Upd. Restrict functionality for expired licenses (#346)

* Ref. New FeatureRestriction service is used to on/off features.

* Fix. Code. FeatureRestrictionState. Renamed method.

* Upd. Functionality. Code review notices fixed.

* Upd. Functionality. Functions restriction for outdated licenses fixed.

* Upd. Settings. FS Watcher tab logic fixed.

* Fix: Settings. Upgrading license link fixed.

---------

Co-authored-by: Glomberg <[email protected]>

inc/admin-bar.php

@@ -24,8 +24,10 @@ function spbc_admin__admin_bar__add_structure($wp_admin_bar)
         'meta'  => array('class' => 'cleantalk-admin_bar--list_wrapper'),
     ));
 
+    $utm_marks = '&utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%%20backend%%20trial_security&cp_mode=security';
+    $link = 'https://p.cleantalk.org/?account=undefined&currency=USD&domains=&extra=true&featured=&fua=true&period=Year&period_interval=3&product_id=4&renew=true&tariff_id=191&user_token=' . $spbc->user_token . $utm_marks;
     $title_link = $spbc->data["wl_mode_enabled"] ? $spbc->data["wl_support_url"] :
-        "<span><a href='https://cleantalk.org/my/bill/security?utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%20backend%20renew_security&user_token={$spbc->user_token}&cp_mode=security' target='_blank'>";
+        "<span><a href='{$link}' target='_blank'>";
 
     // Security
     $title = $spbc->notice_trial

inc/spbc-admin.php

@@ -25,7 +25,10 @@ function spbc_admin_init()
     global $spbc, $apbct;
 
     //Logging admin actions
-    if (! defined('DOING_AJAX')) {
+    if (
+        $spbc->feature_restrictions->getState($spbc, 'security_log')->is_active &&
+        ! defined('DOING_AJAX')
+    ) {
         spbc_admin_log_action();
     }
 
@@ -710,11 +713,13 @@ function spbc_badge__get_premium($print = true, $make_it_right = false, $out = '
     global $spbc;
 
     if ($spbc->data['license_trial'] == 1 && ! empty($spbc->user_token) && ! $spbc->data["wl_mode_enabled"] ) {
+        $utm_marks = '&utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%%20backend%%20trial_security';
+        $link = 'https://p.cleantalk.org/?account=undefined&currency=USD&domains=&extra=true&featured=&fua=true&period=Year&period_interval=3&product_id=4&renew=true&tariff_id=191&user_token=' . $spbc->user_token . $utm_marks;
         $out = '<b style="display: inline-block; margin-top: 10px;">'
                . ($make_it_right ? __('Make it right!', 'cleantalk') . ' ' : '')
                . sprintf(
                    __('%sGet premium%s', 'cleantalk'),
-                   $spbc->data["wl_mode_enabled"] ? $spbc->data["wl_support_url"] : '<a href="https://cleantalk.org/my/bill/security?user_token=' . $spbc->user_token . '" target="_blank">',
+                   $spbc->data["wl_mode_enabled"] ? $spbc->data["wl_support_url"] : '<a href="' . $link . '" target="_blank">',
                    '</a>'
                )
                . '</b>';

inc/spbc-auth.php

@@ -667,7 +667,11 @@ function spbc_is_user_logged_in()
  */
 function spbc_auth_log($params)
 {
-    global $wpdb;
+    global $wpdb, $spbc;
+
+    if ($spbc->feature_restrictions->getState($spbc, 'security_log')->is_active) {
+        return 0;
+    }
 
     SecurityCounter::increment($params['event']);
 

js/src/react/components/SpbctPageTabs.js

@@ -93,10 +93,12 @@ class SpbctPage extends React.Component{
             'displayDebug': null,
             'isWPMSMainSite': false,
             'isSecFWEnabled': true,
+            'isFsWatcherEnabled': true,
         };
 
         this.dataPrepared.isWPMSMainSite = +this.props.data.isWPMSMainSite;
         this.dataPrepared.isSecFWEnabled = +this.props.data.isSecFWEnabled;
+        this.dataPrepared.isFsWatcherEnabled = +this.props.data.isFsWatcherEnabled;
 
         let dot = <div className="spbc_ring-container"><div className = "spbc_ringring"></div><div className="spbc_circle"></div></div>;
 
