Content Helper: Implement AI feature permissions

[acicovic]

Description

With this PR, we're implementing Content Helper AI feature permissions in the back-end and front-end, as the continuation of the work introduced in #2554.

The default settings will be different based on whether the plugin installation is new or existing. For new installations, PCH AI features will be auto-enabled solely for users with the administrator User Role. For existing installations, the features will be auto-enabled for all User Roles who have the edit_posts capability, as done for all plugin versions before 3.16.0. This is done to prevent unexpected behavior changes while upgrading to 3.16.0. In both cases, administrators will be then able to adjust the related settings from the plugin's Settings page, under the Content Helper tab.

After the upgrade to 3.16.0, any newly added User Roles will need to be manually allowed access to the PCH AI features. This means that we're switching from an "on by default" to an "off by default" approach.

Motivation and context

Allow website administrator to control which Content Helper AI features are available to users, based on their User Role.

How has this been tested?

• Manual testing
• Updated existing tests that were failing after the changes.

Summary by CodeRabbit

• New Features

  • Introduced user permission checks for accessing specific features in the Content Helper.
  • Added error handling for access-related issues in the Content Helper.

• Enhancements

  • Improved permission management in various components, including the editor sidebar and smart linking functionalities.
  • Updated default user roles to streamline feature access control.

• Bug Fixes

  • Fixed incorrect permission checks to ensure users only access features they are authorized to use.

• Tests

  • Added comprehensive tests to validate new permission checks and transformations.

[coderabbitai]

Warning

Rate limit exceeded

@acicovic has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 0 minutes and 13 seconds before requesting another review.

How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

Commits

Files that changed from the base of the PR and between a71f4fd and 59301df.

Walkthrough

The changes introduce a comprehensive permissions system for Content Helper features, allowing more granular control over user access to features like smart linking and title suggestions. Core modifications include adding permissions checks, importing necessary classes, and updating method implementations across various files. Additionally, new utility functions and definitions for handling permissions in the frontend and backend were added.

Changes

Files/Groups	Change Summary
src/@types/assets/window.d.ts	Added global variable wpParselyContentHelperPermissions declaration.
src/Endpoints/	Updated to check user permissions before accessing features using Permissions::current_user_can_use_pch_feature.
src/UI/class-settings-page.php	Changed allowed_user_roles to key-value pairs with strings/booleans.
src/class-parsely.php	Adjusted properties and methods to handle default values and permissions for roles.
src/class-permissions.php	Expanded Permissions class to validate user permissions, converting settings to JSON, and generating settings arrays.
src/content-helper/	Added and integrated new permissions-related imports, methods, and checks. Specifically added permission handling in common utils, editor-sidebar, excerpt generator, and error handling components.
tests/Integration/UI/SettingsPageTest.php	Enhanced to use transform_pch_options_for_validation for transforming and validating options.

Sequence Diagram(s)

sequenceDiagram
    participant User as User
    participant UI as User Interface (UI)
    participant API as API Endpoint
    participant Perm as Permissions Class

    User ->> UI: Request Access to Feature
    UI ->> API: Validate Access (smart linking, title suggestions)
    API ->> Perm: Validate Permissions for User
    Perm -->> API: Access Allowed / Denied
    API -->> UI: Response with Validation Result
    UI -->> User: Render Feature Based on Permissions

Loading

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[acicovic]

The SonarCloud failure is a code duplication warning, which can be ignored.

[coderabbitai]

Actionable comments posted: 12

Outside diff range and nitpick comments (4)

src/content-helper/common/utils/permissions.ts (1)

1-9: Ensure JSDoc comments are complete and accurate.

The JSDoc comment for ContentHelperPermissions should include descriptions for each property and a @typedef tag.

/**
 * Defines the structure of a Content Helper Permissions object.
 *
 * @since 3.16.0
 * 
 * @typedef {Object} ContentHelperPermissions
 * @property {boolean} SmartLinking - Indicates if Smart Linking is enabled.
 * @property {boolean} TitleSuggestions - Indicates if Title Suggestions are enabled.
 */

src/@types/assets/window.d.ts (1)

27-27: Ensure JSDoc comments are complete and accurate.

The JSDoc comment for wpParselyContentHelperPermissions should include a description of its purpose and usage.

/**
 * @property {string} wpParselyContentHelperPermissions - JSON string representing the current user's permissions for the Content Helper.
 */

src/content-helper/editor-sidebar/tabs/sidebar-tools-tab.tsx (2)

11-11: Ensure JSDoc comments are complete and accurate.

