updating route helpers (#455)

Author: iruzevic

CHANGELOG.md

@@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file.
 
 This projects adheres to [Semantic Versioning](https://semver.org/) and [Keep a CHANGELOG](https://keepachangelog.com/).
 
+## [10.2.0]
+
+### Added
+
+- New `getRequestParams` helper to extract params from request based on the request type.
+- New `prepareSimpleApiParams` helper to prepare and secure params for simple API endpoints.
+- New `checkUserPermission` helper to check user permission for route action.
+
 ## [10.1.0]
 
 ### Fixed
@@ -839,6 +847,7 @@ Init setup
 - Gutenberg Blocks Registration.
 - Assets Manifest data.
 
+[10.2.0]: https://github.com/infinum/eightshift-libs/compare/10.1.0...10.2.0
 [10.1.0]: https://github.com/infinum/eightshift-libs/compare/10.0.0...10.1.0
 [10.0.0]: https://github.com/infinum/eightshift-libs/compare/9.3.5...10.0.0
 [9.3.5]: https://github.com/infinum/eightshift-libs/compare/9.3.4...9.3.5

src/Helpers/StoreBlocksTrait.php

@@ -106,7 +106,7 @@ public static function getComponents(): array
 	/**
 	 * Get component details.
 	 *
-	 * @param string $component Componennt name to get.
+	 * @param string $component Component name to get.
 	 *
 	 * @throws InvalidBlock If component is missing.
 	 *

src/Rest/Routes/AbstractRoute.php

@@ -10,8 +10,10 @@
 
 namespace EightshiftLibs\Rest\Routes;
 
+use EightshiftLibs\Helpers\Helpers;
 use EightshiftLibs\Services\ServiceInterface;
 use EightshiftLibs\Rest\RouteInterface;
+use WP_REST_Request;
 use WP_REST_Server;
 
 /**
@@ -148,4 +150,86 @@ protected function overrideRoute(): bool
 	{
 		return false;
 	}
+
+
+	/**
+	 * Extract params from request.
+	 * Check if array then output only value that is not empty.
+	 *
+	 * @param WP_REST_Request $request $request Data got from endpoint url.
+	 * @param string $type Request type.
+	 *
+	 * @return array<string, mixed>
+	 */
+	protected function getRequestParams(WP_REST_Request $request, string $type = self::CREATABLE): array
+	{
+		// Check type of request and extract params.
+		switch ($type) {
+			case self::CREATABLE:
+				$params = $request->get_body_params();
+				break;
+			case self::READABLE:
+				$params = $request->get_params();
+				break;
+			default:
+				$params = [];
+				break;
+		}
+
+		// Check if request maybe has json params usually sent by the Block editor.
+		if ($request->get_json_params()) {
+			$params = \array_merge(
+				$params,
+				$request->get_json_params(),
+			);
+		}
+
+		return $params;
+	}
+
+	/**
+	 * Convert JS FormData object to usable data in php.
+	 *
+	 * @param WP_REST_Request $request $request Data got from endpoint url.
+	 * @param string $type Request type.
+	 *
+	 * @return array<string, mixed>
+	 */
+	protected function prepareSimpleApiParams(WP_REST_Request $request, string $type = self::CREATABLE): array
+	{
+		// Get params.
+		$params = $this->getRequestParams($request, $type);
+
+		// Bailout if there are no params.
+		if (!$params) {
+			return [];
+		}
+
+		return \array_map(
+			static function ($item) {
+				return \sanitize_text_field($item);
+			},
+			$params
+		);
+	}
+
+	/**
+	 * Check user permission for route action.
+	 *
+	 * @param string $permission Permission to check.
+	 * @param array<string, mixed> $additional Additional data to pass.
+	 *
+	 * @return array<string, mixed>
+	 */
+	protected function checkUserPermission(string $permission, array $additional = []): array
+	{
+		if (\current_user_can($permission)) {
+			return [];
+		}
+
+		return Helpers::getApiErrorPublicOutput(
+			\__('You don\'t have enough permissions to perform this action!', 'eightshift-libs'),
+			$additional
+		);
+	}
 }