??????????????
ï»¿??????????????
ï»¿??????????????
ï»¿??????????????
??????????????
ï»¿??????????????
ï»¿??????????????
ï»¿??????????????
??????????????
ï»¿??????????????
ï»¿??????????????
ï»¿??????????????
??????????????
ï»¿??????????????
ï»¿??????????????
ï»¿??????????????
PK     ò‚ë\ø´€t¯  ¯    class-admin-sidebar-link.phpnu „[µü¤        <?php
/**
 * A class that adds a scan and backup link to the admin sidebar.
 *
 * @package automattic/jetpack
 */

namespace Automattic\Jetpack\Scan;

use Automattic\Jetpack\Admin_UI\Admin_Menu;
use Automattic\Jetpack\My_Jetpack\Products\Backup;
use Automattic\Jetpack\Redirect;
use Automattic\Jetpack\Status\Host;
use Jetpack_Core_Json_Api_Endpoints;

/**
 * Class Main
 *
 * Responsible for showing the link if available.
 *
 * @package Automattic\Jetpack\Scan
 */
class Admin_Sidebar_Link {

	const SCHEDULE_ACTION_HOOK = 'jetpack_scan_refresh_states_event';

	/**
	 * The singleton instance of this class.
	 *
	 * @var Admin_Sidebar_Link
	 */
	protected static $instance;

	/**
	 * Used to check if we need to schedule the refresh or we need to do it.
	 *
	 * @var boolean | null
	 */
	private $schedule_refresh_checked;

	/**
	 * Get the singleton instance of the class.
	 *
	 * @return Admin_Sidebar_Link
	 */
	public static function instance() {
		if ( ! isset( self::$instance ) ) {
			self::$instance = new Admin_Sidebar_Link();
			self::$instance->init_hooks();
		}

		return self::$instance;
	}

	/**
	 * Adds action hooks.
	 */
	public function init_hooks() {
		add_action( 'jetpack_admin_menu', array( $this, 'maybe_add_admin_link' ), 99 );
		add_action( self::SCHEDULE_ACTION_HOOK, array( $this, 'refresh_state_cache' ) );
	}

	/**
	 * Adds a link to the Scan and Backup page.
	 */
	public function maybe_add_admin_link() {
		if ( ! $this->should_show_link() ) {
			return;
		}

		if ( $this->should_show_scan() ) {
			Admin_Menu::add_menu(
				/** "Scan" is a product name, do not translate. */
				'Scan',
				'Scan <span aria-hidden="true">â†—</span>',
				'manage_options',
				esc_url( Redirect::get_url( 'cloud-scan-history-wp-menu' ) ),
				null,
				$this->get_link_offset()
			);
		}

		// Add scan item which shows history page only. This is mutally exclusive from the scan item above and is only shown for Atomic sitse.
		if ( $this->should_show_scan_history_only() ) {
			Admin_Menu::add_menu(
				/** "Scan" is a product name, do not translate. */
				'Scan',
				'Scan <span aria-hidden="true">â†—</span>',
				'manage_options',
				esc_url( Redirect::get_url( 'cloud-scan-history-wp-menu' ) ),
				null,
				$this->get_link_offset()
			);
		}

		if ( $this->should_show_backup() ) {
			Admin_Menu::add_menu(
				/** "VaultPress Backup" is a product name, do not translate. */
				'VaultPress Backup',
				'VaultPress Backup <span aria-hidden="true">â†—</span>',
				'manage_options',
				esc_url( Redirect::get_url( 'calypso-backups' ) ),
				null,
				$this->get_link_offset()
			);
		}
	}

	/**
	 * We create a menu offset by counting all the pages that have a jetpack_admin_page set as the capability.
	 *
	 * This makes it so that the highlight of the pages works as expected. When you click on the Setting or Dashboard.
	 *
	 * @return int Menu offset.
	 */
	private function get_link_offset() {
		global $submenu;
		$offset = 17;

		if ( ! array_key_exists( 'jetpack', $submenu ) ) {
			return $offset;
		}

		foreach ( $submenu['jetpack'] as $link ) {
			if ( 'jetpack_admin_page' !== $link[1] ) {
				break;
			}
			++$offset;
		}

		return $offset;
	}

	/**
	 * Refreshes the state cache via API call. Called via cron.
	 */
	public function refresh_state_cache() {
		Jetpack_Core_Json_Api_Endpoints::get_scan_state();
		Jetpack_Core_Json_Api_Endpoints::get_rewind_data();
	}