The JSDoc comment for ContentHelperPermissions should include descriptions for each property.

/**
 * @typedef {Object} ContentHelperPermissions
 * @property {boolean} SmartLinking - Indicates if Smart Linking is enabled.
 * @property {boolean} TitleSuggestions - Indicates if Title Suggestions are enabled.
 */

---

24-24: Ensure JSDoc comments are complete and accurate.

The JSDoc comment for SidebarToolsTabProps should include descriptions for each property.

/**
 * SidebarToolsTab component props.
 *
 * @since 3.14.0
 * 
 * @typedef {Object} SidebarToolsTabProps
 * @property {function} trackToggle - Function to track the toggle state.
 * @property {ContentHelperPermissions} permissions - The permissions object for the Content Helper.
 */

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between a8a0012 and a89c2c8.

Files ignored due to path filters (6)

• build/content-helper/dashboard-widget.asset.php is excluded by !build/**
• build/content-helper/dashboard-widget.js is excluded by !build/**
• build/content-helper/editor-sidebar.asset.php is excluded by !build/**
• build/content-helper/editor-sidebar.js is excluded by !build/**
• build/content-helper/excerpt-generator.asset.php is excluded by !build/**
• build/content-helper/excerpt-generator.js is excluded by !build/**

Files selected for processing (18)

• src/@types/assets/window.d.ts (1 hunks)
• src/Endpoints/content-helper/class-smart-linking-endpoint.php (3 hunks)
• src/Endpoints/content-suggestions/class-suggest-brief-api-proxy.php (2 hunks)
• src/Endpoints/content-suggestions/class-suggest-headline-api-proxy.php (2 hunks)
• src/Endpoints/content-suggestions/class-suggest-linked-reference-api-proxy.php (2 hunks)
• src/UI/class-settings-page.php (1 hunks)
• src/class-parsely.php (4 hunks)
• src/class-permissions.php (2 hunks)
• src/content-helper/common/class-content-helper-feature.php (2 hunks)
• src/content-helper/common/content-helper-error.tsx (3 hunks)
• src/content-helper/common/utils/permissions.ts (1 hunks)
• src/content-helper/editor-sidebar/editor-sidebar.tsx (3 hunks)
• src/content-helper/editor-sidebar/smart-linking/class-smart-linking.php (2 hunks)
• src/content-helper/editor-sidebar/smart-linking/component.tsx (5 hunks)
• src/content-helper/editor-sidebar/smart-linking/smart-linking.tsx (4 hunks)
• src/content-helper/editor-sidebar/tabs/sidebar-tools-tab.tsx (3 hunks)
• src/content-helper/excerpt-generator/class-excerpt-generator.php (2 hunks)
• tests/Integration/UI/SettingsPageTest.php (16 hunks)

Additional context used

Path-based instructions (18)

src/content-helper/common/utils/permissions.ts (1)

Pattern **/*.{js,ts,tsx,jsx}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the code to ensure it is well-structured and adheres to best practices.
• Verify compliance with WordPress coding standards.
• Ensure the code is well-documented.
• Check for security vulnerabilities and confirm the code is secure.
• Optimize the code for performance, removing any unnecessary elements.
• Validate JSDoc comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Confirm every JSDoc comment includes a @SInCE tag indicating the next version of the plugin to include the code.
• Guarantee compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/@types/assets/window.d.ts (1)

Pattern **/*.{js,ts,tsx,jsx}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the code to ensure it is well-structured and adheres to best practices.
• Verify compliance with WordPress coding standards.
• Ensure the code is well-documented.
• Check for security vulnerabilities and confirm the code is secure.
• Optimize the code for performance, removing any unnecessary elements.
• Validate JSDoc comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Confirm every JSDoc comment includes a @SInCE tag indicating the next version of the plugin to include the code.
• Guarantee compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/content-helper/excerpt-generator/class-excerpt-generator.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/content-helper/editor-sidebar/tabs/sidebar-tools-tab.tsx (1)

Pattern **/*.{js,ts,tsx,jsx}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the code to ensure it is well-structured and adheres to best practices.
• Verify compliance with WordPress coding standards.
• Ensure the code is well-documented.
• Check for security vulnerabilities and confirm the code is secure.
• Optimize the code for performance, removing any unnecessary elements.
• Validate JSDoc comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Confirm every JSDoc comment includes a @SInCE tag indicating the next version of the plugin to include the code.
• Guarantee compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/Endpoints/content-suggestions/class-suggest-headline-api-proxy.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/Endpoints/content-suggestions/class-suggest-brief-api-proxy.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/Endpoints/content-suggestions/class-suggest-linked-reference-api-proxy.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/content-helper/editor-sidebar/smart-linking/smart-linking.tsx (1)

