Conversation
github-actions
bot
added
changelog: add
…facebook-for-woocommerce into add/2260-hpos-compatibility
rawdreeg
approved these changes
Oct 31, 2022
Contributor
rawdreeg
left a comment
rawdreeg
left a comment
There was a problem hiding this comment.
Thanks, @ibndawood. I could verify facebook-for-woocommerce-modal, wc-facebook-google-product-category-fields and tmpl-facebook-for-woocommerce-modal are enqueued correctly enqueued.
1 task
Merged
facebook-github-bot
pushed a commit
that referenced
this pull request
Mar 20, 2025
Summary: # Add REST API Framework for local APIs called by AJAX ## Changes proposed in this Pull Request: - Introduces a comprehensive REST API framework for Facebook for WooCommerce - Migrates existing API functionality to the new structured system - Improves security with proper nonce handling and request validation - Adds JavaScript integration for secure client-side API calls - Provides extensive documentation for future development Closes #2345 (Replace with actual issue number if applicable) ## Description This PR introduces a new REST API framework for Facebook for WooCommerce that provides a structured, secure, and extensible way to handle API requests between the WordPress admin and Facebook services. The previous implementation used ad-hoc REST endpoints with inconsistent validation and error handling. This new framework standardizes how we define endpoints, validate requests, and expose functionality to JavaScript, making the codebase more maintainable and secure. ### Key Components 1. **Controller** (`includes/API/REST/Controller.php`): - Central registry for all REST API endpoints - Manages endpoint registration and initialization - Maintains constants for endpoint handlers and JS-enabled requests 2. **AbstractRESTEndpoint** (`includes/API/REST/AbstractRESTEndpoint.php`): - Base class for all endpoint handlers - Provides common functionality for permission checks and response formatting - Handles JS API definitions generation 3. **Request** (`includes/API/REST/Request.php`): - Base class for request validation and parameter handling - Sanitizes and validates all incoming data - Provides structured access to request parameters 4. **JS_Exposable** (`includes/API/REST/Traits/JS_Exposable.php`): - Trait for exposing endpoints to JavaScript - Defines interface for JS API integration - Generates API definitions for client-side consumption 5. **InitializeRestAPI** (`includes/API/REST/InitializeRestAPI.php`): - Initializes the REST API framework - Generates JavaScript API definitions - Handles script enqueuing and localization ### Security Improvements The new framework significantly improves security: - Nonces are no longer exposed globally in JavaScript - Each page that needs API access creates its own API client with a fresh nonce - All request parameters are properly validated and sanitized - Structured error handling prevents leaking sensitive information - Clear separation between public and private endpoints ### Migration Strategy We've migrated the existing functionality from `MetaExtension` to the new framework: - Settings update endpoint (`/settings/update`) - Uninstall endpoint (`/settings/uninstall`) The Connection screen has been updated to use the new API framework, ensuring backward compatibility while leveraging the improved architecture. ## Do the changed files pass phpcs checks? Yes, all new and modified files pass phpcs checks. No phpcs:ignore comments were added. ## Screenshots [Validating old functionality is not broken]   ## Detailed test instructions ### 1. Basic Functionality 1. Install and activate the plugin 2. Go to WooCommerce > Facebook 3. Verify the connection page loads correctly with no JavaScript errors 4. Check browser console for any errors related to API initialization ### 2. Legacy Connection Flow 1. If not connected, click "Get Started" 2. Complete the Facebook connection flow 3. Verify you're redirected back to WooCommerce and connection is established 4. Check that catalog ID, pixel ID, and other settings are properly saved 5. Verify the connection details are displayed correctly on the settings page ### 3. Enhanced Onboarding 1. Connect to Facebook using the enhanced onboarding flow 2. Verify the iframe splash page loads correctly and displays the Facebook onboarding interface 3. Complete the connection process through the iframe 4. Verify the connection to MICE is established and settings are saved correctly 5. Check that the iframe resizes properly when content changes ### 4. Disconnection Flow 1. With an active connection, click "Disconnect" 2. Confirm the disconnection in the confirmation dialog 3. Verify all Facebook integration settings are cleared 4. Verify the connection page returns to the unconnected state 5. Verify you can reconnect successfully after disconnection ### 5. JavaScript API Testing 1. Open browser developer tools (F12) 2. Go to Console tab 3. Test API client creation: ```javascript // Get a fresh nonce (you'll need to be on the settings page) const nonce = wp_create_nonce('wp_rest'); // Create API client const fbAPI = FacebookWooCommerceAPIFactory(nonce); // Examine available methods console.log(Object.keys(fbAPI)); ``` 4. Test uninstall endpoint (only if you're willing to disconnect): ```javascript fbAPI.uninstallSettings() .then(response => console.log('Success:', response)) .catch(error => console.error('Error:', error)); ``` 5. Verify the page reloads and connection is removed ### 6. Error Handling 1. Test invalid API calls to verify error handling: ```javascript // Missing required parameters fbAPI.updateSettings({}) .then(response => console.log('Success:', response)) .catch(error => console.log('Error correctly caught:', error)); ``` 2. Verify appropriate error messages are displayed ## Additional details - The framework is designed to be extensible, making it easy to add new endpoints in the future - Comprehensive documentation on new endpoint process is provided in `includes/API/REST/README.md` Pull Request resolved: #2928 Test Plan: Imported from GitHub, without a `Test Plan:` line. **!---- (auto-generated) DO NOT EDIT OR PUT ANYTHING AFTER THIS LINE ----!** MFTRunTestsScript Run / Test Suite: sa_checkout / Test Collection: www / Diff Version V9 https://internalfb.com/intern/testinfra/testrun/9570149282153152 MFTRunTestsScript Run / Test Suite: sa_checkout / Test Collection: bloks / Diff Version V9 https://internalfb.com/intern/testinfra/testrun/1970325111022726 Reviewed By: vinkmeta Differential Revision: D70733325 Pulled By: sol-loup fbshipit-source-id: f2275644ac6447d3940294d916020f1a484ca92e
SayanPandey
pushed a commit
to SayanPandey/facebook-for-woocommerce
that referenced
this pull request
Apr 1, 2025
Summary: # Add REST API Framework for local APIs called by AJAX ## Changes proposed in this Pull Request: - Introduces a comprehensive REST API framework for Facebook for WooCommerce - Migrates existing API functionality to the new structured system - Improves security with proper nonce handling and request validation - Adds JavaScript integration for secure client-side API calls - Provides extensive documentation for future development Closes facebook#2345 (Replace with actual issue number if applicable) ## Description This PR introduces a new REST API framework for Facebook for WooCommerce that provides a structured, secure, and extensible way to handle API requests between the WordPress admin and Facebook services. The previous implementation used ad-hoc REST endpoints with inconsistent validation and error handling. This new framework standardizes how we define endpoints, validate requests, and expose functionality to JavaScript, making the codebase more maintainable and secure. ### Key Components 1. **Controller** (`includes/API/REST/Controller.php`): - Central registry for all REST API endpoints - Manages endpoint registration and initialization - Maintains constants for endpoint handlers and JS-enabled requests 2. **AbstractRESTEndpoint** (`includes/API/REST/AbstractRESTEndpoint.php`): - Base class for all endpoint handlers - Provides common functionality for permission checks and response formatting - Handles JS API definitions generation 3. **Request** (`includes/API/REST/Request.php`): - Base class for request validation and parameter handling - Sanitizes and validates all incoming data - Provides structured access to request parameters 4. **JS_Exposable** (`includes/API/REST/Traits/JS_Exposable.php`): - Trait for exposing endpoints to JavaScript - Defines interface for JS API integration - Generates API definitions for client-side consumption 5. **InitializeRestAPI** (`includes/API/REST/InitializeRestAPI.php`): - Initializes the REST API framework - Generates JavaScript API definitions - Handles script enqueuing and localization ### Security Improvements The new framework significantly improves security: - Nonces are no longer exposed globally in JavaScript - Each page that needs API access creates its own API client with a fresh nonce - All request parameters are properly validated and sanitized - Structured error handling prevents leaking sensitive information - Clear separation between public and private endpoints ### Migration Strategy We've migrated the existing functionality from `MetaExtension` to the new framework: - Settings update endpoint (`/settings/update`) - Uninstall endpoint (`/settings/uninstall`) The Connection screen has been updated to use the new API framework, ensuring backward compatibility while leveraging the improved architecture. ## Do the changed files pass phpcs checks? Yes, all new and modified files pass phpcs checks. No phpcs:ignore comments were added. ## Screenshots [Validating old functionality is not broken]   ## Detailed test instructions ### 1. Basic Functionality 1. Install and activate the plugin 2. Go to WooCommerce > Facebook 3. Verify the connection page loads correctly with no JavaScript errors 4. Check browser console for any errors related to API initialization ### 2. Legacy Connection Flow 1. If not connected, click "Get Started" 2. Complete the Facebook connection flow 3. Verify you're redirected back to WooCommerce and connection is established 4. Check that catalog ID, pixel ID, and other settings