	/**
	 * Returns true if the link should appear.
	 *
	 * @return boolean
	 */
	private function should_show_link() {
		// Jetpack Scan/Backup is currently not supported on multisite.
		if ( is_multisite() ) {
			return false;
		}

		// Check if VaultPress is active, the assumption there is that VaultPress is working.
		// It has its link the adminbar.
		if ( class_exists( 'VaultPress' ) ) {
			return false;
		}

		return $this->should_show_scan() || $this->should_show_backup() || $this->should_show_scan_history_only();
	}

	/**
	 * Check if we should display the Scan menu item.
	 *
	 * It will only be displayed if site has Scan enabled, is not an Atomic site, and the stand-alone Protect plugin is not active, because it will have a menu item of its own.
	 *
	 * @return boolean
	 */
	private function should_show_scan() {
		return $this->has_scan() && ! $this->has_protect_plugin() && ! ( new Host() )->is_woa_site();
	}

	/**
	 * Check if we should display the Scan menu item history.
	 *
	 * It will only be displayed if site has Scan enabled, is an Atomic site.
	 *
	 * @return boolean
	 */
	private function should_show_scan_history_only() {
		return $this->has_scan() && ( new Host() )->is_woa_site() && get_option( 'wpcom_admin_interface' ) === 'wp-admin';
	}

	/**
	 * Check if we should display the Backup menu item.
	 *
	 * It will only be displayed if site has Backup enabled and the stand-alone Backup plugin is not active, because it will have a menu item of its own.
	 *
	 * @return boolean
	 */
	private function should_show_backup() {
		return $this->has_backup() && ! $this->has_backup_plugin();
	}

	/**
	 * Detects if Scan is enabled.
	 *
	 * @return boolean
	 */
	private function has_scan() {
		$this->maybe_refresh_transient_cache();
		$scan_state = get_transient( 'jetpack_scan_state' );
		if ( ! $scan_state ) {
			return false;
		}

		return isset( $scan_state->state ) && 'unavailable' !== $scan_state->state;
	}

	/**
	 * Detects if Protect plugin is active.
	 *
	 * @return boolean
	 */
	private function has_protect_plugin() {
		return class_exists( 'Jetpack_Protect' );
	}

	/**
	 * Detects if Backup is enabled.
	 *
	 * @return boolean
	 */
	private function has_backup() {
		$this->maybe_refresh_transient_cache();
		$rewind_state = get_transient( 'jetpack_rewind_state' );
		if ( ! $rewind_state ) {
			return false;
		}

		return isset( $rewind_state->state ) && 'unavailable' !== $rewind_state->state;
	}

	/**
	 * Detects if Backup plugin is active.
	 *
	 * @return boolean
	 */
	private function has_backup_plugin() {
		return Backup::is_standalone_plugin_active();
	}

	/**
	 * Triggers a cron job to refresh the Scan and Rewind state cache.
	 */
	private function maybe_refresh_transient_cache() {
		if ( $this->schedule_refresh_checked ) {
			return;
		}

		// Do we have a jetpack_scan and jetpack_rewind state set?
		if ( get_transient( 'jetpack_scan_state' ) && get_transient( 'jetpack_rewind_state' ) ) {
			return;
		}

		if ( false === wp_next_scheduled( self::SCHEDULE_ACTION_HOOK ) ) {
			wp_schedule_single_event( time(), self::SCHEDULE_ACTION_HOOK );
		}

		$this->schedule_refresh_checked = true;
	}
}
PK     ò‚ë\TQÒê  ê    scan.phpnu „[µü¤        <?php
/**
 * Jetpack Scan features that show up on the jetpack admin side.
 * - Adds a admin bar notice when the site has threats.
 *
 * @package automattic/jetpack
 */

namespace Automattic\Jetpack\Scan;

if ( ! defined( 'ABSPATH' ) ) {
	exit( 0 );
}

if ( ! apply_filters( 'jetpack_disable_scan', false ) ) {
	require_once __DIR__ . '/class-admin-bar-notice.php';
	require_once __DIR__ . '/class-admin-sidebar-link.php';