@@ -118,7 +120,7 @@ class SpbctPage extends React.Component{
                 {/* <hr style={{ marginBottom: "1em", marginTop: "1em" }} /> */}
                 <div className="spbc_tabs_nav_wrapper" style={{display: "flex", flexWrap: "wrap"}}>
                     {this.dataPrepared.isSecFWEnabled ? this.getFirewallTab() : ''}
-                    {this.dataPrepared.isWPMSMainSite ? this.getFSWTab() : ''}
+                    {this.dataPrepared.isWPMSMainSite && this.dataPrepared.isFsWatcherEnabled ? this.getFSWTab() : ''}
                     {this.dataPrepared.isWPMSMainSite ? this.getScannerTab() : ''}
                     {this.getSecurityLogTab()}
                     {this.getSettingsTab()}

lib/CleantalkSP/SpbctWP/AdminBannersModule/AdminBanners/AdminBannerRenew.php

@@ -36,13 +36,16 @@ public function __construct(AdminBannersHandler $banners_handler)
         $this->banners_handler = $banners_handler;
         $this->banner_id       = $this->prefix . $this::NAME . '_' . $this->banners_handler->getUserId();
 
+        $utm_marks = 'cp_mode=security&utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%%20backend%%20trial_security';
+        $link = 'https://p.cleantalk.org/?account=undefined&currency=USD&domains=&extra=true&featured=&fua=true&period=Year&period_interval=3&product_id=4&renew=true&tariff_id=191&user_token=' . $banners_handler->getUserToken() . $utm_marks;
+
         $this->template_data = array(
             'button' => '<input type="button" class="button button-primary" value="'
                         . esc_html__('RENEW', 'security-malware-firewall')
                         . '" />',
-            'link' => $spbc->data["wl_mode_enabled"] ? $spbc->data["wl_url"] :
-                'https://cleantalk.org/my/bill/security?cp_mode=security&utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%%20backend%%20trial_security&user_token='
-                    . $banners_handler->getUserToken(),
+            'link' => $spbc->data["wl_mode_enabled"]
+                ? $spbc->data["wl_url"]
+                : $link,
             'plugin_settings_link' => $this->banners_handler->getPluginSettingsLink(),
             'title'                => esc_html__('Please renew your security license.', 'security-malware-firewall'),
             'subtitle'             => esc_html__('Account status updates every hour or click Settings -> ' . $spbc->data["wl_brandname"] . ' -> Synchronize with Cloud.', 'security-malware-firewall'),

lib/CleantalkSP/SpbctWP/AdminBannersModule/AdminBanners/AdminBannerTrial.php

@@ -43,13 +43,17 @@ public function __construct(AdminBannersHandler $banners_handler)
         $this->banners_handler   = $banners_handler;
         $this->banner_id         = $this->prefix . $this::NAME . '_' . $this->banners_handler->getUserId();
 
+        $utm_marks = 'cp_mode=security&utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%%20backend%%20trial_security';
+        $link = 'https://p.cleantalk.org/?account=undefined&currency=USD&domains=&extra=true&featured=&fua=true&period=Year&period_interval=3&product_id=4&renew=true&tariff_id=191&user_token=' . $banners_handler->getUserToken() . $utm_marks;
+
+
         $this->template_data = array(
             'button' => '<input type="button" class="button button-primary" value="'
                         . esc_html__('UPGRADE', 'security-malware-firewall')
                         . '" />',
-            'link' => $spbc->data["wl_mode_enabled"] ? $spbc->data["wl_support_url"] :
-                'https://cleantalk.org/my/bill/security?cp_mode=security&utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%%20backend%%20trial_security&user_token='
-                    . $banners_handler->getUserToken(),
+            'link' => $spbc->data["wl_mode_enabled"]
+                ? $spbc->data["wl_support_url"]
+                : $link,
             'plugin_settings_link' => $this->banners_handler->getPluginSettingsLink(),
             'title' => esc_html__(
                 'Trial period is now over, please upgrade to premium version to keep your site secure and safe!',

lib/CleantalkSP/SpbctWP/Escape.php

@@ -90,7 +90,7 @@ public static function escKses($string, $allowed_html, $allowed_protocols = arra
         return wp_kses($string, $allowed_html, $allowed_protocols = array());
     }
 
