECONDS;
-
     /**
      * Officer constructor.
      * @param ContainerInterface|null $container
@@ -51,21 +46,12 @@ class Officer extends AbstractContainerProvider implements HttpFoundationRequest
      */
     public function __construct(
         ?ContainerInterface $container = null,
-        protected int $interval = self::DEFAULT_INTERVAL,
-        protected int $limit = self::DEFAULT_LIMIT
+        protected int $interval = Settings::DEFAULT_INTERVAL,
+        protected int $limit = Settings::DEFAULT_LIMIT
     ) {
         parent::__construct($container);
     }
 
-    /**
-     * Get the option array.
-     * @return array
-     */
-    public static function getSettings(): array
-    {
-        return get_option(self::OPTION, []);
-    }
-
     /**
      * Add class hooks.
      */
@@ -123,12 +109,12 @@ public function getInterval(): int
 
     /**
      * Set the number of seconds per interval.
-     * @param int $interval Seconds per interval.
+     * @param int|string $interval Seconds per interval.
      * @return $this
      */
-    public function setInterval(int $interval): static
+    public function setInterval(int|string $interval): static
     {
-        $this->interval = $interval;
+        $this->interval = (int)$interval;
         return $this;
     }
 
@@ -143,12 +129,12 @@ public function getLimit(): int
 
     /**
      * Set the number of requests allowed per interval.
-     * @param int $limit Number of requests.
+     * @param int|string $limit Number of requests.
      * @return $this
      */
-    public function setLimit(int $limit): static
+    public function setLimit(int|string $limit): static
     {
-        $this->limit = $limit;
+        $this->limit = (int)$limit;
         return $this;
     }
 
@@ -157,24 +143,19 @@ public function setLimit(int $limit): static
      */
     protected function initializeSettings(): void
     {
-        $settings = self::getSettings();
+        $settings = Options::getOptions(Settings::SETTINGS);
 
         if (empty($settings)) {
             $settings = [
-                'interval' => self::DEFAULT_INTERVAL,
-                'limit' => self::DEFAULT_LIMIT,
-                'rules' => [
-                    IpRulesInterface::ALLOW => [
-                        '127.0.0.1',
-                        '::1',
-                    ],
-                    IpRulesInterface::DENY => [],
-                ],
+                Settings::SETTING_INTERVAL => Settings::DEFAULT_INTERVAL,
+                Settings::SETTING_LIMIT => Settings::DEFAULT_LIMIT,
+                Settings::SETTING_ALLOW_RULES => ['127.0.0.1', '::1'],
+                Settings::SETTING_DENY_RULES => [],
             ];
-            update_option(self::OPTION, $settings);
+            update_option(Settings::SETTINGS, $settings);
         }
 
-        $this->setInterval($settings['interval'])->setLimit($settings['limit']);
+        $this->setInterval($settings[Settings::SETTING_INTERVAL])->setLimit($settings[Settings::SETTING_LIMIT]);
     }
 
     /**
@@ -183,12 +164,11 @@ protected function initializeSettings(): void
      */
     protected function initializeIpRules(): void
     {
-        $settings = self::getSettings();
-        /** @var IpRules $rules */
+        /** @var \FrostyMedia\WpRestCop\RestApi\Rules\IpRules $rules */
         $rules = $this->getContainer()->get(ServiceProvider::IP_RULES);
         $rules
-            ->allow($settings['rules'][IpRulesInterface::ALLOW] ?? '')
-            ->deny($settings['rules'][IpRulesInterface::DENY] ?? '');
+            ->allow(Options::getOption(Settings::SETTING_ALLOW_RULES, Settings::SETTINGS))
+            ->deny(Options::getOption(Settings::SETTING_DENY_RULES, Settings::SETTINGS));
     }
 
     /**
@@ -199,7 +179,7 @@ protected function initializeIpRules(): void
      */
     protected function checkIpRules(WP_Error|bool|null $error): WP_Error|bool|null
     {
-        /** @var IpRules $rules */
+        /** @var \FrostyMedia\WpRestCop\RestApi\Rules\IpRules $rules */
         $rules = $this->getContainer()->get(ServiceProvider::IP_RULES);
         if (!$rules->check($this->getIpAddress())) {
             return $this->getForbiddenError();
@@ -268,11 +248,15 @@ protected function maybeThrottleRequest(
     protected function checkRouteIpRules(mixed $response, WP_REST_Request $request): mixed
     {
         $ips = [];
-        if (!empty($request->get_attributes()['ips'])) {
-            $ips = $request->get_attributes()['ips'];
+        if (!empty($request->get_attributes()[IpRulesInterface::IPS])) {
+            $ips = $request->get_attributes()[IpRulesInterface::IPS];
         }
 
-        $rules = $ips instanceof IpRulesInterface ? $ips : new IpRules($ips);
+        /** @var \FrostyMedia\WpRestCop\RestApi\Rules\IpRules $rules */
+        $rules = $this->getContainer()->get(ServiceProvider::IP_RULES);
+        if (!$ips instanceof IpRulesInterface) {
+            $rules->allow($ips[IpRulesInterface::ALLOW] ?? '')->deny($ips[IpRulesInterface::DENY] ?? '');
+        }
 
         if (!$rules->check($this->getIpAddress())) {
             $response = $this->getForbiddenError();

src/RestApi/Rules/IpRules.php

@@ -12,7 +12,7 @@
 /**
  * IP address rules class.
  * phpcs:disable Squiz.Commenting.FunctionComment.MissingParamTag
- * @package Cedaro\WPRESTCop
+ * @package FrostyMedia\WpRestCop\RestApi\Rules
  */
 class IpRules implements IpRulesInterface
 {
@@ -34,12 +34,12 @@ class IpRules implements IpRulesInterface
      */
     public function __construct(array $rules = [])
     {
-        if (isset($rules['allow'])) {
-            $this->allow($rules['allow']);
+        if (isset($rules[self::ALLOW])) {
+            $this->allow($rules[self::ALLOW]);
         }
 
-        if (isset($rules['deny'])) {
-            $this->deny($rules['deny']);
+        if (isset($rules[self::DENY])) {
+            $this->deny($rules[self::DENY]);
         }
     }
 

src/RestApi/Rules/IpRulesInterface.php

@@ -6,12 +6,13 @@
 
 /**
  * Access rules interface.
- * @package Cedaro\WPRESTCop
+ * @package FrostyMedia\WpRestCop\RestApi\Rules
  */
 interface IpRulesInterface
 {
     public const string ALLOW = 'allow';
     public const string DENY = 'deny';
+    public const string IPS = 'ips';
 
     /**
      * Whether client ID passes allowed and denied checks.