	Admin_Bar_Notice::instance();
	Admin_Sidebar_Link::instance();
}
PK     ò‚ë\ô”+Ô›  ›    admin-bar-notice.jsnu „[µü¤        ( function ( localized ) {
	function ready( fn ) {
		if ( document.readyState !== 'loading' ) {
			fn();
		} else {
			document.addEventListener( 'DOMContentLoaded', fn );
		}
	}

	function fetch_scan_treats_and_add_link() {
		var xhrRequest = new XMLHttpRequest();
		xhrRequest.open( 'GET', localized.scan_endpoint, true );
		xhrRequest.onload = function () {
			if ( this.status === 200 ) {
				// Success!
				var body = JSON.parse( this.response );
				if ( body && body.data ) {
					var apiResponse = JSON.parse( body.data );
					var numberOfThreats =
						apiResponse.threats && apiResponse.threats.length ? apiResponse.threats.length : 0;
					update_threats_link( numberOfThreats );
				} else {
					update_threats_link( 0 );
				}
			} else {
				update_threats_link( 0 );
			}
		};
		xhrRequest.setRequestHeader( 'X-WP-Nonce', localized.nonce );
		xhrRequest.send();
	}

	ready( function () {
		fetch_scan_treats_and_add_link();
	} );

	function update_threats_link( numberOfThreats ) {
		var element = document.getElementById( 'wp-admin-bar-jetpack-scan-notice' );
		if ( ! element ) {
			return;
		}

		if ( ! numberOfThreats ) {
			element.parentNode.removeChild( element );
			return;
		}

		var textLabel = numberOfThreats === 1 ? localized.singular : localized.multiple;
		element.innerHTML =
			'<a href="' + localized.scan_dashboard_url + '" class="ab-item">' + textLabel + '</a>';
	}
} )( window.Jetpack_Scan );
PK     ò‚ë\_J€v  v    class-admin-bar-notice.phpnu „[µü¤        <?php
/**
 * A class that adds the scan notice to the admin bar.
 *
 * @package automattic/jetpack
 */

namespace Automattic\Jetpack\Scan;

use Automattic\Jetpack\Assets;
use Automattic\Jetpack\Redirect;
use WP_Admin_Bar;

/**
 * Class Main
 *
 * Responsible for loading the admin bar notice if threats are found.
 *
 * @package Automattic\Jetpack\Scan
 */
class Admin_Bar_Notice {
	const SCRIPT_NAME    = 'jetpack-scan-show-notice';
	const SCRIPT_VERSION = '1';

	/**
	 * The singleton instance of this class.
	 *
	 * @var Admin_Bar_Notice
	 */
	protected static $instance;

	/**
	 * Get the singleton instance of the class.
	 *
	 * @return Admin_Bar_Notice
	 */
	public static function instance() {
		if ( ! isset( self::$instance ) ) {
			self::$instance = new Admin_Bar_Notice();
			self::$instance->init_hooks();
		}

		return self::$instance;
	}
	/**
	 * Initalize the hooks as needed.
	 */
	private function init_hooks() {
		if ( ! $this->should_try_to_display_notice() ) {
			return;
		}

		add_action( 'wp_enqueue_scripts', array( $this, 'enqueue_toolbar_script' ) );
		add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_toolbar_script' ) );
		add_action( 'admin_bar_menu', array( $this, 'add_threats_to_toolbar' ), 999 );

		// Inject the data-ampdevmode attribute into the inline <script> output via wp_localize_script(). To revisit after https://github.com/ampproject/amp-wp/issues/4598.
		add_filter(
			'amp_dev_mode_element_xpaths',
			static function ( $expressions ) {
				$expressions[] = '//script[ contains( text(), "Jetpack_Scan" ) ]';
				return $expressions;
			}
		);
	}

	/**
	 * Whether to even try to display the notice or now.
	 *
	 * @return bool
	 */
	private function should_try_to_display_notice() {
		// Jetpack Scan is currently not supported on multisite.
		if ( is_multisite() ) {
			return false;
		}

		// Check if VaultPress is active, the assumtion there is that VaultPress is working.
		// It has its own notice in the admin bar.
		if ( class_exists( 'VaultPress' ) ) {
			return false;
		}

		// Check if Protect is active.
		// It has its own notice in the admin bar.
		if ( class_exists( 'Jetpack_Protect' ) ) {
			return false;
		}

		// Only show the notice to admins.
		if ( ! current_user_can( 'manage_options' ) ) {
			return false;
		}

		return true;
	}

	/**
	 * Add the inline styles and scripts if they are needed.
	 */
	public function enqueue_toolbar_script() {
		$this->add_inline_styles();