Pattern **/*.{js,ts,tsx,jsx}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the code to ensure it is well-structured and adheres to best practices.
• Verify compliance with WordPress coding standards.
• Ensure the code is well-documented.
• Check for security vulnerabilities and confirm the code is secure.
• Optimize the code for performance, removing any unnecessary elements.
• Validate JSDoc comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Confirm every JSDoc comment includes a @SInCE tag indicating the next version of the plugin to include the code.
• Guarantee compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/class-permissions.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/content-helper/editor-sidebar/smart-linking/class-smart-linking.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/content-helper/common/class-content-helper-feature.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/content-helper/common/content-helper-error.tsx (1)

Pattern **/*.{js,ts,tsx,jsx}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the code to ensure it is well-structured and adheres to best practices.
• Verify compliance with WordPress coding standards.
• Ensure the code is well-documented.
• Check for security vulnerabilities and confirm the code is secure.
• Optimize the code for performance, removing any unnecessary elements.
• Validate JSDoc comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Confirm every JSDoc comment includes a @SInCE tag indicating the next version of the plugin to include the code.
• Guarantee compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/content-helper/editor-sidebar/editor-sidebar.tsx (1)

Pattern **/*.{js,ts,tsx,jsx}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the code to ensure it is well-structured and adheres to best practices.
• Verify compliance with WordPress coding standards.
• Ensure the code is well-documented.
• Check for security vulnerabilities and confirm the code is secure.
• Optimize the code for performance, removing any unnecessary elements.
• Validate JSDoc comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Confirm every JSDoc comment includes a @SInCE tag indicating the next version of the plugin to include the code.
• Guarantee compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/Endpoints/content-helper/class-smart-linking-endpoint.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/content-helper/editor-sidebar/smart-linking/component.tsx (1)

Pattern **/*.{js,ts,tsx,jsx}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the code to ensure it is well-structured and adheres to best practices.
• Verify compliance with WordPress coding standards.
• Ensure the code is well-documented.
• Check for security vulnerabilities and confirm the code is secure.
• Optimize the code for performance, removing any unnecessary elements.
• Validate JSDoc comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Confirm every JSDoc comment includes a @SInCE tag indicating the next version of the plugin to include the code.
• Guarantee compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/class-parsely.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

tests/Integration/UI/SettingsPageTest.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

src/UI/class-settings-page.php (1)

Pattern **/*.{html,php}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the HTML and PHP code to ensure it is well-structured and adheres to best practices.
• Ensure the code follows WordPress coding standards and is well-documented.
• Confirm the code is secure and free from vulnerabilities.
• Optimize the code for performance, removing any unnecessary elements.
• Validate comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Verify code compatibility with the latest version of WordPress, avoiding deprecated functions or features."

Additional comments not posted (21)

src/content-helper/excerpt-generator/class-excerpt-generator.php (1)

14-14: Ensure the import statement is necessary and used correctly.

Confirm that the Permissions class is used within this file.

Verification successful

---

The import statement for Permissions is necessary and used correctly.

• The Permissions class is utilized in the class-excerpt-generator.php file.
• Specifically, it is used in the line Permissions::current_user_can_use_pch_feature.

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify that the `Permissions` class is used within this file.

# Test: Search for the usage of `Permissions` class. Expect: Only occurances of the new usage.
rg --type php $'Permissions' src/content-helper/excerpt-generator/class-excerpt-generator.php

Length of output: 173

src/Endpoints/content-suggestions/class-suggest-headline-api-proxy.php (1)

16-16: Ensure the import statement is necessary and used correctly.

Confirm that the Permissions class is used within this file.

Verification successful

---

The import statement for Permissions is necessary and used correctly.

• The Permissions class is used within the file to perform a permission check.

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify that the `Permissions` class is used within this file.

# Test: Search for the usage of `Permissions` class. Expect: Only occurances of the new usage.
rg --type php $'Permissions' src/Endpoints/content-suggestions/class-suggest-headline-api-proxy.php

Length of output: 219

src/content-helper/editor-sidebar/smart-linking/class-smart-linking.php (2)

Line range hint 112-135: LGTM!

The function is well-implemented and follows WordPress best practices.

---

Line range hint 164-210: LGTM!

