jsonapi-frontend/jsonapi_frontend.install at master · code-wheel/jsonapi-frontend · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php

/**
 * @file
 * Install, update, and uninstall functions for JSON:API Frontend.
 */

declare(strict_types=1);

/**
 * Implements hook_requirements().
 */
#[\Drupal\Core\Hook\Attribute\LegacyRequirementsHook]
function jsonapi_frontend_requirements(string $phase): array {
  $requirements = [];

  if ($phase === 'runtime') {
    $config = \Drupal::config('jsonapi_frontend.settings');
    /** @var \Drupal\jsonapi_frontend\Service\SecretManager $secret_manager */
    $secret_manager = \Drupal::service('jsonapi_frontend.secret_manager');

    // Check if revalidation is enabled but URL is not configured.
    if ($config->get('revalidation.enabled') && empty($config->get('revalidation.url'))) {
      $requirements['jsonapi_frontend_revalidation'] = [
        'title' => t('JSON:API Frontend Cache Revalidation'),
        'value' => t('Not configured'),
        'description' => t('Cache revalidation is enabled but no webhook URL is configured. <a href=":url">Configure the webhook URL</a>.', [
          ':url' => \Drupal\Core\Url::fromRoute('jsonapi_frontend.settings')->toString(),
        ]),
        'severity' => REQUIREMENT_WARNING,
      ];
    }

    // Check if Next.js First mode is enabled but no proxy secret.
    if ($config->get('deployment_mode') === 'nextjs_first' && $secret_manager->getProxySecret() === '') {
      $requirements['jsonapi_frontend_proxy_secret'] = [
        'title' => t('JSON:API Frontend Origin Protection'),
        'value' => t('Not configured'),
        'description' => t('Next.js First mode is enabled but no proxy secret is configured. This leaves your Drupal origin unprotected. <a href=":url">Configure a proxy secret</a>.', [
          ':url' => \Drupal\Core\Url::fromRoute('jsonapi_frontend.settings')->toString(),
        ]),
        'severity' => REQUIREMENT_WARNING,
      ];
    }

    // Check if routes feed is enabled but no routes secret.
    if ($config->get('routes.enabled') && $secret_manager->getRoutesFeedSecret() === '') {
      $requirements['jsonapi_frontend_routes_secret'] = [
        'title' => t('JSON:API Frontend Routes Feed'),
        'value' => t('Not configured'),
        'description' => t('Routes feed is enabled but no routes feed secret is configured. This endpoint requires a secret header to work. <a href=":url">Configure a routes feed secret</a>.', [
          ':url' => \Drupal\Core\Url::fromRoute('jsonapi_frontend.settings')->toString(),
        ]),
        'severity' => REQUIREMENT_WARNING,
      ];
    }

    // Check if jsonapi_views is installed for views support.
    if (!\Drupal::moduleHandler()->moduleExists('jsonapi_views')) {
      $requirements['jsonapi_frontend_views'] = [
        'title' => t('JSON:API Frontend Views Support'),
        'value' => t('jsonapi_views not installed'),
        'description' => t('For Views support in your headless frontend, install the <a href=":url">jsonapi_views</a> module.', [
          ':url' => 'https://www.drupal.org/project/jsonapi_views',
        ]),
        'severity' => REQUIREMENT_INFO,
      ];
    }
  }

  return $requirements;
}

/**
 * Implements hook_install().
 */
function jsonapi_frontend_install(): void {
  \Drupal::messenger()->addStatus(t('JSON:API Frontend installed. <a href=":url">Configure your headless settings</a>.', [
    ':url' => \Drupal\Core\Url::fromRoute('jsonapi_frontend.settings')->toString(),
  ]));
}

/**
 * Implements hook_uninstall().
 */
function jsonapi_frontend_uninstall(): void {
  // Configuration is automatically deleted by Drupal.
  \Drupal::messenger()->addStatus(t('JSON:API Frontend has been uninstalled.'));
}

/**
 * Migrate secrets out of config storage.
 */
function jsonapi_frontend_update_10001(): void {
  $config = \Drupal::configFactory()->getEditable('jsonapi_frontend.settings');
  $state = \Drupal::state();

  $proxy_secret = trim((string) ($config->get('proxy_secret') ?? ''));
  if ($proxy_secret !== '' && trim((string) ($state->get('jsonapi_frontend.proxy_secret') ?? '')) === '') {
    $state->set('jsonapi_frontend.proxy_secret', $proxy_secret);
  }

  $routes_secret = trim((string) ($config->get('routes.secret') ?? ''));
  if ($routes_secret !== '' && trim((string) ($state->get('jsonapi_frontend.routes_secret') ?? '')) === '') {
    $state->set('jsonapi_frontend.routes_secret', $routes_secret);
  }

  $revalidation_secret = trim((string) ($config->get('revalidation.secret') ?? ''));
  if ($revalidation_secret !== '' && trim((string) ($state->get('jsonapi_frontend.revalidation_secret') ?? '')) === '') {
    $state->set('jsonapi_frontend.revalidation_secret', $revalidation_secret);
  }

  // Clear stored config values to avoid accidental leaks via config export.
  $config->set('proxy_secret', '');
  $config->set('routes.secret', '');
  $config->set('revalidation.secret', '');
  $config->save();
}