are properly saved 5. Verify the connection details are displayed correctly on the settings page ### 3. Enhanced Onboarding 1. Connect to Facebook using the enhanced onboarding flow 2. Verify the iframe splash page loads correctly and displays the Facebook onboarding interface 3. Complete the connection process through the iframe 4. Verify the connection to MICE is established and settings are saved correctly 5. Check that the iframe resizes properly when content changes ### 4. Disconnection Flow 1. With an active connection, click "Disconnect" 2. Confirm the disconnection in the confirmation dialog 3. Verify all Facebook integration settings are cleared 4. Verify the connection page returns to the unconnected state 5. Verify you can reconnect successfully after disconnection ### 5. JavaScript API Testing 1. Open browser developer tools (F12) 2. Go to Console tab 3. Test API client creation: ```javascript // Get a fresh nonce (you'll need to be on the settings page) const nonce = wp_create_nonce('wp_rest'); // Create API client const fbAPI = FacebookWooCommerceAPIFactory(nonce); // Examine available methods console.log(Object.keys(fbAPI)); ``` 4. Test uninstall endpoint (only if you're willing to disconnect): ```javascript fbAPI.uninstallSettings() .then(response => console.log('Success:', response)) .catch(error => console.error('Error:', error)); ``` 5. Verify the page reloads and connection is removed ### 6. Error Handling 1. Test invalid API calls to verify error handling: ```javascript // Missing required parameters fbAPI.updateSettings({}) .then(response => console.log('Success:', response)) .catch(error => console.log('Error correctly caught:', error)); ``` 2. Verify appropriate error messages are displayed ## Additional details - The framework is designed to be extensible, making it easy to add new endpoints in the future - Comprehensive documentation on new endpoint process is provided in `includes/API/REST/README.md` Pull Request resolved: facebook#2928 Test Plan: Imported from GitHub, without a `Test Plan:` line. **!---- (auto-generated) DO NOT EDIT OR PUT ANYTHING AFTER THIS LINE ----!** MFTRunTestsScript Run / Test Suite: sa_checkout / Test Collection: www / Diff Version V9 https://internalfb.com/intern/testinfra/testrun/9570149282153152 MFTRunTestsScript Run / Test Suite: sa_checkout / Test Collection: bloks / Diff Version V9 https://internalfb.com/intern/testinfra/testrun/1970325111022726 Reviewed By: vinkmeta Differential Revision: D70733325 Pulled By: sol-loup fbshipit-source-id: f2275644ac6447d3940294d916020f1a484ca92e
This was referenced Apr 10, 2025
Closed
Closed
mradmeta
pushed a commit
that referenced
this pull request
Apr 14, 2025
Summary: # Add REST API Framework for local APIs called by AJAX ## Changes proposed in this Pull Request: - Introduces a comprehensive REST API framework for Facebook for WooCommerce - Migrates existing API functionality to the new structured system - Improves security with proper nonce handling and request validation - Adds JavaScript integration for secure client-side API calls - Provides extensive documentation for future development Closes #2345 (Replace with actual issue number if applicable) ## Description This PR introduces a new REST API framework for Facebook for WooCommerce that provides a structured, secure, and extensible way to handle API requests between the WordPress admin and Facebook services. The previous implementation used ad-hoc REST endpoints with inconsistent validation and error handling. This new framework standardizes how we define endpoints, validate requests, and expose functionality to JavaScript, making the codebase more maintainable and secure. ### Key Components 1. **Controller** (`includes/API/REST/Controller.php`): - Central registry for all REST API endpoints - Manages endpoint registration and initialization - Maintains constants for endpoint handlers and JS-enabled requests 2. **AbstractRESTEndpoint** (`includes/API/REST/AbstractRESTEndpoint.php`): - Base class for all endpoint handlers - Provides common functionality for permission checks and response formatting - Handles JS API definitions generation 3. **Request** (`includes/API/REST/Request.php`): - Base class for request validation and parameter handling - Sanitizes and validates all incoming data - Provides structured access to request parameters 4. **JS_Exposable** (`includes/API/REST/Traits/JS_Exposable.php`): - Trait for exposing endpoints to JavaScript - Defines interface for JS API integration - Generates API definitions for client-side consumption 5. **InitializeRestAPI** (`includes/API/REST/InitializeRestAPI.php`): - Initializes the REST API framework - Generates JavaScript API definitions - Handles script enqueuing and localization ### Security Improvements The new framework significantly improves security: - Nonces are no longer exposed globally in JavaScript - Each page that needs API access creates its own API client with a fresh nonce - All request parameters are properly validated and sanitized - Structured error handling prevents leaking sensitive information - Clear separation