Implement AJAX handler for admin bar pull button and remove REST API endpoint for pulling pages
This commit is contained in:
Matt Batchelder
@@ -29,6 +29,18 @@ add_action( 'admin_bar_menu', function ( WP_Admin_Bar $wp_admin_bar ) {
|
|||||||
] );
|
] );
|
||||||
}, 100 );
|
}, 100 );
|
||||||
|
|
||||||
|
// AJAX handler for the admin bar pull button (no REST API exposure)
|
||||||
|
add_action( 'wp_ajax_oribi_sync_pull_page', function () {
|
||||||
|
check_ajax_referer( 'oribi_sync_pull_page' );
|
||||||
|
if ( ! current_user_can( 'manage_options' ) ) wp_send_json_error( 'Permission denied.', 403 );
|
||||||
|
|
||||||
|
$post_id = (int) ( $_POST['post_id'] ?? 0 );
|
||||||
|
if ( $post_id < 1 ) wp_send_json_error( 'Missing or invalid post_id.', 400 );
|
||||||
|
|
||||||
|
$result = oribi_sync_pull_page_from_repo( $post_id );
|
||||||
|
$result['ok'] ? wp_send_json_success( $result ) : wp_send_json_error( $result, 500 );
|
||||||
|
} );
|
||||||
|
|
||||||
// Front-end script that wires up the admin bar pull button
|
// Front-end script that wires up the admin bar pull button
|
||||||
add_action( 'wp_footer', function () {
|
add_action( 'wp_footer', function () {
|
||||||
if ( ! is_user_logged_in() ) return;
|
if ( ! is_user_logged_in() ) return;
|
||||||
@@ -39,9 +51,9 @@ add_action( 'wp_footer', function () {
|
|||||||
$post = get_queried_object();
|
$post = get_queried_object();
|
||||||
if ( ! $post instanceof WP_Post ) return;
|
if ( ! $post instanceof WP_Post ) return;
|
||||||
|
|
||||||
$api_url = rest_url( 'oribi-sync/v1/pull-page' );
|
$ajax_url = admin_url( 'admin-ajax.php' );
|
||||||
$nonce = wp_create_nonce( 'wp_rest' );
|
$nonce = wp_create_nonce( 'oribi_sync_pull_page' );
|
||||||
$post_id = (int) $post->ID;
|
$post_id = (int) $post->ID;
|
||||||
?>
|
?>
|
||||||
<script>
|
<script>
|
||||||
(function () {
|
(function () {
|
||||||
@@ -57,18 +69,21 @@ add_action( 'wp_footer', function () {
|
|||||||
if (link) { link.style.opacity = '0.5'; link.style.pointerEvents = 'none'; }
|
if (link) { link.style.opacity = '0.5'; link.style.pointerEvents = 'none'; }
|
||||||
if (label) { label.textContent = 'Pulling…'; }
|
if (label) { label.textContent = 'Pulling…'; }
|
||||||
|
|
||||||
fetch(<?php echo wp_json_encode( $api_url ); ?>, {
|
var data = new URLSearchParams({
|
||||||
|
action: 'oribi_sync_pull_page',
|
||||||
|
_ajax_nonce: <?php echo wp_json_encode( $nonce ); ?>,
|
||||||
|
post_id: <?php echo $post_id; ?>
|
||||||
|
});
|
||||||
|
|
||||||
|
fetch(<?php echo wp_json_encode( $ajax_url ); ?>, {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
credentials: 'same-origin',
|
credentials: 'same-origin',
|
||||||
headers: {
|
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
||||||
'Content-Type': 'application/json',
|
body: data.toString()
|
||||||
'X-WP-Nonce': <?php echo wp_json_encode( $nonce ); ?>
|
|
||||||
},
|
|
||||||
body: JSON.stringify({ post_id: <?php echo $post_id; ?> })
|
|
||||||
})
|
})
|
||||||
.then(function (r) { return r.json(); })
|
.then(function (r) { return r.json(); })
|
||||||
.then(function () {
|
.then(function () {
|
||||||
// Hard reload — append a cache-busting param to force a fresh response
|
// Hard reload — cache-busting param forces a fresh response
|
||||||
var url = new URL(window.location.href);
|
var url = new URL(window.location.href);
|
||||||
url.searchParams.set('_nocache', Date.now());
|
url.searchParams.set('_nocache', Date.now());
|
||||||
window.location.replace(url.toString());
|
window.location.replace(url.toString());
|
||||||
|
|||||||
@@ -48,15 +48,6 @@ add_action( 'rest_api_init', function () {
|
|||||||
},
|
},
|
||||||
] );
|
] );
|
||||||
|
|
||||||
// ── Pull single page + theme ───────────────────────────────────────────
|
|
||||||
register_rest_route( 'oribi-sync/v1', '/pull-page', [
|
|
||||||
'methods' => 'POST',
|
|
||||||
'callback' => 'oribi_sync_rest_pull_page',
|
|
||||||
'permission_callback' => function () {
|
|
||||||
return current_user_can( 'manage_options' );
|
|
||||||
},
|
|
||||||
] );
|
|
||||||
|
|
||||||
// ── Webhook (secret-based auth, no WP login required) ─────────────────
|
// ── Webhook (secret-based auth, no WP login required) ─────────────────
|
||||||
register_rest_route( 'oribi-sync/v1', '/webhook', [
|
register_rest_route( 'oribi-sync/v1', '/webhook', [
|
||||||
'methods' => 'POST',
|
'methods' => 'POST',
|
||||||
@@ -95,20 +86,6 @@ function oribi_sync_rest_status(): WP_REST_Response {
|
|||||||
] );
|
] );
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* REST: Pull a single page and theme from the repo.
|
|
||||||
*/
|
|
||||||
function oribi_sync_rest_pull_page( WP_REST_Request $request ): WP_REST_Response {
|
|
||||||
$post_id = (int) $request->get_param( 'post_id' );
|
|
||||||
if ( $post_id < 1 ) {
|
|
||||||
return new WP_REST_Response( [ 'ok' => false, 'message' => 'Missing or invalid post_id.' ], 400 );
|
|
||||||
}
|
|
||||||
|
|
||||||
$result = oribi_sync_pull_page_from_repo( $post_id );
|
|
||||||
|
|
||||||
return new WP_REST_Response( $result, $result['ok'] ? 200 : 500 );
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* REST: Webhook trigger.
|
* REST: Webhook trigger.
|
||||||
*
|
*
|
||||||
|
|||||||
Reference in New Issue
Block a user