Merge branch 'develop'

mailchimp · Oct 14, 2024 · 8ae03f8 · 8ae03f8
2 parents d7ed3cc + 2a844b7
commit 8ae03f8
Show file tree

Hide file tree

Showing 11 changed files with 198 additions and 111 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -37,12 +37,12 @@ jobs:
       uses: actions/checkout@v4
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
 
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      uses: github/codeql-action/autobuild@v3
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,18 @@ All notable changes to this project will be documented in this file, per [the Ke
 
 ## [Unreleased] - TBD
 
+## [1.6.1] - 2024-10-14
+### Changed
+- Improved migration flow from API Key to OAuth authentication for a better user experience (props [@iamdharmesh](https://github.com/iamdharmesh), [@jeffpaul](https://github.com/jeffpaul), [@dkotter](https://github.com/dkotter), [@qasumitbagthariya](https://github.com/qasumitbagthariya) via [#67](https://github.com/mailchimp/wordpress/pull/67)).
+- Updated the menu SVG icon (props [@dkotter](https://github.com/dkotter), [@jeffpaul](https://github.com/jeffpaul) via [#65](https://github.com/mailchimp/wordpress/pull/65)).
+
+### Fixed
+- Ensure that the settings remain persistent between logging out of the account and logging in again (props [@iamdharmesh](https://github.com/iamdharmesh), [@jeffpaul](https://github.com/jeffpaul), [@dkotter](https://github.com/dkotter), [@qasumitbagthariya](https://github.com/qasumitbagthariya) via [#66](https://github.com/mailchimp/wordpress/pull/66)).
+
+### Security
+- Bump `serve-static` from 1.15.0 to 1.16.2 and `express` from 4.19.2 to 4.21.0 (props [@dependabot](https://github.com/apps/dependabot), [@dkotter](https://github.com/dkotter) via [#55](https://github.com/mailchimp/wordpress/pull/55)).
+- Bump `webpack` from 5.91.0 to 5.94.0 (props [@dependabot](https://github.com/apps/dependabot), [@dkotter](https://github.com/dkotter) via [#59](https://github.com/mailchimp/wordpress/pull/59)).
+
 ## [1.6.0] - 2024-09-24
 **Note this version increased the WordPress minimum version to 6.1 and the PHP minimum version to 7.0.**
 

diff --git a/CREDITS.md b/CREDITS.md
@@ -12,7 +12,7 @@ The following individuals are responsible for curating the list of issues, respo
 
 Thank you to all the people who have already contributed to this repository via bug reports, code, design, ideas, project management, translation, testing, etc.
 
