From 26e441709bebd7fe78477a374b0979a5b4f68ed3 Mon Sep 17 00:00:00 2001
From: ouikhuan <iverson0217@gmail.com>
Date: Thu, 29 Feb 2024 17:47:43 +0800
Subject: [PATCH] Scheduled Updates: Add scheduled update body parameter
 (#35941)

* Add a new is_scheduled_updates param to the modify plugin endpoint

* Add conditions for scheduled update only

* pass is_scheduled_updates property in the allowlist filter

* changelog

* Replace slug property with plugin property

* Identify scheduled update by constant

* Add new constant SCHEDULED_UPDATE to identify requests

* remove unnecessary check

* Prevent making changes to core structure

* Change scheduled updates to singular

* Change the wording to make unauthorized message more clearer

* Update changelog with more clearer information

* Change the function name in changelog to align with latest version

* Fix version mismatch

* Remove unnecessary check

* Remove unnecessary check

* Reformat changelog entry

* Remove blank lines

* Rename variale name

* set lock release timeout if user is from scheduled update

* Fix version mismatch

* Fix typo in body param

See D140023-code

* Add missing typo fix

---------

Co-authored-by: Konstantin Obenland <obenland@gmx.de>
---
 .../changelog/update-modify-plugin-endpoint   |  6 ++++
 .../packages/scheduled-updates/composer.json  |  2 +-
 .../src/class-scheduled-updates.php           | 13 ++++----
 .../changelog/update-modify-plugin-endpoint   |  6 ++++
 ...lass.jetpack-json-api-plugins-endpoint.php | 32 +++++++++++++++++++
 ...tpack-json-api-plugins-modify-endpoint.php | 22 ++++++++-----
 .../changelog/update-modify-plugin-endpoint   |  5 +++
 .../plugins/mu-wpcom-plugin/composer.lock     |  4 +--
 8 files changed, 73 insertions(+), 17 deletions(-)
 create mode 100644 projects/packages/scheduled-updates/changelog/update-modify-plugin-endpoint
 create mode 100644 projects/plugins/jetpack/changelog/update-modify-plugin-endpoint
 create mode 100644 projects/plugins/mu-wpcom-plugin/changelog/update-modify-plugin-endpoint

diff --git a/projects/packages/scheduled-updates/changelog/update-modify-plugin-endpoint b/projects/packages/scheduled-updates/changelog/update-modify-plugin-endpoint
new file mode 100644
index 0000000000000..b06b743722838
--- /dev/null
+++ b/projects/packages/scheduled-updates/changelog/update-modify-plugin-endpoint
@@ -0,0 +1,6 @@
+Significance: minor
+Type: changed
+
+Scheduled updates: Modified the `allowlist_scheduled_plugins` function to check scheduled update requests.
+
+Change the `allowlist_scheduled_plugins` function to include a check for the `SCHEDULED_AUTOUPDATE` constant. This allows us to identify requests coming from scheduled updates and include the relevant plugins when the `auto_update_plugin` hook is triggered.
diff --git a/projects/packages/scheduled-updates/composer.json b/projects/packages/scheduled-updates/composer.json
index eb2c429bf5453..93ce83d7015b7 100644
--- a/projects/packages/scheduled-updates/composer.json
+++ b/projects/packages/scheduled-updates/composer.json
@@ -48,7 +48,7 @@
 		},
 		"autotagger": true,
 		"branch-alias": {
-			"dev-trunk": "0.2.x-dev"
+			"dev-trunk": "0.3.x-dev"
 		},
 		"textdomain": "jetpack-scheduled-updates",
 		"version-constants": {
diff --git a/projects/packages/scheduled-updates/src/class-scheduled-updates.php b/projects/packages/scheduled-updates/src/class-scheduled-updates.php
index 8f972ffdcf294..e94723d6af08f 100644
--- a/projects/packages/scheduled-updates/src/class-scheduled-updates.php
+++ b/projects/packages/scheduled-updates/src/class-scheduled-updates.php
@@ -17,7 +17,7 @@ class Scheduled_Updates {
 	 *
 	 * @var string
 	 */
-	const PACKAGE_VERSION = '0.2.2-alpha';
+	const PACKAGE_VERSION = '0.3.0-alpha';
 
 	/**
 	 * Initialize the class.
@@ -89,12 +89,13 @@ public static function run_scheduled_update( ...$plugins ) {
 	 * @return bool
 	 */
 	public static function allowlist_scheduled_plugins( $update, $item ) {
-		// TODO: Check if we're in a scheduled update request from Jetpack_Autoupdates.
-		$schedules = get_option( 'jetpack_update_schedules', array() );
+		if ( Constants::get_constant( 'SCHEDULED_AUTOUPDATE' ) ) {
+			$schedules = get_option( 'jetpack_update_schedules', array() );
 