between public and private endpoints ### Migration Strategy We've migrated the existing functionality from `MetaExtension` to the new framework: - Settings update endpoint (`/settings/update`) - Uninstall endpoint (`/settings/uninstall`) The Connection screen has been updated to use the new API framework, ensuring backward compatibility while leveraging the improved architecture. ## Do the changed files pass phpcs checks? Yes, all new and modified files pass phpcs checks. No phpcs:ignore comments were added. ## Screenshots [Validating old functionality is not broken]   ## Detailed test instructions ### 1. Basic Functionality 1. Install and activate the plugin 2. Go to WooCommerce > Facebook 3. Verify the connection page loads correctly with no JavaScript errors 4. Check browser console for any errors related to API initialization ### 2. Legacy Connection Flow 1. If not connected, click "Get Started" 2. Complete the Facebook connection flow 3. Verify you're redirected back to WooCommerce and connection is established 4. Check that catalog ID, pixel ID, and other settings are properly saved 5. Verify the connection details are displayed correctly on the settings page ### 3. Enhanced Onboarding 1. Connect to Facebook using the enhanced onboarding flow 2. Verify the iframe splash page loads correctly and displays the Facebook onboarding interface 3. Complete the connection process through the iframe 4. Verify the connection to MICE is established and settings are saved correctly 5. Check that the iframe resizes properly when content changes ### 4. Disconnection Flow 1. With an active connection, click "Disconnect" 2. Confirm the disconnection in the confirmation dialog 3. Verify all Facebook integration settings are cleared 4. Verify the connection page returns to the unconnected state 5. Verify you can reconnect successfully after disconnection ### 5. JavaScript API Testing 1. Open browser developer tools (F12) 2. Go to Console tab 3. Test API client creation: ```javascript // Get a fresh nonce (you'll need to be on the settings page) const nonce = wp_create_nonce('wp_rest'); // Create API client const fbAPI = FacebookWooCommerceAPIFactory(nonce); // Examine available methods console.log(Object.keys(fbAPI)); ``` 4. Test uninstall endpoint (only if you're willing to disconnect): ```javascript fbAPI.uninstallSettings() .then(response => console.log('Success:', response)) .catch(error => console.error('Error:', error)); ``` 5. Verify the page reloads and connection is removed ### 6. Error Handling 1. Test invalid API calls to verify error handling: ```javascript // Missing required parameters fbAPI.updateSettings({}) .then(response => console.log('Success:', response)) .catch(error => console.log('Error correctly caught:', error)); ``` 2. Verify appropriate error messages are displayed ## Additional details - The framework is designed to be extensible, making it easy to add new endpoints in the future - Comprehensive documentation on new endpoint process is provided in `includes/API/REST/README.md` Pull Request resolved: #2928 Test Plan: Imported from GitHub, without a `Test Plan:` line. **!---- (auto-generated) DO NOT EDIT OR PUT ANYTHING AFTER THIS LINE ----!** MFTRunTestsScript Run / Test Suite: sa_checkout / Test Collection: www / Diff Version V9 https://internalfb.com/intern/testinfra/testrun/9570149282153152 MFTRunTestsScript Run / Test Suite: sa_checkout / Test Collection: bloks / Diff Version V9 https://internalfb.com/intern/testinfra/testrun/1970325111022726 Reviewed By: vinkmeta Differential Revision: D70733325 Pulled By: sol-loup fbshipit-source-id: f2275644ac6447d3940294d916020f1a484ca92e
This was referenced Apr 18, 2025
This was referenced May 2, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes proposed in this Pull Request:
Closes #2260.
Thank you @mikkamp for your research on HPOS compatibility. This PR is built on top of @mikkamp's inputs. Since the HPOS upgrade recipe is updated, I ran the check again. I concur with the findings in #2260.
This PR:
screen_idbased on order data store. Thescreen_idis used to enqueuefacebook-for-woocommerce-modal,wc-facebook-google-product-category-fieldsand to render therender_modal_template.true.phpcschecks? Please removephpcs:ignorecomments in changed files and fix any issues, or delete if not practical.Detailed test instructions:
Use the WooCommerce orders tables.facebook-for-woocommerce-modal,wc-facebook-google-product-category-fieldsandtmpl-facebook-for-woocommerce-modalare enqueued.Use the WordPress posts table.facebook-for-woocommerce-modal,wc-facebook-google-product-category-fieldsandtmpl-facebook-for-woocommerce-modalare enqueued.Additional details:
As noted in #2260, there are changes that need to be addressed in the SkyVerge framework for HPOS compatibility. However, based on internal discussions, the part of the framework code that requires changing is not used by the plugin. I need additional eyes here to verify that the matches listed in this comment #2260 (comment) do not affect the plugin.
I am unable to run the Acceptance test which has 2 other code changes.
Changelog entry