-[Mailchimp (@mailchimp)](https://github.com/mailchimp), [Crowd Favorite (@crowdfavorite)](https://github.com/crowdfavorite), [Matthew Richmond (@bigdawggi)](https://github.com/bigdawggi), [Devin Reams (@devinreams)](https://github.com/devinreams), [Alex King (@alexkingorg)](https://github.com/alexkingorg), [Jesse (@jessedp)](https://github.com/jessedp), [Andrew Ellis]([email protected]), [Evan Anderson (@ejdanderson)](https://github.com/ejdanderson), [Webb Henderson (@emerywebster)](https://github.com/emerywebster), [Steven Mathias (@ssmathias)](https://github.com/ssmathias), [Jonathan D. Johnson (@jondavidjohn)](https://github.com/jondavidjohn), [Ross Tweedie (@digitales)](https://github.com/digitales), [(@mcwill)](https://github.com/mcwill), [Andrew Austin (@andrewjaustin)](https://github.com/andrewjaustin), [Marc Queralt i Bassa (@MarcQueralt)](https://github.com/MarcQueralt), [Chris Mospaw (@mospaw)](https://github.com/mospaw), [Jonas Stensved (@jstensved)](https://github.com/jstensved), [netboy]([email protected]), [Lenin]([email protected]), [Bauke Zwaan (@baukezwaan)](https://github.com/baukezwaan), [Jascha Ehrenreich (@jaeh)](https://github.com/jaeh), [Chris Wilcoxson (@slushman)](https://github.com/slushman), [Luke Watts (@thisislawatts)](https://github.com/thisislawatts), [Glenn Ansley (@glennansley)](https://github.com/glennansley), [SiteGround](http://www.siteground.com/wordpress-hosting.htm), [Peter Kahoun](http://kahi.cz/), [Jan Lund](), [Michael Jaekel](), [Ιωάννης Δημοφέρλιας (John Dimoferlias)](), [Tomás Nader](), [Claudia Mansilla](http://cricava.com/), [Helen Urbanik](http://www.motomaania.ee/), [Maxime Toulliou](http://www.maximetoulliou.com/), [שגיב בית](http://www.sagive.co.il), [Okostobi](), [Stefan Des](http://www.stefandes.com), [백선기 (SK Baek)](), [Alexander Roterud aka Defrag](http://www.tigerpews.com), [Filip Stas](http://suddenelfilio.net/), [Maria Manoela Porto](), [Tiago Faria](http://xroot.org), [Alexandru Armin Roșu](), [Илья](http://fatcow.com), [Sebastian Johnsson](http://www.agiley.se/), [Hakan E.](http://kazancexpert.com/), [Josh Grosser (@jgrosser-intuit)](https://github.com/jgrosser-intuit), [10up (@10up)](https://github.com/10up), [Nate Conley (@nateconley)](https://github.com/nateconley), [Darin Kotter (@dkotter)](https://github.com/dkotter), [Jeffrey Paul (@jeffpaul)](https://github.com/jeffpaul), [Eddie Shrake (@eddieshrake)](https://github.com/eddieshrake), [Sumit Bagthariya (@qasumitbagthariya)](https://github.com/qasumitbagthariya), [Vikram Moparthy (@vikrampm1)](https://github.com/vikrampm1), [Dharmesh Patel (@iamdharmesh)](https://github.com/iamdharmesh).
+[Mailchimp (@mailchimp)](https://github.com/mailchimp), [Crowd Favorite (@crowdfavorite)](https://github.com/crowdfavorite), [Matthew Richmond (@bigdawggi)](https://github.com/bigdawggi), [Devin Reams (@devinreams)](https://github.com/devinreams), [Alex King (@alexkingorg)](https://github.com/alexkingorg), [Jesse (@jessedp)](https://github.com/jessedp), [Andrew Ellis]([email protected]), [Evan Anderson (@ejdanderson)](https://github.com/ejdanderson), [Webb Henderson (@emerywebster)](https://github.com/emerywebster), [Steven Mathias (@ssmathias)](https://github.com/ssmathias), [Jonathan D. Johnson (@jondavidjohn)](https://github.com/jondavidjohn), [Ross Tweedie (@digitales)](https://github.com/digitales), [(@mcwill)](https://github.com/mcwill), [Andrew Austin (@andrewjaustin)](https://github.com/andrewjaustin), [Marc Queralt i Bassa (@MarcQueralt)](https://github.com/MarcQueralt), [Chris Mospaw (@mospaw)](https://github.com/mospaw), [Jonas Stensved (@jstensved)](https://github.com/jstensved), [netboy]([email protected]), [Lenin]([email protected]), [Bauke Zwaan (@baukezwaan)](https://github.com/baukezwaan), [Jascha Ehrenreich (@jaeh)](https://github.com/jaeh), [Chris Wilcoxson (@slushman)](https://github.com/slushman), [Luke Watts (@thisislawatts)](https://github.com/thisislawatts), [Glenn Ansley (@glennansley)](https://github.com/glennansley), [SiteGround](http://www.siteground.com/wordpress-hosting.htm), [Peter Kahoun](http://kahi.cz/), [Jan Lund](), [Michael Jaekel](), [Ιωάννης Δημοφέρλιας (John Dimoferlias)](), [Tomás Nader](), [Claudia Mansilla](http://cricava.com/), [Helen Urbanik](http://www.motomaania.ee/), [Maxime Toulliou](http://www.maximetoulliou.com/), [שגיב בית](http://www.sagive.co.il), [Okostobi](), [Stefan Des](http://www.stefandes.com), [백선기 (SK Baek)](), [Alexander Roterud aka Defrag](http://www.tigerpews.com), [Filip Stas](http://suddenelfilio.net/), [Maria Manoela Porto](), [Tiago Faria](http://xroot.org), [Alexandru Armin Roșu](), [Илья](http://fatcow.com), [Sebastian Johnsson](http://www.agiley.se/), [Hakan E.](http://kazancexpert.com/), [Josh Grosser (@jgrosser-intuit)](https://github.com/jgrosser-intuit), [10up (@10up)](https://github.com/10up), [Nate Conley (@nateconley)](https://github.com/nateconley), [Darin Kotter (@dkotter)](https://github.com/dkotter), [Jeffrey Paul (@jeffpaul)](https://github.com/jeffpaul), [Eddie Shrake (@eddieshrake)](https://github.com/eddieshrake), [Sumit Bagthariya (@qasumitbagthariya)](https://github.com/qasumitbagthariya), [Vikram Moparthy (@vikrampm1)](https://github.com/vikrampm1), [Dharmesh Patel (@iamdharmesh)](https://github.com/iamdharmesh), [GitHub Dependabot (@dependabot)](https://github.com/apps/dependabot).
 