		if ( $this->has_threats() !== null ) {
			return;
		}

		// We don't know about threats in the cache lets load the JS that fetches the info and updates the admin bar.
		Assets::register_script(
			self::SCRIPT_NAME,
			'_inc/build/scan/admin-bar-notice.min.js',
			JETPACK__PLUGIN_FILE,
			array(
				'in_footer'    => true,
				'strategy'     => 'defer',
				'nonmin_path'  => 'modules/scan/admin-bar-notice.js',
				'dependencies' => array( 'admin-bar' ),
				'version'      => self::SCRIPT_VERSION,
				'enqueue'      => true,
			)
		);
		$script_data = array(
			'nonce'              => wp_create_nonce( 'wp_rest' ),
			'scan_endpoint'      => get_rest_url( null, 'jetpack/v4/scan' ),
			'scan_dashboard_url' => Redirect::get_url( 'calypso-scanner' ),
			/* translators: %s is the alert icon */
			'singular'           => sprintf( esc_html__( '%s Threat found', 'jetpack' ), $this->get_icon() ),
			/* translators: %s is the alert icon */
			'multiple'           => sprintf( esc_html__( '%s Threats found', 'jetpack' ), $this->get_icon() ),
		);
		wp_localize_script( self::SCRIPT_NAME, 'Jetpack_Scan', $script_data );
	}

	/**
	 * Adds the inline styles if they are needed.
	 */
	public function add_inline_styles() {
		// We know there are no threats so lets not include any css.
		if ( false === $this->has_threats() ) {
			return;
		}

		// We might be showing the threats in the admin bar lets make sure that they look great!
		$hide_wording_on_mobile = '#wp-admin-bar-jetpack-scan-notice .is-hidden { display:none; } @media screen and (max-width: 959px ) { #wpadminbar #wp-admin-bar-jetpack-scan-notice { width:32px; } #wpadminbar #wp-admin-bar-jetpack-scan-notice a { color: transparent!important; } }';
		$style                  = '#wp-admin-bar-jetpack-scan-notice svg { float:left; margin-top: 4px; margin-right: 6px; width: 18px; height: 22px; }' . $hide_wording_on_mobile;
		if ( is_rtl() ) {
			$style = '#wp-admin-bar-jetpack-scan-notice svg { float:right; margin-top: 4px; margin-left: 6px; width: 18px; height: 22px; }' . $hide_wording_on_mobile;
		}
		wp_add_inline_style( 'admin-bar', $style );
	}

	/**
	 * Add the link to the admin bar.
	 *
	 * @param WP_Admin_Bar $wp_admin_bar WP Admin Bar class object.
	 */
	public function add_threats_to_toolbar( $wp_admin_bar ) {
		if ( ! $this->should_try_to_display_notice() ) {
			return;
		}

		$has_threats = $this->has_threats();
		if ( false === $has_threats ) {
			return;
		}

		$node = array(
			'id'     => 'jetpack-scan-notice',
			'title'  => '',
			'parent' => 'top-secondary',
			'meta'   => array(
				'title' => esc_attr__( 'View security scan details', 'jetpack' ),
				'class' => 'error is-hidden',
			),
		);

		if ( $has_threats ) {
			$node['href']           = esc_url( Redirect::get_url( 'calypso-scanner' ) );
			$node['meta']['target'] = '_blank';
			$node['meta']['rel']    = 'noopener noreferrer';
			$node['meta']['class']  = 'error';
			$node['title']          = sprintf(
				esc_html(
				/* translators: %s is the alert icon */
					_n( '%s Threat found', '%s Threats found', $this->get_threat_count(), 'jetpack' )
				),
				$this->get_icon()
			);
		}

		$wp_admin_bar->add_node( $node );
	}

	/**
	 * Returns the shield icon.
	 *
	 * @return string
	 */
	private function get_icon() {
		return '<svg width="18" height="22" viewBox="0 0 18 22" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M9 0L0 4V10C0 15.55 3.84 20.74 9 22C14.16 20.74 18 15.55 18 10V4L9 0Z" fill="#D63638"/><path d="M7.99121 6.00894H10.0085V11.9968H7.99121V6.00894Z" fill="#FFF"/><path d="M7.99121 14.014H10.0085V15.9911H7.99121V14.014Z" fill="#FFF"/></svg>';
	}

	/**
	 *
	 * Return Whether boolean cached threats exist or null if the state is unknown.
	 * * @return boolean or null
	 */
	public function has_threats() {
		$scan_state = get_transient( 'jetpack_scan_state' );
		if ( empty( $scan_state ) ) {
			return null;
		}
		// Return true if there is at least one threat found.
		return isset( $scan_state->threats[0] );
	}

	/**
	 * Returns the number of threats found or 0.
	 *
	 * @return int
	 */
	public function get_threat_count() {
		if ( ! $this->has_threats() ) {
			return 0;
		}

		$scan_state = get_transient( 'jetpack_scan_state' );
		return is_array( $scan_state->threats ) ? count( $scan_state->threats ) : 0;
	}
}
PK       ò‚ë\ø´€t¯  ¯                  class-admin-sidebar-link.phpnu „[µü¤