helix/admin/rest-routes.php

<?php
/**
 * Registers REST API routes for Helix.
 *
 * @package Helix
 */

// Prevent direct access.
if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

// Include settings API utilities.
require_once plugin_dir_path( __FILE__ ) . 'settings-api.php';

add_action( 'rest_api_init', 'helix_register_rest_routes' );

/**
 * Register REST API routes for Helix.
 *
 * @since 1.0.0
 */
function helix_register_rest_routes() {
	// Get the schemas.
	$get_schema    = helix_get_settings_schema();
	$update_schema = helix_update_settings_schema();

	// Settings endpoints.
	register_rest_route(
		'helix/v1',
		'/settings',
		array(
			array(
				'methods'             => WP_REST_Server::READABLE,
				'callback'            => 'helix_get_settings',
				'permission_callback' => 'helix_settings_permissions_check',
				'args'                => $get_schema,
			),
			array(
				'methods'             => WP_REST_Server::EDITABLE,
				'callback'            => 'helix_update_settings',
				'permission_callback' => 'helix_settings_permissions_check',
				'args'                => $update_schema,
			),
		)
	);

	// Individual setting endpoints.
	register_rest_route(
		'helix/v1',
		'/settings/(?P<setting>[a-zA-Z0-9_-]+)',
		array(
			array(
				'methods'             => WP_REST_Server::READABLE,
				'callback'            => 'helix_get_single_setting',
				'permission_callback' => 'helix_settings_permissions_check',
				'args'                => array(
					'setting' => array(
						'description' => __( 'Setting name to retrieve.', 'helix' ),
						'type'        => 'string',
						'required'    => true,
					),
				),
			),
			array(
				'methods'             => WP_REST_Server::EDITABLE,
				'callback'            => 'helix_update_single_setting',
				'permission_callback' => 'helix_settings_permissions_check',
				'args'                => array(
					'setting' => array(
						'description' => __( 'Setting name to update.', 'helix' ),
						'type'        => 'string',
						'required'    => true,
					),
					'value'   => array(
						'description' => __( 'Setting value.', 'helix' ),
						'type'        => array( 'string', 'boolean', 'integer', 'number' ),
						'required'    => true,
					),
				),
			),
		)
	);
}

/**
 * Permission callback for settings endpoints.
 *
 * @since 1.0.0
 * @return bool True if the request has read access for the item, false otherwise.
 */
function helix_settings_permissions_check() {
	return current_user_can( 'manage_options' );
}

/**
 * Get all WordPress settings.
 *
 * @since 1.0.0
 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
 */
function helix_get_settings() {
	$settings = helix_get_wordpress_settings();

	if ( is_wp_error( $settings ) ) {
		return $settings;
	}

	return rest_ensure_response( $settings );
}

/**
 * Update WordPress settings.
 *
 * @since 1.0.0
 * @param WP_REST_Request $request Current request object.
 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
 */
function helix_update_settings( $request ) {
	$params           = $request->get_params();
	$allowed_settings = helix_get_allowed_settings();
	$updated_settings = array();
	$errors           = array();

	// Process each setting.
	foreach ( $params as $setting => $value ) {
		// Check if setting is allowed.
		if ( ! in_array( $setting, $allowed_settings, true ) ) {
			$error_msg = sprintf(
				/* translators: %s: Setting name */
				__( 'Setting "%s" is not allowed.', 'helix' ),
				$setting
			);
			$errors[ $setting ] = $error_msg;
			continue;
		}

		// Validate and sanitize the value.
		$sanitized_value = helix_sanitize_setting_value( $setting, $value );

		if ( is_wp_error( $sanitized_value ) ) {
			$errors[ $setting ] = $sanitized_value->get_error_message();
			continue;
		}

		// Get the WordPress option name for this setting.
		$option_name = helix_get_wp_option_name( $setting );

		// Handle special settings that need custom update logic.
		$result = helix_update_setting( $setting, $sanitized_value );

		// If special handling didn't apply, update normally.
		if ( ! $result ) {
			$result = update_option( $option_name, $sanitized_value );
		}

		if ( $result ) {
			$updated_settings[ $setting ] = $sanitized_value;
		} else {
			// Provide specific error messages for special settings.
			if ( 'language' === $setting ) {
				$error_msg = sprintf(
					/* translators: %s: Language name */
					__( 'Language "%s" could not be installed automatically. Please install the language pack manually via WordPress Admin → Settings → General → Site Language.', 'helix' ),
					$sanitized_value
				);
			} else {
				$error_msg = __( 'Failed to update setting.', 'helix' );
			}
			$errors[ $setting ] = $error_msg;
		}
	}

	if ( ! empty( $errors ) && empty( $updated_settings ) ) {
		return new WP_Error(
			'helix_settings_update_failed',
			__( 'Failed to update any settings.', 'helix' ),
			array(
				'status' => 400,
				'errors' => $errors,
			)
		);
	}