The function is well-implemented and follows WordPress best practices.

src/content-helper/common/class-content-helper-feature.php (1)

132-140: Ensure the security of injected permissions.

The permissions JSON is being injected directly into the global window object. Ensure that the Permissions::get_pch_permissions_json method sanitizes the data to prevent potential XSS attacks.

src/content-helper/common/content-helper-error.tsx (2)

21-21: New error code addition looks good.

The new error code AccessToFeatureDisabled is correctly added to the enumeration.

---

88-93: Specific error message addition looks good.

The specific message for the error code AccessToFeatureDisabled is appropriate and correctly localized.

src/content-helper/editor-sidebar/editor-sidebar.tsx (2)

33-33: Permissions retrieval looks good.

The getContentHelperPermissions function is correctly imported.

---

249-252: Permissions passing looks good.

The permissions are correctly passed to the SidebarToolsTab component.

src/Endpoints/content-helper/class-smart-linking-endpoint.php (1)

Line range hint 55-69: Permissions check looks good.

The Permissions::current_user_can_use_pch_feature method is correctly used to check user permissions.

src/content-helper/editor-sidebar/smart-linking/component.tsx (2)

45-45: Permissions prop addition looks good.

The permissions prop is correctly added to SmartLinkingPanelProps.

---

201-203: Permissions check looks good.

The permissions.SmartLinking value is correctly checked before initializing smart links.

src/class-parsely.php (4)

544-558: LGTM! But verify the function usage in the codebase.

The set_default_content_helper_settings_values function is well-implemented. Ensure that it is correctly invoked and integrated within the codebase.

Verification successful

---

Function usage verified.

The set_default_content_helper_settings_values function is correctly invoked within the class logic to set default values for the content_helper settings when they are missing. This ensures proper initialization for existing plugin installations.

• File: src/class-parsely.php
• Lines: 544-558

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify the usage of the `set_default_content_helper_settings_values` function in the codebase.

# Test: Search for the function usage. Expect: Proper invocation and integration.
rg --type php $'set_default_content_helper_settings_values'

Length of output: 228

---

---

Script:

#!/bin/bash
# Description: Get surrounding lines of the invocation of set_default_content_helper_settings_values function to understand its context.

# Extract 10 lines before and after the invocation for context.
rg --type php -C 10 'this->set_default_content_helper_settings_values()'

Length of output: 1301

---

552-558: LGTM! But verify the Permissions class usage.

The set_default_content_helper_settings_values function is well-implemented. Ensure that the Permissions class is correctly used and integrated within the codebase.

Verification successful

---

LGTM! The Permissions class is correctly used and integrated.

The methods build_pch_permissions_settings_array and get_user_roles_with_edit_posts_cap are properly defined within the Permissions class. The set_default_content_helper_settings_values function is well-implemented.

• src/class-permissions.php: public static function build_pch_permissions_settings_array
• src/class-permissions.php: public static function get_user_roles_with_edit_posts_cap

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify the usage of the `Permissions` class in the codebase.

# Test: Search for the usage of the `Permissions` class. Expect: Proper integration.
rg --type php $'Permissions'

Length of output: 2496

---

---

Script:

#!/bin/bash
# Description: Verify the definitions and usage of specific methods in the `Permissions` class.

# Search for the definition of the `build_pch_permissions_settings_array` method.
ast-grep --lang php --pattern 'function build_pch_permissions_settings_array($_, $_) { $$$ }'

# Search for the definition of the `get_user_roles_with_edit_posts_cap` method.
ast-grep --lang php --pattern 'function get_user_roles_with_edit_posts_cap() { $$$ }'

Length of output: 397

---

---

Script:

#!/bin/bash
# Description: Verify the definitions and usage of specific methods in the `Permissions` class using `rg`.

# Search for the definition of the `build_pch_permissions_settings_array` method.
rg --type php 'function build_pch_permissions_settings_array'

# Search for the definition of the `get_user_roles_with_edit_posts_cap` method.
rg --type php 'function get_user_roles_with_edit_posts_cap'

Length of output: 309

---

442-446: Ensure the new default setting is correctly integrated.

The check for content_helper is crucial for backward compatibility. Verify that this setting is correctly handled in all relevant parts of the codebase.

---

436-438: Ensure the new default setting is correctly integrated.

The check for full_metadata_in_non_posts is crucial for backward compatibility. Verify that this setting is correctly handled in all relevant parts of the codebase.

Verification successful

---

The full_metadata_in_non_posts setting is correctly integrated.

