From ccf357d7905143c70978e6dff7677ac43498c8ba Mon Sep 17 00:00:00 2001
From: dinamiko <e.castells@inpsyde.com>
Date: Thu, 29 Apr 2021 17:40:41 +0200
Subject: [PATCH] Disable vault setting if vaulting feature is not available in
 access token

---
 .../src/Entity/class-token.php                | 16 ++++++++++
 .../resources/js/gateway-settings.js          |  4 +++
 modules/ppcp-wc-gateway/services.php          |  9 +++---
 .../src/Assets/class-settingspageassets.php   | 32 ++++++++++++++++---
 .../src/Settings/class-settingslistener.php   | 25 +++++++++++++--
 .../src/class-wcgatewaymodule.php             |  3 +-
 6 files changed, 78 insertions(+), 11 deletions(-)

diff --git a/modules/ppcp-api-client/src/Entity/class-token.php b/modules/ppcp-api-client/src/Entity/class-token.php
index 41c294853..45e808804 100644
--- a/modules/ppcp-api-client/src/Entity/class-token.php
+++ b/modules/ppcp-api-client/src/Entity/class-token.php
@@ -99,6 +99,22 @@ class Token {
 		return new Token( $json );
 	}
 
+	/**
+	 * Checks if vaulting is available in access token scope.
+	 *
+	 * @return bool Whether vaulting features are enabled or not.
+	 */
+	public function vaulting_available() {
+		if ( strpos(
+			$this->json->scope,
+			'https://uri.paypal.com/services/vault/payment-tokens/readwrite'
+		) !== false ) {
+			return true;
+		}
+
+		return false;
+	}
+
 	/**
 	 * Validates whether a JSON object can be transformed to a Token object.
 	 *
diff --git a/modules/ppcp-wc-gateway/resources/js/gateway-settings.js b/modules/ppcp-wc-gateway/resources/js/gateway-settings.js
index af3b84bdf..ee061057b 100644
--- a/modules/ppcp-wc-gateway/resources/js/gateway-settings.js
+++ b/modules/ppcp-wc-gateway/resources/js/gateway-settings.js
@@ -24,6 +24,10 @@
         function updateCheckboxes() {
             atLeastOneChecked(payLaterMessagingCheckboxes) ? disableAll(vaultingCheckboxes) : enableAll(vaultingCheckboxes)
             atLeastOneChecked(vaultingCheckboxes) ? disableAll(payLaterMessagingCheckboxes) : enableAll(payLaterMessagingCheckboxes)
+
+            if(PayPalCommerceGatewaySettings.vaulting_features_available !== '1' ) {
+                disableAll(vaultingCheckboxes)
+            }
         }
 
         updateCheckboxes()
diff --git a/modules/ppcp-wc-gateway/services.php b/modules/ppcp-wc-gateway/services.php
index 124b1ab98..d911a64dc 100644
--- a/modules/ppcp-wc-gateway/services.php
+++ b/modules/ppcp-wc-gateway/services.php
@@ -133,7 +133,8 @@ return array(
 		$webhook_registrar = $container->get( 'webhook.registrar' );
 		$state            = $container->get( 'onboarding.state' );
 		$cache = new Cache( 'ppcp-paypal-bearer' );
-		return new SettingsListener( $settings, $fields, $webhook_registrar, $cache, $state );
+		$bearer = $container->get( 'api.bearer' );
+		return new SettingsListener( $settings, $fields, $webhook_registrar, $cache, $state, $bearer );
 	},
 	'wcgateway.order-processor'                    => static function ( $container ): OrderProcessor {
 
@@ -182,7 +183,6 @@ return array(
 	'wcgateway.settings.fields'                    => static function ( $container ): array {
 
 		$state = $container->get( 'onboarding.state' );
-		$settings     = $container->get( 'wcgateway.settings' );
 		$messages_disclaimers = $container->get( 'button.helper.messages-disclaimers' );
 
 		$fields              = array(
@@ -634,8 +634,9 @@ return array(
 				'title'        => __( 'Vaulting', 'woocommerce-paypal-payments' ),
 				'type'         => 'checkbox',
 				'desc_tip'     => true,
-				'label' => sprintf(
-					__('To use vaulting features, you must %1$senable vaulting on your account%2$s.', 'woocommerce-paypal-payments'),
+				'label'        => sprintf(
+					// translators: %1$s and %2$s are the opening and closing of HTML <a> tag.
+					__( 'To use vaulting features, you must %1$senable vaulting on your account%2$s.', 'woocommerce-paypal-payments' ),
 					'<a 
 						href="https://docs.woocommerce.com/document/woocommerce-paypal-payments/#enable-vaulting-on-your-live-account"
 						target="_blank"
diff --git a/modules/ppcp-wc-gateway/src/Assets/class-settingspageassets.php b/modules/ppcp-wc-gateway/src/Assets/class-settingspageassets.php
index d52052597..197c07e03 100644
--- a/modules/ppcp-wc-gateway/src/Assets/class-settingspageassets.php
+++ b/modules/ppcp-wc-gateway/src/Assets/class-settingspageassets.php
@@ -9,6 +9,8 @@ declare(strict_types=1);
 
 namespace WooCommerce\PayPalCommerce\WcGateway\Assets;
 
+use WooCommerce\PayPalCommerce\ApiClient\Authentication\Bearer;
+
 /**
  * Class SettingsPageAssets
  */
@@ -20,6 +22,7 @@ class SettingsPageAssets {
 	 * @var string
 	 */
 	private $module_url;
+
 	/**
 	 * The filesystem path to the module dir.
 	 *
@@ -27,24 +30,34 @@ class SettingsPageAssets {
 	 */
 	private $module_path;
 
