From 2127b1bdd73ecd2423e443992da4b442f5a3c1a3 Mon Sep 17 00:00:00 2001
From: Jake Vanderwerf <get@jakevanderwerf.ca>
Date: Wed, 04 Feb 2026 21:19:25 +0000
Subject: [PATCH] =Major overhaul of MetaManager.php -> Meta.php and RestRouteManager.php -> Rest.php. Seems to work for JakeVan

---
 inc/rest/PermissionHandler.php |   32 ++++++--------------------------
 1 files changed, 6 insertions(+), 26 deletions(-)

diff --git a/inc/rest/PermissionHandler.php b/inc/rest/PermissionHandler.php
index 409d479..8d4b447 100644
--- a/inc/rest/PermissionHandler.php
+++ b/inc/rest/PermissionHandler.php
@@ -343,7 +343,7 @@
 	/**
 	 * Verify action-specific nonce (e.g., 'dash-{user_id}')
 	 */
-	public static function verifyActionNonce(WP_REST_Request $request, string $actionPrefix, string $header = 'X-Action-Nonce'): bool|WP_Error
+	public static function verifyActionNonce(WP_REST_Request $request, string $actionPrefix, string $header = 'action_nonce'): bool|WP_Error
 	{
 		$userId = $request->get_param('user') ?: get_current_user_id();
 		$action = $actionPrefix . $userId;
@@ -352,29 +352,6 @@
 	}
 
 	/**
-	 * Combined permission check: user match + rate limit
-	 */
-	public static function userMatchWithRateLimit(WP_REST_Request $request): bool|WP_Error
-	{
-		static $rateLimiter = null;
-
-		if ($rateLimiter === null) {
-			$rateLimiter = new RateLimiter();
-		}
-
-		// Check rate limit first
-		if (!$rateLimiter->checkLimit($request)) {
-			return new WP_Error(
-				'rate_limit',
-				'Too many requests. Please wait before trying again.',
-				['status' => 429]
-			);
-		}
-
-		return self::userMatch($request);
-	}
-
-	/**
 	 * Create a custom permission callback combining multiple checks
 	 *
 	 * Usage:
@@ -390,9 +367,11 @@
 					$check === 'admin' => self::isAdmin($request),
 					$check === 'verified' => self::isVerified($request),
 					$check === 'user' => self::userMatch($request),
+					$check === 'nonce' => self::verifyNonce($request),
 					is_array($check) && isset($check['role']) => self::hasRole($request, $check['role']),
 					is_array($check) && isset($check['roles']) => self::hasAnyRole($request, $check['roles']),
 					is_array($check) && isset($check['capability']) => self::hasCapability($request, $check['capability']),
+					is_array($check) && isset($check['actionNonce']) => self::verifyActionNonce($request, $check['actionNonce']),
 					is_callable($check) => $check($request),
 					default => true,
 				};
@@ -424,18 +403,19 @@
 					$check === 'admin' => self::isAdmin($request),
 					$check === 'verified' => self::isVerified($request),
 					$check === 'user' => self::userMatch($request),
+					$check === 'nonce' => self::verifyNonce($request),
 					is_array($check) && isset($check['role']) => self::hasRole($request, $check['role']),
+					is_array($check) && isset($check['roles']) => self::hasAnyRole($request, $check['roles']),
 					is_array($check) && isset($check['capability']) => self::hasCapability($request, $check['capability']),
+					is_array($check) && isset($check['actionNonce']) => self::verifyActionNonce($request, $check['actionNonce']),
 					is_callable($check) => $check($request),
 					default => false,
 				};
 
-				// If it's a successful check (true), pass
 				if ($result === true) {
 					return true;
 				}
 
-				// Track last error for reporting
 				if (is_wp_error($result)) {
 					$lastError = $result;
 				}

--
Gitblit v1.10.0