	$response_data = array(
		'updated' => $updated_settings,
	);

	if ( ! empty( $errors ) ) {
		$response_data['errors'] = $errors;
	}

	return rest_ensure_response( $response_data );
}

/**
 * Get a single setting value.
 *
 * @since 1.0.0
 * @param WP_REST_Request $request Current request object.
 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
 */
function helix_get_single_setting( $request ) {
	$setting = $request->get_param( 'setting' );

	if ( ! helix_is_setting_allowed( $setting ) ) {
		return new WP_Error(
			'helix_setting_not_allowed',
			sprintf(
				/* translators: %s: Setting name */
				__( 'Setting "%s" is not allowed.', 'helix' ),
				$setting
			),
			array( 'status' => 403 )
		);
	}

	$option_name = helix_get_wp_option_name( $setting );
	$value       = get_option( $option_name );

	return rest_ensure_response(
		array(
			'setting' => $setting,
			'value'   => $value,
		)
	);
}

/**
 * Update a single setting value.
 *
 * @since 1.0.0
 * @param WP_REST_Request $request Current request object.
 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
 */
function helix_update_single_setting( $request ) {
	$setting = $request->get_param( 'setting' );
	$value   = $request->get_param( 'value' );

	if ( ! helix_is_setting_allowed( $setting ) ) {
		return new WP_Error(
			'helix_setting_not_allowed',
			sprintf(
				/* translators: %s: Setting name */
				__( 'Setting "%s" is not allowed to be updated.', 'helix' ),
				$setting
			),
			array( 'status' => 403 )
		);
	}

	$sanitized_value = helix_sanitize_setting_value( $setting, $value );

	if ( is_wp_error( $sanitized_value ) ) {
		return $sanitized_value;
	}

	$option_name = helix_get_wp_option_name( $setting );
	$result      = update_option( $option_name, $sanitized_value );

	if ( ! $result && get_option( $option_name ) !== $sanitized_value ) {
		return new WP_Error(
			'helix_setting_update_failed',
			sprintf(
				/* translators: %s: Setting name */
				__( 'Failed to update setting "%s".', 'helix' ),
				$setting
			),
			array( 'status' => 500 )
		);
	}

	return rest_ensure_response(
		array(
			'setting' => $setting,
			'value'   => $sanitized_value,
			'updated' => true,
		)
	);
}
Initial commit 2025-08-01 08:00:35 +05:30			`<?php`
lint fixes 2025-08-10 00:09:35 +05:30			`/**`
			`* Registers REST API routes for Helix.`
			`*`
			`* @package Helix`
			`*/`

updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`// Prevent direct access.`
			`if ( ! defined( 'ABSPATH' ) ) {`
			`exit;`
			`}`

			`// Include settings API utilities.`
			`require_once plugin_dir_path( __FILE__ ) . 'settings-api.php';`

			`add_action( 'rest_api_init', 'helix_register_rest_routes' );`

			`/**`
			`* Register REST API routes for Helix.`
			`*`
			`* @since 1.0.0`
			`*/`
			`function helix_register_rest_routes() {`
lint fixes 2025-08-17 02:25:54 +05:30			`// Get the schemas.`
			`$get_schema = helix_get_settings_schema();`
fixing language setting save 2025-08-17 01:32:15 +05:30			`$update_schema = helix_update_settings_schema();`

updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`// Settings endpoints.`
			`register_rest_route(`
			`'helix/v1',`
			`'/settings',`
			`array(`
			`array(`
			`'methods' => WP_REST_Server::READABLE,`
			`'callback' => 'helix_get_settings',`
			`'permission_callback' => 'helix_settings_permissions_check',`
fixing language setting save 2025-08-17 01:32:15 +05:30			`'args' => $get_schema,`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`),`
			`array(`
			`'methods' => WP_REST_Server::EDITABLE,`
			`'callback' => 'helix_update_settings',`
			`'permission_callback' => 'helix_settings_permissions_check',`
fixing language setting save 2025-08-17 01:32:15 +05:30			`'args' => $update_schema,`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`),`
			`)`
			`);`

