Merge branch 'main' into feature/wp-debug-provider-trace

Author: superdav42

ai-agent-for-wp.php

@@ -33,6 +33,24 @@
  */
 define( 'GRATIS_AI_AGENT_DEFAULT_MODEL', 'claude-sonnet-4' );
 
+// ── Feature flags ─────────────────────────────────────────────────────────────
+// Each constant defaults to `true` (enabled) when not defined.
+// Resellers / site owners can disable individual features by adding
+// `define( 'GRATIS_AI_AGENT_FEATURE_<NAME>', false );` to wp-config.php
+// before the plugin loads.
+
+/**
+ * Feature: white-label branding — agent name, brand colours, logo URL.
+ * When false, the Branding section is hidden and branding CSS vars are not set.
+ */
+defined( 'GRATIS_AI_AGENT_FEATURE_BRANDING' ) || define( 'GRATIS_AI_AGENT_FEATURE_BRANDING', true );
+
+/**
+ * Feature: role-based access control — who can access the AI agent.
+ * When false, the Role Permissions manager and its REST routes are disabled.
+ */
+defined( 'GRATIS_AI_AGENT_FEATURE_ACCESS_CONTROL' ) || define( 'GRATIS_AI_AGENT_FEATURE_ACCESS_CONTROL', true );
+
 // Load Jetpack Autoloader for PSR-4 autoloading with version conflict resolution.
 // Jetpack Autoloader ensures the newest version of shared packages (like php-ai-client) is used.
 if ( file_exists( GRATIS_AI_AGENT_DIR . '/vendor/autoload_packages.php' ) ) {

includes/Admin/FloatingWidget.php

@@ -13,6 +13,7 @@
 
 namespace GratisAiAgent\Admin;
 
+use GratisAiAgent\Core\Features;
 use GratisAiAgent\Core\FreshInstallDetector;
 use GratisAiAgent\Core\Settings;
 
@@ -160,23 +161,26 @@ private static function enqueue_widget_assets(): void {
 		);
 
 		// Pass white-label branding values to the widget (t075).
-		$branding = Settings::instance()->get();
-		wp_localize_script(
-			'gratis-ai-agent-floating-widget',
-			'gratisAiAgentBranding',
-			array(
-				// @phpstan-ignore-next-line
-				'agentName'       => (string) ( $branding['agent_name'] ?? '' ),
-				// @phpstan-ignore-next-line
-				'primaryColor'    => (string) ( $branding['brand_primary_color'] ?? '' ),
-				// @phpstan-ignore-next-line
-				'textColor'       => (string) ( $branding['brand_text_color'] ?? '' ),
-				// @phpstan-ignore-next-line
-				'logoUrl'         => (string) ( $branding['brand_logo_url'] ?? '' ),
-				// @phpstan-ignore-next-line
-				'greetingMessage' => (string) ( $branding['greeting_message'] ?? '' ),
-			)
-		);
+		// Only applied when the branding feature is enabled.
+		if ( Features::is_enabled( Features::BRANDING ) ) {
+			$branding = Settings::instance()->get();
+			wp_localize_script(
+				'gratis-ai-agent-floating-widget',
+				'gratisAiAgentBranding',
+				array(
+					// @phpstan-ignore-next-line
+					'agentName'       => (string) ( $branding['agent_name'] ?? '' ),
+					// @phpstan-ignore-next-line
+					'primaryColor'    => (string) ( $branding['brand_primary_color'] ?? '' ),
+					// @phpstan-ignore-next-line
+					'textColor'       => (string) ( $branding['brand_text_color'] ?? '' ),
+					// @phpstan-ignore-next-line
+					'logoUrl'         => (string) ( $branding['brand_logo_url'] ?? '' ),
+					// @phpstan-ignore-next-line
+					'greetingMessage' => (string) ( $branding['greeting_message'] ?? '' ),
+				)
+			);
+		}
 
 		wp_localize_script(
 			'gratis-ai-agent-floating-widget',

includes/Admin/UnifiedAdminMenu.php

@@ -13,6 +13,8 @@
 
 namespace GratisAiAgent\Admin;
 
+use GratisAiAgent\Core\Features;
+
 if ( ! defined( 'ABSPATH' ) ) {
 	exit;
 }
@@ -314,6 +316,9 @@ function () {
 				// Provider trace is a debug-only feature. The JS settings page reads
 				// this flag to show or hide the Provider Trace tab.
 				'wpDebug'             => defined( 'WP_DEBUG' ) && WP_DEBUG ? '1' : '',
+				// Feature flags — mirrors Features::all() so JS can gate UI sections
+				// without waiting for the /settings REST response.
+				'features'            => Features::all(),
 			)
 		);
 	}