 ## Libraries
 

diff --git a/assets/css/admin.css b/assets/css/admin.css
@@ -523,6 +523,24 @@ body.toplevel_page_mailchimp_sf_options #footer-upgrade {
 	clear: both;
 }
 
+.migrate-to-oauth-wrapper {
+	margin: 1em 0;
+}
+
+.migrate-to-oauth-wrapper .button.mailchimp-sf-button {
+	padding: 9px 16px;
+	line-height: 14px;
+}
+
+.migrate-to-oauth-wrapper button.button.mailchimp-sf-button:disabled {
+	padding: 6px 16px;
+}
+
+.migrate-to-oauth-wrapper button.button.mailchimp-sf-button svg {
+	width: 20px;
+	height: 20px;
+}
+
 .button.mailchimp-sf-button.button-secondary.small {
 	background-color: transparent;
 }

diff --git a/includes/admin/templates/login-button.php b/includes/admin/templates/login-button.php
@@ -0,0 +1,22 @@
+<?php
+/**
+ * Suggest to login template
+ *
+ * @package Mailchimp
+ */
+
+$button_text = $login_button_text ?? __( 'Log in', 'mailchimp' );
+?>
+<button id="mailchimp_sf_oauth_connect" class="button mailchimp-sf-button">
+	<span class="mailchimp-sf-loading hidden">
+		<svg class="animate-spin" width="24" height="24" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+				<circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+				<path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+		</svg>
+	</span>
+	<?php echo esc_html( $button_text ); ?>
+</button>
+<p class="mailchimp-sf-oauth-error error-field" style="display:none;"></p>
+<div id="mailchimp-sf-popup-blocked-modal" style="display:none;">
+	<p><?php esc_html_e( 'Please allow your browser to show popups for this page.', 'mailchimp' ); ?></p>
+</div>
diff --git a/includes/admin/templates/suggest-to-login.php b/includes/admin/templates/suggest-to-login.php
@@ -26,18 +26,9 @@
 			?>
 		</p>
 
-		<button id="mailchimp_sf_oauth_connect" class="button mailchimp-sf-button">
-			<span class="mailchimp-sf-loading hidden">
-				<svg class="animate-spin" width="24" height="24" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
-						<circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
-						<path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
-				</svg>
-			</span>
-			<?php esc_html_e( 'Log in', 'mailchimp' ); ?>
-		</button>
-		<p class="mailchimp-sf-oauth-error error-field" style="display:none;"></p>
-		<div id="mailchimp-sf-popup-blocked-modal" style="display:none;">
-			<p><?php esc_html_e( 'Please allow your browser to show popups for this page.', 'mailchimp' ); ?></p>
-		</div>
+		<?php
+		// Login button.
+		include_once MCSF_DIR . 'includes/admin/templates/login-button.php'; // phpcs:ignore PEAR.Files.IncludingFile.UseRequireOnce
+		?>
 	</div>
 </div>
diff --git a/includes/class-mailchimp-admin.php b/includes/class-mailchimp-admin.php
@@ -299,15 +299,31 @@ public function verify_and_save_oauth_token( $access_token, $data_center ) {
 			$data_encryption = new Mailchimp_Data_Encryption();
 
 			// Clean up the old data.
+			delete_option( 'mc_api_key' ); // Deprecated API key, need to remove as part of the migration.
 			delete_option( 'mailchimp_sf_access_token' );
 			delete_option( 'mailchimp_sf_auth_error' );
 			delete_option( 'mc_datacenter' );
 
 			update_option( 'mailchimp_sf_access_token', $data_encryption->encrypt( $access_token ) );
 			update_option( 'mc_datacenter', sanitize_text_field( $data_center ) );
 			update_option( 'mc_user', $this->sanitize_data( $user ) );
-			return true;
 