			`// Individual setting endpoints.`
			`register_rest_route(`
			`'helix/v1',`
			`'/settings/(?P<setting>[a-zA-Z0-9_-]+)',`
			`array(`
lint fixes 2025-08-10 00:09:35 +05:30			`array(`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`'methods' => WP_REST_Server::READABLE,`
			`'callback' => 'helix_get_single_setting',`
			`'permission_callback' => 'helix_settings_permissions_check',`
			`'args' => array(`
			`'setting' => array(`
			`'description' => __( 'Setting name to retrieve.', 'helix' ),`
			`'type' => 'string',`
			`'required' => true,`
			`),`
			`),`
			`),`
			`array(`
			`'methods' => WP_REST_Server::EDITABLE,`
			`'callback' => 'helix_update_single_setting',`
			`'permission_callback' => 'helix_settings_permissions_check',`
			`'args' => array(`
			`'setting' => array(`
			`'description' => __( 'Setting name to update.', 'helix' ),`
			`'type' => 'string',`
			`'required' => true,`
			`),`
			`'value' => array(`
			`'description' => __( 'Setting value.', 'helix' ),`
			`'type' => array( 'string', 'boolean', 'integer', 'number' ),`
			`'required' => true,`
			`),`
			`),`
			`),`
			`)`
			`);`
			`}`

			`/**`
			`* Permission callback for settings endpoints.`
			`*`
			`* @since 1.0.0`
			`* @return bool True if the request has read access for the item, false otherwise.`
			`*/`
			`function helix_settings_permissions_check() {`
			`return current_user_can( 'manage_options' );`
			`}`

			`/**`
			`* Get all WordPress settings.`
			`*`
			`* @since 1.0.0`
			`* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.`
			`*/`
			`function helix_get_settings() {`
			`$settings = helix_get_wordpress_settings();`

			`if ( is_wp_error( $settings ) ) {`
			`return $settings;`
			`}`

			`return rest_ensure_response( $settings );`
			`}`

			`/**`
			`* Update WordPress settings.`
			`*`
			`* @since 1.0.0`
			`* @param WP_REST_Request $request Current request object.`
			`* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.`
			`*/`
			`function helix_update_settings( $request ) {`
lint fixes 2025-08-17 02:25:54 +05:30			`$params = $request->get_params();`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`$allowed_settings = helix_get_allowed_settings();`
fixing language setting save 2025-08-17 01:32:15 +05:30			`$updated_settings = array();`
lint fixes 2025-08-17 02:25:54 +05:30			`$errors = array();`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30
lint fixes 2025-08-17 02:25:54 +05:30			`// Process each setting.`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`foreach ( $params as $setting => $value ) {`
lint fixes 2025-08-17 02:25:54 +05:30			`// Check if setting is allowed.`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`if ( ! in_array( $setting, $allowed_settings, true ) ) {`
fixing language setting save 2025-08-17 01:32:15 +05:30			`$error_msg = sprintf(`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`/* translators: %s: Setting name */`
fixing language setting save 2025-08-17 01:32:15 +05:30			`__( 'Setting "%s" is not allowed.', 'helix' ),`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`$setting`
			`);`
fixing language setting save 2025-08-17 01:32:15 +05:30			`$errors[ $setting ] = $error_msg;`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`continue;`
			`}`

lint fixes 2025-08-17 02:25:54 +05:30			`// Validate and sanitize the value.`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`$sanitized_value = helix_sanitize_setting_value( $setting, $value );`
lint fixes 2025-08-17 02:25:54 +05:30
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`if ( is_wp_error( $sanitized_value ) ) {`
			`$errors[ $setting ] = $sanitized_value->get_error_message();`
			`continue;`
			`}`