-    public static function escKsesPreset($string, $preset = null, $_allowed_protocols = array())
+    public static function escKsesPreset($string, $preset = null, $_allowed_protocols = array(), $allowed_style_props = array())
     {
 
         $kses_presets = array(
@@ -100,6 +100,29 @@ public static function escKsesPreset($string, $preset = null, $_allowed_protocol
                     'href' => true,
                 ),
             ),
+            'spbc_settings__feature_restrictions' => array(
+                'a' => array(
+                    'target' => true,
+                    'href' => true,
+                ),
+                'li' => [
+                    'class' => 1,
+                ],
+                'ul' => [
+                    'style' => 1,
+                ],
+                'div' => [
+                    'style' => 1,
+                ],
+                'h3' => [
+                    'style' => 1,
+                ],
+                'input' => [
+                    'type' => 1,
+                    'class' => 1,
+                    'value' => 1,
+                ],
+            ),
             'spbc_cdn_checker_table' => array(
                 'a' => array(
                     'style' => true,
@@ -132,8 +155,7 @@ public static function escKsesPreset($string, $preset = null, $_allowed_protocol
                 'div' => array(
                     'class' => true,
                 ),
-                'p' => array(
-                ),
+                'p' => array(),
                 'img' => array(
                     'src' => true,
                     'alt' => true,
@@ -142,6 +164,13 @@ public static function escKsesPreset($string, $preset = null, $_allowed_protocol
             )
         );
 
+        add_filter('safe_style_css', function ($styles) use ($allowed_style_props) {
+            foreach ( $allowed_style_props as $prop ) {
+                $styles[] = $prop;
+            }
+            return $styles;
+        });
+
         if ( !empty($kses_presets[$preset]) ) {
             $allowed_html = $kses_presets[$preset];
             return self::escKses($string, $allowed_html, $allowed_protocols = array());

lib/CleantalkSP/SpbctWP/FeatureRestriction/FeatureRestriction.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace CleantalkSP\SpbctWP\FeatureRestriction;
+
+class FeatureRestriction
+{
+    /**
+     * @var string
+     * @psalm-suppress PossiblyUnusedProperty
+     */
+    public $name;
+    /**
+     * @var bool
+     */
+    public $on_moderate_fail;
+    /**
+     * @var bool
+     */
+    public $on_key_fail;
+
+    /**
+     * @param string $name
+     * @param bool $on_moderate_fail
+     * @param bool $on_key_fail
+     */
+    public function __construct($name, $on_moderate_fail = false, $on_key_fail = false)
+    {
+        $this->name = $name;
+        $this->on_moderate_fail = isset($on_moderate_fail) ? (bool) $on_moderate_fail : false;
+        $this->on_key_fail = isset($on_key_fail) ? (bool) $on_key_fail : false;
+    }
+}