+			// Clear Mailchimp List ID if saved list is not available.
+			$lists = $api->get( 'lists', 100, array( 'fields' => 'lists.id' ) );
+			if ( ! is_wp_error( $lists ) ) {
+				$lists         = $lists['lists'] ?? array();
+				$saved_list_id = get_option( 'mc_list_id' );
+				$list_ids      = array_map(
+					function ( $ele ) {
+						return $ele['id'];
+					},
+					$lists
+				);
+				if ( ! in_array( $saved_list_id, $list_ids, true ) ) {
+					delete_option( 'mc_list_id' );
+				}
+			}
+			return true;
 		} else {
 			$msg = esc_html__( 'API Key must belong to "Owner", "Admin", or "Manager."', 'mailchimp' );
 			return new WP_Error( 'mailchimp-sf-invalid-role', $msg );
@@ -323,29 +339,49 @@ public function admin_notices() {
 		if ( ! current_user_can( 'manage_options' ) ) {
 			return;
 		}
+		$current_screen = get_current_screen();
 
 		// Display a deprecation notice if the user is using an API key to connect with Mailchimp.
 		if ( get_option( 'mc_api_key', '' ) && ! get_option( 'mailchimp_sf_access_token', '' ) && mailchimp_sf_should_display_form() ) {
-			?>
-			<div class="notice notice-warning is-dismissible">
-				<p>
-					<?php
-					$message = sprintf(
-						/* translators: Placeholders: %1$s - <a> tag, %2$s - </a> tag */
-						__( 'Heads up! It looks like you\'re using an API key to connect with Mailchimp, which is now deprecated. Please log out and reconnect your Mailchimp account using the new OAuth authentication by clicking the "Log in" button on the %1$splugin settings%2$s page.', 'mailchimp' ),
-						'<a href="' . esc_url( admin_url( 'admin.php?page=mailchimp_sf_options' ) ) . '">',
-						'</a>'
-					);
-
-					echo wp_kses( $message, array( 'a' => array( 'href' => array() ) ) );
-					?>
-				</p>
-			</div>
-			<?php
+
+			if ( $current_screen && 'toplevel_page_mailchimp_sf_options' === $current_screen->id ) {
+				?>
+				<div class="notice notice-warning">
+					<p>
+						<?php
+						esc_html_e( 'You are using an outdated API Key connection to Mailchimp, please migrate to the new OAuth authentication method to continue accessing your Mailchimp account.', 'mailchimp' );
+						?>
+					</p>
+					<div class="migrate-to-oauth-wrapper">
+						<?php
+						// Migrate button.
+						$login_button_text = __( 'Migrate to OAuth authentication', 'mailchimp' );
+						include_once MCSF_DIR . 'includes/admin/templates/login-button.php'; // phpcs:ignore PEAR.Files.IncludingFile.UseRequireOnce
+						?>
+					</div>
+				</div>
+				<?php
+			} else {
+				?>
+				<div class="notice notice-warning is-dismissible">
+					<p>
+						<?php
+						$message = sprintf(
+							/* translators: Placeholders: %1$s - <a> tag, %2$s - </a> tag */
+							__( 'You are using an outdated API Key connection to Mailchimp, please migrate to the new OAuth authentication method to continue accessing your Mailchimp account by clicking the "Migrate to OAuth authentication" button on the %1$sMailchimp settings%2$s page.', 'mailchimp' ),
+							'<a href="' . esc_url( admin_url( 'admin.php?page=mailchimp_sf_options' ) ) . '">',
+							'</a>'
+						);
+
+						echo wp_kses( $message, array( 'a' => array( 'href' => array() ) ) );
+						?>
+					</p>
+				</div>
+				<?php
+			}
 		}
 
 		// Display a notice if the user is waiting for the login to complete.
-		$current_screen = get_current_screen();
 		if ( $current_screen && 'toplevel_page_mailchimp_sf_options' === $current_screen->id ) {
 			$api = mailchimp_sf_get_api();
 			if ( $api && 'waiting' === get_option( 'mailchimp_sf_waiting_for_login' ) ) {