includes/Core/Features.php

@@ -0,0 +1,94 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * Feature-flag registry.
+ *
+ * Each feature is backed by a PHP constant that site owners (or resellers)
+ * can define in wp-config.php before the plugin loads. The constants default
+ * to `true` so stock installations retain all functionality; setting one to
+ * `false` disables the corresponding UI and REST surface.
+ *
+ * Defined constants (all default true):
+ *  - GRATIS_AI_AGENT_FEATURE_BRANDING      — White-label / branding settings:
+ *    agent name, brand colours, logo URL, greeting message.
+ *  - GRATIS_AI_AGENT_FEATURE_ACCESS_CONTROL — Role-based access control:
+ *    the Role Permissions manager and its /role-permissions REST routes.
+ *
+ * Usage example (wp-config.php):
+ *   define( 'GRATIS_AI_AGENT_FEATURE_BRANDING', false );
+ *
+ * @package GratisAiAgent
+ * @license GPL-2.0-or-later
+ */
+
+namespace GratisAiAgent\Core;
+
+if ( ! defined( 'ABSPATH' ) ) {
+	exit;
+}
+
+final class Features {
+
+	/**
+	 * Feature: white-label branding (agent name, colours, logo).
+	 * Constant: GRATIS_AI_AGENT_FEATURE_BRANDING
+	 */
+	const BRANDING = 'branding';
+
+	/**
+	 * Feature: role-based access control (Role Permissions manager).
+	 * Constant: GRATIS_AI_AGENT_FEATURE_ACCESS_CONTROL
+	 */
+	const ACCESS_CONTROL = 'access_control';
+
+	/**
+	 * Map of feature name → backing constant name.
+	 *
+	 * @var array<string, string>
+	 */
+	private const CONSTANT_MAP = array(
+		self::BRANDING        => 'GRATIS_AI_AGENT_FEATURE_BRANDING',
+		self::ACCESS_CONTROL  => 'GRATIS_AI_AGENT_FEATURE_ACCESS_CONTROL',
+	);
+
+	/**
+	 * Check whether a feature is enabled.
+	 *
+	 * Returns `true` when the backing constant is not defined (default-on).
+	 * Returns `(bool) CONSTANT_VALUE` when the constant is defined.
+	 *
+	 * @param string $feature One of the Features::* class constants.
+	 * @return bool
+	 */
+	public static function is_enabled( string $feature ): bool {
+		$constant = self::CONSTANT_MAP[ $feature ] ?? null;
+
+		if ( null === $constant ) {
+			// Unknown feature — fail open (enabled) to avoid breaking valid calls.
+			return true;
+		}
+
+		if ( ! defined( $constant ) ) {
+			// Constant not set by the site owner → default enabled.
+			return true;
+		}
+
+		return (bool) constant( $constant );
+	}
+
+	/**
+	 * Return a map of all features and their current enabled state.
+	 *
+	 * Suitable for serialising into REST responses or wp_localize_script data.
+	 *
+	 * @return array<string, bool>
+	 */
+	public static function all(): array {
+		$result = array();
+		foreach ( array_keys( self::CONSTANT_MAP ) as $feature ) {
+			$result[ $feature ] = self::is_enabled( $feature );
+		}
+		return $result;
+	}
+}

includes/Core/Settings.php

@@ -50,13 +50,6 @@ class Settings {
 	 */
 	const GSC_CREDENTIALS_OPTION = 'gratis_ai_agent_gsc_credentials';
 
-	/**
-	 * Option name for the feedback-report receiver API key.
-	 * Stored separately from general settings to avoid leaking the credential
-	 * through the GET /settings endpoint.
-	 */
-	const FEEDBACK_API_KEY_OPTION = 'gratis_ai_agent_feedback_api_key';
-
 	/**
 	 * Supported direct providers with their metadata.
 	 */
@@ -322,9 +315,6 @@ public function get_defaults(): array {
 			// Provider trace / debug mode (GH#830).
 			'provider_trace_enabled'   => false,
 			'provider_trace_max_rows'  => 200,
-			// Feedback report receiver settings (t180).
-			'feedback_enabled'         => false,
-			'feedback_endpoint_url'    => 'https://ultimateagentwp.ai/wp-json/gratis-ai-server/v1/reports',
 			// Skill auto-update settings (t218).
 			'skill_auto_update'        => true,
 			'skill_manifest_url'       => '',
@@ -542,44 +532,6 @@ public function update( array $data ): bool {
 		return update_option( self::OPTION_NAME, $merged );
 	}
 
-	/**
-	 * Get the stored feedback-report receiver API key.
-	 *
-	 * The key is intentionally stored in a dedicated option so it is never
-	 * returned by GET /settings and cannot leak through the JSON response.
-	 *
-	 * @return string Empty string when not configured.
-	 */
-	public function get_feedback_api_key(): string {
-		$key = get_option( self::FEEDBACK_API_KEY_OPTION, '' );
-		return is_string( $key ) ? $key : '';
-	}
-
-	/**
-	 * Persist the feedback-report receiver API key.
-	 *
-	 * Pass an empty string to clear the credential.
-	 *
-	 * @param string $api_key The API key value.
-	 * @return bool True on success.
-	 */
-	public function set_feedback_api_key( string $api_key ): bool {
-		if ( '' === $api_key ) {
-			return delete_option( self::FEEDBACK_API_KEY_OPTION );
-		}
-
-		return update_option( self::FEEDBACK_API_KEY_OPTION, $api_key );
-	}
-
-	/**
-	 * Check whether a feedback-report receiver API key is configured.
-	 *
-	 * @return bool
-	 */
-	public function has_feedback_api_key(): bool {
-		return '' !== $this->get_feedback_api_key();
-	}
-
 	// ── WooCommerce ability auto-enable ───────────────────────────────────────
 