-		foreach ( $schedules as $plugins ) {
-			if ( in_array( $item->slug, $plugins, true ) ) {
-				return true;
+			foreach ( $schedules as $plugins ) {
+				if ( isset( $item->plugin ) && in_array( $item->plugin, $plugins, true ) ) {
+					return true;
+				}
 			}
 		}
 
diff --git a/projects/plugins/jetpack/changelog/update-modify-plugin-endpoint b/projects/plugins/jetpack/changelog/update-modify-plugin-endpoint
new file mode 100644
index 0000000000000..1422e9bb0c82e
--- /dev/null
+++ b/projects/plugins/jetpack/changelog/update-modify-plugin-endpoint
@@ -0,0 +1,6 @@
+Significance: minor
+Type: other
+
+Scheduled updates: Introduced a new body parameter `scheduled_update` to the `POST /sites/%s/plugins/%s` endpoint.
+
+When `POST /sites/%s/plugins/%s` endpoint is called with the `scheduled_update` parameter, we validate the request and modify the auto update plugins allowed list to include the ones in the scheduled updates option.
diff --git a/projects/plugins/jetpack/json-endpoints/jetpack/class.jetpack-json-api-plugins-endpoint.php b/projects/plugins/jetpack/json-endpoints/jetpack/class.jetpack-json-api-plugins-endpoint.php
index 71d1eefa0de00..c7d8efeb0af57 100644
--- a/projects/plugins/jetpack/json-endpoints/jetpack/class.jetpack-json-api-plugins-endpoint.php
+++ b/projects/plugins/jetpack/json-endpoints/jetpack/class.jetpack-json-api-plugins-endpoint.php
@@ -1,6 +1,7 @@
 <?php // phpcs:ignore WordPress.Files.FileName.InvalidClassFileName
 
 use Automattic\Jetpack\Constants;
+use Automattic\Jetpack\Current_Plan;
 use Automattic\Jetpack\Sync\Functions;
 
 /**
@@ -36,6 +37,13 @@ abstract class Jetpack_JSON_API_Plugins_Endpoint extends Jetpack_JSON_API_Endpoi
 	 */
 	protected $log;
 
+	/**
+	 * If the request is a scheduled update.
+	 *
+	 * @var boolean
+	 */
+	protected $scheduled_update = false;
+
 	/**
 	 * Response format.
 	 *
@@ -120,6 +128,11 @@ protected function validate_input( $plugin ) {
 			return $error;
 		}
 
+		$error = $this->validate_scheduled_update();
+		if ( is_wp_error( $error ) ) {
+			return $error;
+		}
+
 		$args = $this->input();
 		// find out what plugin, or plugins we are dealing with
 		// validate the requested plugins
@@ -420,6 +433,25 @@ protected function validate_plugin( $plugin ) {
 		return true;
 	}
 
+	/**
+	 * Validates if scheduled updates are allowed based on the current plan.
+	 *
+	 * @return bool|WP_Error True if scheduled updates are allowed or not provided, WP_Error otherwise.
+	 */
+	protected function validate_scheduled_update() {
+		$args = $this->input();
+
+		if ( isset( $args['scheduled_update'] ) && $args['scheduled_update'] ) {
+			if ( Current_Plan::supports( 'scheduled-updates' ) ) {
+				$this->scheduled_update = true;
+			} else {
+				return new WP_Error( 'unauthorized', __( 'Scheduled updates are not available on your current plan. Please upgrade to a plan that supports scheduled updates to use this feature.', 'jetpack' ), 403 );
+			}
+		}
+
+		return true;
+	}
+
 	/**
 	 * Get plugin updates.
 	 *
diff --git a/projects/plugins/jetpack/json-endpoints/jetpack/class.jetpack-json-api-plugins-modify-endpoint.php b/projects/plugins/jetpack/json-endpoints/jetpack/class.jetpack-json-api-plugins-modify-endpoint.php
index ed83143482f9c..f24ba12e6c9f2 100644
--- a/projects/plugins/jetpack/json-endpoints/jetpack/class.jetpack-json-api-plugins-modify-endpoint.php
+++ b/projects/plugins/jetpack/json-endpoints/jetpack/class.jetpack-json-api-plugins-modify-endpoint.php
@@ -16,10 +16,11 @@
 		),
 		'allow_jetpack_site_auth' => true,
 		'request_format'          => array(
-			'action'       => '(string) Possible values are \'update\'',
-			'autoupdate'   => '(bool) Whether or not to automatically update the plugin',
-			'active'       => '(bool) Activate or deactivate the plugin',
-			'network_wide' => '(bool) Do action network wide (default value: false)',
+			'action'           => '(string) Possible values are \'update\'',
+			'autoupdate'       => '(bool) Whether or not to automatically update the plugin',
+			'active'           => '(bool) Activate or deactivate the plugin',
+			'network_wide'     => '(bool) Do action network wide (default value: false)',
+			'scheduled_update' => '(bool) If the update is happening as a result of a scheduled update event',
 		),
 		'query_parameters'        => array(
 			'autoupdate' => '(bool=false) If the update is happening as a result of autoupdate event',
@@ -381,11 +382,13 @@ protected function deactivate() {
 	 * @return bool|WP_Error
 	 */
 	protected function update() {
-
 		$query_args = $this->query_args();
-		if ( isset( $query_args['autoupdate'] ) && $query_args['autoupdate'] ) {
+		if ( isset( $query_args['autoupdate'] ) && $query_args['autoupdate'] || $this->scheduled_update ) {
 			Constants::set_constant( 'JETPACK_PLUGIN_AUTOUPDATE', true );
 		}
+		if ( $this->scheduled_update ) {
+			Constants::set_constant( 'SCHEDULED_AUTOUPDATE', true );
+		}
 		wp_clean_plugins_cache( false );
 		ob_start();
 		wp_update_plugins(); // Check for Plugin updates
@@ -408,9 +411,12 @@ protected function update() {
 		remove_action( 'upgrader_process_complete', 'wp_version_check' );
 		remove_action( 'upgrader_process_complete', 'wp_update_themes' );
 