lib/CleantalkSP/SpbctWP/FeatureRestriction/FeatureRestrictionService.php

@@ -0,0 +1,91 @@
+<?php
+
+namespace CleantalkSP\SpbctWP\FeatureRestriction;
+
+use CleantalkSP\SpbctWP\State;
+
+class FeatureRestrictionService
+{
+    /**
+     * @var FeatureRestriction[]
+     */
+    public $restrictions;
+
+    /**
+     * Construct service. Init all the restrictions.
+     */
+    public function __construct()
+    {
+        $this->restrictions = $this->initRestrictions();
+    }
+
+    /**
+     * @return FeatureRestriction[]
+     */
+    public function initRestrictions()
+    {
+        $restrictions[] = new FeatureRestriction('firewall_log', true, true);
+        $restrictions[] = new FeatureRestriction('scanner', true, true);
+        $restrictions[] = new FeatureRestriction('security_log', true, true);
+        $restrictions[] = new FeatureRestriction('fswatcher', true, true);
+        $restrictions[] = new FeatureRestriction('backups', true, true);
+        return $restrictions;
+    }
+
+
+    /**
+     * Get the state of a feature for the given SPBC state and feature name.
+     *
+     * @param State $spbc Global SPBC State object
+     * @param string $feature_name The name of the feature.
+     * @return FeatureRestrictionState The state of the feature.
+     * @throws \Exception If called restriction name is not registered
+     * @psalm-suppress PossiblyUnusedMethod
+     */
+    public function getState($spbc, $feature_name)
+    {
+        $result = new FeatureRestrictionState();
+
+        $current_feature_restrictions = $this->getRestrictionByName($feature_name);
+
+        if ( !$current_feature_restrictions) {
+            throw new \Exception(__CLASS__ . ' error: Feature restriction name is not registered! ' . $feature_name);
+        }
+
+        if ( ! $spbc->key_is_ok ) {
+            if ($current_feature_restrictions->on_key_fail) {
+                $result->is_active = false;
+                $result->info_html = FeatureRestrictionView::keyNotValid();
+            }
+        } elseif ( ! $spbc->moderate ) {
+            if ( $current_feature_restrictions->on_moderate_fail ) {
+                $result->is_active = false;
+                if ( $spbc->data['key_changed'] ) {
+                    // Here we need to check if the key was changed and the plugin is waiting for the sync.
+                    $result->info_html = FeatureRestrictionView::waitForSync();
+                } else {
+                    $result->info_html = FeatureRestrictionView::renewNotice();
+                }
+            }
+        }
+        return $result;
+    }
+
+
+    /**
+     * Get the restriction by name.
+     *
+     * @param string $name The name of the restriction to retrieve.
+     *
+     * @return FeatureRestriction|false The found restriction object if the name matches, or false if no restriction was found.
+     */
+    private function getRestrictionByName($name)
+    {
+        foreach ($this->restrictions as $restriction) {
+            if ($restriction->name === $name) {
+                return $restriction;
+            }
+        }
+        return false;
+    }
+}

lib/CleantalkSP/SpbctWP/FeatureRestriction/FeatureRestrictionState.php

@@ -0,0 +1,53 @@
+<?php
+
+namespace CleantalkSP\SpbctWP\FeatureRestriction;
+
+/**
+ * Class FeatureRestrictionState
+ *
+ * Represents the restriction state of a feature.
+ */
+class FeatureRestrictionState
+{
+    /**
+     * @var bool
+     * @psalm-suppress PossiblyUnusedProperty
+     */
+    public $is_active;
+    /**
+     * @var string
+     */
+    public $info_html;
+
+    /**
+     * Constructor method for the class.
+     *
+     * @param bool $is_active (Optional) The flag to indicate if the object is active. Defaults to true.
+     * @param string $info_html (Optional) The HTML information string. Defaults to an empty string.
+     * @return void
+     */
+    public function __construct($is_active = true, $info_html = '')
+    {
+        $this->is_active = isset($is_active) ? (bool) $is_active : true;
+        $this->info_html = isset($info_html) ? $info_html : '';
+    }
+
+    /**
+     * Sanitizes and escapes HTML output.
+     *
+     * This method uses the escKsesPreset() function from the Escape class
+     * to sanitize and escape the given HTML output.
+     *
+     * @return string The sanitized and escaped HTML output.
+     * @psalm-suppress PossiblyUnusedMethod
+     */
+    public function sanitizedReasonOutput()
+    {
+        return \CleantalkSP\SpbctWP\Escape::escKsesPreset(
+            $this->info_html,
+            'spbc_settings__feature_restrictions',
+            array(),
+            array('display')
+        );
+    }
+}