1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
<?php
/**
* Class use to register REST API endpoints used by the WAF
*
* @package automattic/jetpack-waf
*/
namespace Automattic\Jetpack\Waf;
use Automattic\Jetpack\Connection\REST_Connector;
use WP_REST_Server;
/**
* Defines our endponts.
*/
class Waf_Endpoints {
/**
* Get Bootstrap File Path
*
* @return string The path to the Jetpack Firewall's bootstrap.php file.
*/
private static function get_bootstrap_file_path() {
$bootstrap = new Waf_Standalone_Bootstrap();
return $bootstrap->get_bootstrap_file_path();
}
/**
* Has Rules Access
*
* @return bool True when the current site has access to latest firewall rules.
*/
private static function has_rules_access() {
// any site with Jetpack Scan can download new WAF rules
return \Jetpack_Plan::supports( 'scan' );
}
/**
* Register REST API endpoints.
*/
public static function register_endpoints() {
register_rest_route(
'jetpack/v4',
'/waf',
array(
'methods' => WP_REST_Server::READABLE,
'callback' => __CLASS__ . '::waf',
'permission_callback' => __CLASS__ . '::waf_permissions_callback',
)
);
register_rest_route(
'jetpack/v4',
'/waf/update-rules',
array(
'methods' => WP_REST_Server::EDITABLE,
'callback' => __CLASS__ . '::update_rules',
'permission_callback' => __CLASS__ . '::waf_permissions_callback',
)
);
}
/**
* Update rules endpoint
*/
public static function update_rules() {
$success = true;
$message = 'Rules updated succesfully';
try {
Waf_Runner::generate_rules();
} catch ( Exception $e ) {
$success = false;
$message = $e->getMessage();
}
return rest_ensure_response(
array(
'success' => $success,
'message' => $message,
)
);
}
/**
* WAF Endpoint
*/
public static function waf() {
return rest_ensure_response(
array(
'bootstrapPath' => self::get_bootstrap_file_path(),
'hasRulesAccess' => self::has_rules_access(),
)
);
}
/**
* WAF Endpoint Permissions Callback
*
* @return bool|WP_Error True if user can view the Jetpack admin page.
*/
public static function waf_permissions_callback() {
if ( current_user_can( 'jetpack_manage_modules' ) ) {
return true;
}
return new WP_Error(
'invalid_user_permission_manage_modules',
REST_Connector::get_user_permissions_error_msg(),
array( 'status' => rest_authorization_required_code() )
);
}
}
|