+		// Set the lock timeout to 15 minutes if it's scheduled update, otherwise default to one hour.
+		$lock_release_timeout = $this->scheduled_update ? 15 * MINUTE_IN_SECONDS : null;
+
 		// Early return if unable to obtain auto_updater lock.
 		// @see https://github.com/WordPress/wordpress-develop/blob/66469efa99e7978c8824e287834135aa9842e84f/src/wp-admin/includes/class-wp-automatic-updater.php#L453.
-		if ( Constants::get_constant( 'JETPACK_PLUGIN_AUTOUPDATE' ) && ! WP_Upgrader::create_lock( 'auto_updater' ) ) {
+		if ( Constants::get_constant( 'JETPACK_PLUGIN_AUTOUPDATE' ) && ! WP_Upgrader::create_lock( 'auto_updater', $lock_release_timeout ) ) {
 			return new WP_Error( 'update_fail', __( 'Updates are already in progress.', 'jetpack' ), 400 );
 		}
 
@@ -430,7 +436,7 @@ protected function update() {
 
 			// Establish per plugin lock.
 			$plugin_slug = Jetpack_Autoupdate::get_plugin_slug( $plugin );
-			if ( ! WP_Upgrader::create_lock( 'jetpack_' . $plugin_slug ) ) {
+			if ( ! WP_Upgrader::create_lock( 'jetpack_' . $plugin_slug, $lock_release_timeout ) ) {
 				continue;
 			}
 
diff --git a/projects/plugins/mu-wpcom-plugin/changelog/update-modify-plugin-endpoint b/projects/plugins/mu-wpcom-plugin/changelog/update-modify-plugin-endpoint
new file mode 100644
index 0000000000000..9aa70e3ec1f75
--- /dev/null
+++ b/projects/plugins/mu-wpcom-plugin/changelog/update-modify-plugin-endpoint
@@ -0,0 +1,5 @@
+Significance: patch
+Type: changed
+Comment: Updated composer.lock.
+
+
diff --git a/projects/plugins/mu-wpcom-plugin/composer.lock b/projects/plugins/mu-wpcom-plugin/composer.lock
index f9d0b96547266..ad7eb25ce49bd 100644
--- a/projects/plugins/mu-wpcom-plugin/composer.lock
+++ b/projects/plugins/mu-wpcom-plugin/composer.lock
@@ -198,7 +198,7 @@
             "dist": {
                 "type": "path",
                 "url": "../../packages/scheduled-updates",
-                "reference": "9be90d23b55e43e40816ff79dbd2d65b1c392fc8"
+                "reference": "dfd9f527692091535d2959930461894c6c91864c"
             },
             "require": {
                 "php": ">=7.0"
@@ -220,7 +220,7 @@
                 },
                 "autotagger": true,
                 "branch-alias": {
-                    "dev-trunk": "0.2.x-dev"
+                    "dev-trunk": "0.3.x-dev"
                 },
                 "textdomain": "jetpack-scheduled-updates",
                 "version-constants": {