lint fixes 2025-08-17 02:25:54 +05:30			`// Get the WordPress option name for this setting.`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`$option_name = helix_get_wp_option_name( $setting );`
lint fixes 2025-08-17 02:25:54 +05:30
			`// Handle special settings that need custom update logic.`
code refactor 2025-08-17 02:11:49 +05:30			`$result = helix_update_setting( $setting, $sanitized_value );`
lint fixes 2025-08-17 02:25:54 +05:30
			`// If special handling didn't apply, update normally.`
code refactor 2025-08-17 02:11:49 +05:30			`if ( ! $result ) {`
fixed timezone saving 2025-08-17 02:00:42 +05:30			`$result = update_option( $option_name, $sanitized_value );`
			`}`
code refactor 2025-08-17 02:11:49 +05:30
			`if ( $result ) {`
			`$updated_settings[ $setting ] = $sanitized_value;`
			`} else {`
lint fixes 2025-08-17 02:25:54 +05:30			`// Provide specific error messages for special settings.`
			`if ( 'language' === $setting ) {`
fixing language setting save 2025-08-17 01:32:15 +05:30			`$error_msg = sprintf(`
lint fixes 2025-08-17 02:25:54 +05:30			`/* translators: %s: Language name */`
fixing language setting save 2025-08-17 01:32:15 +05:30			`__( 'Language "%s" could not be installed automatically. Please install the language pack manually via WordPress Admin → Settings → General → Site Language.', 'helix' ),`
			`$sanitized_value`
			`);`
code refactor 2025-08-17 02:11:49 +05:30			`} else {`
			`$error_msg = __( 'Failed to update setting.', 'helix' );`
fixing language setting save 2025-08-17 01:32:15 +05:30			`}`
			`$errors[ $setting ] = $error_msg;`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30			`}`
			`}`

			`if ( ! empty( $errors ) && empty( $updated_settings ) ) {`
			`return new WP_Error(`
			`'helix_settings_update_failed',`
			`__( 'Failed to update any settings.', 'helix' ),`
			`array(`
			`'status' => 400,`
			`'errors' => $errors,`
lint fixes 2025-08-10 00:09:35 +05:30			`)`
			`);`
			`}`
updated react app and API backend 1. Added API backend for settings 2. Added React components for the settings page 3. Added JS lint using @wordpress/scripts 4. Lint fixes for PHP 2025-08-11 01:38:33 +05:30
			`$response_data = array(`
			`'updated' => $updated_settings,`
			`);`

			`if ( ! empty( $errors ) ) {`
			`$response_data['errors'] = $errors;`
			`}`

			`return rest_ensure_response( $response_data );`
			`}`

			`/**`
			`* Get a single setting value.`
			`*`
			`* @since 1.0.0`
			`* @param WP_REST_Request $request Current request object.`
			`* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.`
			`*/`
			`function helix_get_single_setting( $request ) {`
			`$setting = $request->get_param( 'setting' );`

			`if ( ! helix_is_setting_allowed( $setting ) ) {`
			`return new WP_Error(`
			`'helix_setting_not_allowed',`
			`sprintf(`
			`/* translators: %s: Setting name */`
			`__( 'Setting "%s" is not allowed.', 'helix' ),`
			`$setting`
			`),`
			`array( 'status' => 403 )`
			`);`
			`}`

			`$option_name = helix_get_wp_option_name( $setting );`
			`$value = get_option( $option_name );`

			`return rest_ensure_response(`
			`array(`
			`'setting' => $setting,`
			`'value' => $value,`
			`)`
			`);`
			`}`

			`/**`
			`* Update a single setting value.`
			`*`
			`* @since 1.0.0`
			`* @param WP_REST_Request $request Current request object.`
			`* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.`
			`*/`
			`function helix_update_single_setting( $request ) {`
			`$setting = $request->get_param( 'setting' );`
			`$value = $request->get_param( 'value' );`

			`if ( ! helix_is_setting_allowed( $setting ) ) {`
			`return new WP_Error(`
			`'helix_setting_not_allowed',`
			`sprintf(`
			`/* translators: %s: Setting name */`
			`__( 'Setting "%s" is not allowed to be updated.', 'helix' ),`
			`$setting`
			`),`
			`array( 'status' => 403 )`
			`);`
			`}`

			`$sanitized_value = helix_sanitize_setting_value( $setting, $value );`

			`if ( is_wp_error( $sanitized_value ) ) {`
			`return $sanitized_value;`
			`}`

			`$option_name = helix_get_wp_option_name( $setting );`
			`$result = update_option( $option_name, $sanitized_value );`

			`if ( ! $result && get_option( $option_name ) !== $sanitized_value ) {`
			`return new WP_Error(`
			`'helix_setting_update_failed',`
			`sprintf(`
			`/* translators: %s: Setting name */`
			`__( 'Failed to update setting "%s".', 'helix' ),`
			`$setting`
			`),`
			`array( 'status' => 500 )`
			`);`
			`}`

			`return rest_ensure_response(`
			`array(`
			`'setting' => $setting,`
			`'value' => $sanitized_value,`
			`'updated' => true,`
			`)`
			`);`
			`}`