 	/**

includes/Feedback/ReportSender.php

@@ -4,70 +4,47 @@
 /**
  * Feedback report HTTP sender.
  *
- * Forwards the sanitized payload to the configured feedback endpoint using
+ * Forwards the sanitized payload to the hardcoded feedback endpoint using
  * wp_remote_post(). Errors are returned as WP_Error objects; callers should
  * not crash on send failures (a broken feedback channel must never interrupt
  * normal plugin operation).
  *
+ * The endpoint is fixed — no API key is required. User consent is collected
+ * per submission via the feedback-consent modal before this method is called.
+ *
  * @package GratisAiAgent\Feedback
  * @license GPL-2.0-or-later
  */
 
 namespace GratisAiAgent\Feedback;
 
-use GratisAiAgent\Core\Settings;
 use WP_Error;
 
 class ReportSender {
 
 	/**
-	 * Send a sanitized report payload to the configured feedback endpoint.
+	 * Hardcoded feedback endpoint URL.
 	 *
-	 * @param array<string, mixed> $payload    Sanitized payload from ReportSanitizer::sanitize().
-	 * @param bool                 $force_send Bypass the enabled check. Set to true for manual user submissions
-	 *                                     from the feedback form; false for automatic background reporting.
-	 * @return true|WP_Error True on success (2xx response), WP_Error on failure.
+	 * Reports are always sent here. No configuration or API key is required.
 	 */
-	public static function send( array $payload, bool $force_send = false ): true|WP_Error {
-		$endpoint_url = (string) ( Settings::instance()->get( 'feedback_endpoint_url' ) ?? '' );
-
-		// Skip enabled check when $force_send is true (manual form submissions).
-		// The setting only controls automatic/batch feedback reporting.
-		if ( ! $force_send ) {
-			$enabled = (bool) ( Settings::instance()->get( 'feedback_enabled' ) ?? false );
-
-			if ( ! $enabled ) {
-				return new WP_Error( 'feedback_disabled', 'Feedback reporting is not enabled in Settings.' );
-			}
-		}
-
-		if ( '' === $endpoint_url ) {
-			return new WP_Error( 'feedback_no_endpoint', 'No feedback endpoint URL configured.' );
-		}
-
-		if ( ! filter_var( $endpoint_url, FILTER_VALIDATE_URL ) ) {
-			return new WP_Error( 'feedback_invalid_url', 'Configured feedback endpoint URL is not valid.' );
-		}
-
-		$api_key = Settings::instance()->get_feedback_api_key();
-
-		$headers = array(
-			'Content-Type' => 'application/json',
-		);
-
-		if ( '' !== $api_key ) {
-			$headers['X-Feedback-Api-Key'] = $api_key;
-		}
+	const ENDPOINT_URL = 'https://ultimateagentwp.ai/wp-json/gratis-ai-server/v1/reports';
 
+	/**
+	 * Send a sanitized report payload to the feedback endpoint.
+	 *
+	 * @param array<string, mixed> $payload Sanitized payload from ReportSanitizer::sanitize().
+	 * @return true|WP_Error True on success (2xx response), WP_Error on failure.
+	 */
+	public static function send( array $payload ): true|WP_Error {
 		$body = wp_json_encode( $payload );
 		if ( false === $body ) {
 			return new WP_Error( 'feedback_encode_error', 'Failed to JSON-encode the report payload.' );
 		}
 
 		$response = wp_remote_post(
-			$endpoint_url,
+			self::ENDPOINT_URL,
 			array(
-				'headers' => $headers,
+				'headers' => array( 'Content-Type' => 'application/json' ),
 				'body'    => $body,
 				'timeout' => 15,
 			)

includes/REST/FeedbackController.php

@@ -149,20 +149,13 @@ public function handle_send( WP_REST_Request $request ): WP_REST_Response|WP_Err
 		}
 
 		$sanitized = ReportSanitizer::sanitize( $payload );
-		$result    = ReportSender::send( $sanitized, true ); // Force send for manual user submissions.
+		$result    = ReportSender::send( $sanitized );
 
 		if ( is_wp_error( $result ) ) {
-			$http_status = 500;
-			$error_code  = $result->get_error_code();
-
-			if ( in_array( $error_code, array( 'feedback_disabled', 'feedback_no_endpoint', 'feedback_invalid_url' ), true ) ) {
-				$http_status = 422;
-			}
-
 			return new WP_Error(
-				$error_code,
+				$result->get_error_code(),
 				$result->get_error_message(),
-				array( 'status' => $http_status )
+				array( 'status' => 500 )
 			);
 		}