The setting full_metadata_in_non_posts is used across different parts of the codebase, including the main class, UI settings page, and integration tests, ensuring proper integration and coverage.

• src/class-parsely.php: Main class handling the setting.
• src/UI/class-settings-page.php: UI settings page integration.
• tests/Integration/OptionsTest.php: Multiple tests verifying the setting's behavior.

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify the usage of the `full_metadata_in_non_posts` setting in the codebase.

# Test: Search for the usage of the `full_metadata_in_non_posts` setting. Expect: Proper integration.
rg --type php $'full_metadata_in_non_posts'

Length of output: 4894

tests/Integration/UI/SettingsPageTest.php (3)

105-107: LGTM! But verify the transformation function usage.

The transform_pch_options_for_validation function is well-implemented. Ensure that it is correctly used and integrated within the test suite.

Verification successful

The function transform_pch_options_for_validation is used multiple times in the tests/Integration/UI/SettingsPageTest.php file. To ensure it is correctly invoked and integrated, we need to inspect its definition and the context around its usage.

---

Function transform_pch_options_for_validation is correctly used and integrated.

The transform_pch_options_for_validation function is defined to transform ParselySettingOptions appropriately and is used multiple times within the tests/Integration/UI/SettingsPageTest.php file. The function's implementation aligns with its intended purpose, ensuring proper invocation and integration within the test suite.

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify the usage of the `transform_pch_options_for_validation` function in the test suite.

# Test: Search for the function usage. Expect: Proper invocation and integration.
rg --type php $'transform_pch_options_for_validation'

Length of output: 1678

---

---

Script:

#!/bin/bash
# Display the definition of the function `transform_pch_options_for_validation` and its surrounding context in the file.
rg --type php --context 10 $'private function transform_pch_options_for_validation' tests/Integration/UI/SettingsPageTest.php

Length of output: 916

---

94-96: LGTM! But verify the transformation function usage.

The transform_pch_options_for_validation function is well-implemented. Ensure that it is correctly used and integrated within the test suite.

Verification successful

LGTM! But verify the transformation function implementation.

The transform_pch_options_for_validation function is integrated multiple times in the tests/Integration/UI/SettingsPageTest.php file. Ensure that its implementation is correct and aligns with the expected functionality.

---

LGTM! The transform_pch_options_for_validation function is correctly implemented and used.

The function transform_pch_options_for_validation is well-defined and integrated appropriately in the tests/Integration/UI/SettingsPageTest.php file. The implementation ensures that certain user roles are set for various content helper options, which aligns with the expected functionality.

• Implementation of transform_pch_options_for_validation:

  private function transform_pch_options_for_validation( $options ) {
    $options['content_helper']['smart_linking']['allowed_user_roles']       = array( 'administrator' => true );
    $options['content_helper']['title_suggestions']['allowed_user_roles']   = array( 'administrator' => true );
    $options['content_helper']['excerpt_suggestions']['allowed_user_roles'] = array( 'administrator' => true );
  
    return $options;
  }

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify the usage of the `transform_pch_options_for_validation` function in the test suite.

# Test: Search for the function usage. Expect: Proper invocation and integration.
rg --type php $'transform_pch_options_for_validation'

Length of output: 1678

---

---

Script:

#!/bin/bash
# Description: Verify the implementation of the `transform_pch_options_for_validation` function.

# Test: Extract the implementation of the `transform_pch_options_for_validation` function.
ast-grep --lang php --pattern $'private function transform_pch_options_for_validation($_) {
  $$$
}' tests/Integration/UI/SettingsPageTest.php

Length of output: 250

---

---

Script:

#!/bin/bash
# Description: Verify the implementation of the `transform_pch_options_for_validation` function.

# Test: Extract the implementation of the `transform_pch_options_for_validation` function.
rg --context 10 --type php 'private function transform_pch_options_for_validation' tests/Integration/UI/SettingsPageTest.php

Length of output: 916

---

146-148: LGTM! But verify the transformation function usage.

The transform_pch_options_for_validation function is well-implemented. Ensure that it is correctly used and integrated within the test suite.

Verification successful

---

LGTM! The transform_pch_options_for_validation function is correctly implemented and well-integrated within the test suite.

• The function sets specific roles for different content helper features in the options array and returns the modified array.
• The integration of this function in the test suite is consistent and appropriate.

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify the usage of the `transform_pch_options_for_validation` function in the test suite.

# Test: Search for the function usage. Expect: Proper invocation and integration.
rg --type php $'transform_pch_options_for_validation'

Length of output: 1678

---

---

Script:

#!/bin/bash
# Description: Verify the implementation of the `transform_pch_options_for_validation` function.