+	/**
+	 * The bearer.
+	 *
+	 * @var Bearer
+	 */
+	private $bearer;
+
 	/**
 	 * Assets constructor.
 	 *
 	 * @param string $module_url The url of this module.
 	 * @param string $module_path The filesystem path to this module.
+	 * @param Bearer $bearer The bearer.
 	 */
-	public function __construct( string $module_url, string $module_path ) {
+	public function __construct( string $module_url, string $module_path, Bearer $bearer ) {
 		$this->module_url  = $module_url;
 		$this->module_path = $module_path;
+		$this->bearer      = $bearer;
 	}
 
 	/**
 	 * Register assets provided by this module.
 	 */
 	public function register_assets() {
+		$bearer = $this->bearer;
 		add_action(
 			'admin_enqueue_scripts',
-			function() {
+			function() use ( $bearer ) {
 				if ( ! is_admin() || is_ajax() ) {
 					return;
 				}
@@ -53,7 +66,7 @@ class SettingsPageAssets {
 					return;
 				}
 
-				$this->register_admin_assets();
+				$this->register_admin_assets( $bearer );
 			}
 		);
 
@@ -84,8 +97,10 @@ class SettingsPageAssets {
 
 	/**
 	 * Register assets for admin pages.
+	 *
+	 * @param Bearer $bearer The bearer.
 	 */
-	private function register_admin_assets() {
+	private function register_admin_assets( Bearer $bearer ) {
 		$gateway_settings_script_path = trailingslashit( $this->module_path ) . 'assets/js/gateway-settings.js';
 
 		wp_enqueue_script(
@@ -95,5 +110,14 @@ class SettingsPageAssets {
 			file_exists( $gateway_settings_script_path ) ? (string) filemtime( $gateway_settings_script_path ) : null,
 			true
 		);
+
+		$token = $bearer->bearer();
+		wp_localize_script(
+			'ppcp-gateway-settings',
+			'PayPalCommerceGatewaySettings',
+			array(
+				'vaulting_features_available' => $token->vaulting_available(),
+			)
+		);
 	}
 }
diff --git a/modules/ppcp-wc-gateway/src/Settings/class-settingslistener.php b/modules/ppcp-wc-gateway/src/Settings/class-settingslistener.php
index 886b89294..6963defc9 100644
--- a/modules/ppcp-wc-gateway/src/Settings/class-settingslistener.php
+++ b/modules/ppcp-wc-gateway/src/Settings/class-settingslistener.php
@@ -9,6 +9,7 @@ declare(strict_types=1);
 
 namespace WooCommerce\PayPalCommerce\WcGateway\Settings;
 
+use WooCommerce\PayPalCommerce\ApiClient\Authentication\Bearer;
 use WooCommerce\PayPalCommerce\ApiClient\Authentication\PayPalBearer;
 use WooCommerce\PayPalCommerce\ApiClient\Helper\Cache;
 use WooCommerce\PayPalCommerce\Onboarding\State;
@@ -21,7 +22,6 @@ use WooCommerce\PayPalCommerce\Webhooks\WebhookRegistrar;
  */
 class SettingsListener {
 
-
 	const NONCE = 'ppcp-settings';
 
 	/**
@@ -59,6 +59,13 @@ class SettingsListener {
 	 */
 	private $state;
 
+	/**
+	 * The Bearer.
+	 *
+	 * @var Bearer
+	 */
+	private $bearer;
+
 	/**
 	 * SettingsListener constructor.
 	 *
@@ -67,13 +74,15 @@ class SettingsListener {
 	 * @param WebhookRegistrar $webhook_registrar The Webhook Registrar.
 	 * @param Cache            $cache The Cache.
 	 * @param State            $state The state.
+	 * @param Bearer           $bearer The bearer.
 	 */
 	public function __construct(
 		Settings $settings,
 		array $setting_fields,
 		WebhookRegistrar $webhook_registrar,
 		Cache $cache,
-		State $state
+		State $state,
+		Bearer $bearer
 	) {
 
 		$this->settings          = $settings;
@@ -81,6 +90,7 @@ class SettingsListener {
 		$this->webhook_registrar = $webhook_registrar;
 		$this->cache             = $cache;
 		$this->state             = $state;
+		$this->bearer            = $bearer;
 	}
 
 	/**
@@ -137,6 +147,17 @@ class SettingsListener {
 			return;
 		}
 
+		$redirect_url = admin_url( 'admin.php?page=wc-settings&tab=checkout&section=ppcp-gateway' );
+
+		$token = $this->bearer->bearer();
+		if ( ! $token->vaulting_available() ) {
+			$this->settings->set( 'vault_enabled', false );
+			$this->settings->persist();
+
+			wp_safe_redirect( $redirect_url, 302 );
+			exit;
+		}
+
 		/**
 		 * No need to verify nonce here.
 		 *
diff --git a/modules/ppcp-wc-gateway/src/class-wcgatewaymodule.php b/modules/ppcp-wc-gateway/src/class-wcgatewaymodule.php
index 0b356cb2c..9e119a1cd 100644
--- a/modules/ppcp-wc-gateway/src/class-wcgatewaymodule.php
+++ b/modules/ppcp-wc-gateway/src/class-wcgatewaymodule.php
@@ -76,7 +76,8 @@ class WcGatewayModule implements ModuleInterface {
 		if ( $container->has( 'wcgateway.url' ) ) {
 			$assets = new SettingsPageAssets(
 				$container->get( 'wcgateway.url' ),
-				$container->get( 'wcgateway.absolute-path' )
+				$container->get( 'wcgateway.absolute-path' ),
+				$container->get( 'api.bearer' )
 			);
 			$assets->register_assets();
 		}