# Retrieve the implementation of the function.
ast-grep --lang php --pattern $'private function transform_pch_options_for_validation($_) {
  $$$
}'

Length of output: 208

---

---

Script:

#!/bin/bash
# Description: Verify the implementation of the `transform_pch_options_for_validation` function.

# Use `rg` to search for the function definition in the codebase.
rg --type php 'private function transform_pch_options_for_validation'

Length of output: 182

---

---

Script:

#!/bin/bash
# Description: Extract the full implementation of the `transform_pch_options_for_validation` function.

# Extract lines around the function definition to capture the full implementation.
rg --type php -A 20 -B 2 'private function transform_pch_options_for_validation' tests/Integration/UI/SettingsPageTest.php

Length of output: 1256

src/UI/class-settings-page.php (2)

81-81: Type definition update for allowed_user_roles is correct.

The updated type definition allows for more flexibility in specifying user roles.

---

Line range hint 384-389: Conversion of user role settings is correctly implemented.

The changes ensure that user role settings are correctly handled in the settings page.

However, verify the usage of the method print_content_helper_ai_feature_section in the codebase to ensure consistency.

Verification successful

The method print_content_helper_ai_feature_section is used multiple times in src/UI/class-settings-page.php. These usages need to be verified for consistency and correctness in handling user role settings.

---

Conversion of user role settings is correctly implemented.

The method print_content_helper_ai_feature_section is consistently used to add settings fields for different features, and its implementation correctly handles the options and feature IDs.

• src/UI/class-settings-page.php:
  • Implementation: Line 926
  • Usages: Lines 471, 487, 503

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify the usage of the method `print_content_helper_ai_feature_section` in the codebase.

# Test: Search for the method usage. Expect: Consistent implementation throughout the codebase.
rg --type php $'print_content_helper_ai_feature_section'

Length of output: 439

---

---

Script:

#!/bin/bash
# Description: Extract the implementation and usages of the method `print_content_helper_ai_feature_section` in the codebase.

# Extract the implementation of the method.
rg --type php --no-heading --line-number --context 3 'function print_content_helper_ai_feature_section' src/UI/class-settings-page.php

# Extract the lines where the method is used.
rg --type php --no-heading --line-number --context 3 'print_content_helper_ai_feature_section' src/UI/class-settings-page.php

Length of output: 1522

[coderabbitai]

Actionable comments posted: 1

Outside diff range and nitpick comments (1)

src/content-helper/common/utils/permissions.ts (1)

6-9: Add documentation for the interface properties.

To improve code readability and maintainability, add JSDoc comments for each property in the ContentHelperPermissions interface.

export interface ContentHelperPermissions {
+  /**
+   * Indicates if the Smart Linking feature is enabled.
+   */
	SmartLinking: boolean;
+  /**
+   * Indicates if the Title Suggestions feature is enabled.
+   */
	TitleSuggestions: boolean;
}

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between a89c2c8 and a71f4fd.

Files ignored due to path filters (2)

• build/content-helper/editor-sidebar.asset.php is excluded by !build/**
• build/content-helper/editor-sidebar.js is excluded by !build/**

Files selected for processing (1)

• src/content-helper/common/utils/permissions.ts (1 hunks)

Additional context used

Path-based instructions (1)

src/content-helper/common/utils/permissions.ts (1)

Pattern **/*.{js,ts,tsx,jsx}: "Perform a detailed review of the provided code with following key aspects in mind:

• Review the code to ensure it is well-structured and adheres to best practices.
• Verify compliance with WordPress coding standards.
• Ensure the code is well-documented.
• Check for security vulnerabilities and confirm the code is secure.
• Optimize the code for performance, removing any unnecessary elements.
• Validate JSDoc comments for accuracy, currency, and adherence to WordPress coding standards.
• Ensure each line comment concludes with a period.
• Confirm every JSDoc comment includes a @SInCE tag indicating the next version of the plugin to include the code.
• Guarantee compatibility with the latest version of WordPress, avoiding deprecated functions or features."

[vaurdan]

Looks good to me! I have approved the PR, and left a couple notes/suggestions.

[vaurdan]

This is a suggestion for the future, not really necessary for now, but instead of doing these conditional checks, we can likely create a <ValidatePermissions> component, and have it validate the correct permissions for each panel.

[acicovic]

Yes, I think this is a good idea, and in line with what we're doing for credential validation. 🙂