Fix vendor dashboard product edit page variation products

[Aunshon]

All Submissions:

• My code follow the WordPress' coding standards
• My code satisfies feature requirements
• My code is tested
• My code passes the PHPCS tests
• My code has proper inline documentation
• I've included related pull request(s) (optional)
• I've included developer documentation (optional)
• I've added proper labels to this pull request

Changes proposed in this Pull Request:

Related Pull Request(s)

• https://github.com/getdokan/plugin-vendor-dashboard/pull/119
• https://github.com/getdokan/dokan-pro/pull/3530

Closes

• Closes #

How to test the changes in this Pull Request:

• Steps or issue link

Changelog entry

Title

Detailed Description of the pull request. What was previous behaviour
and what will be changed in this PR.

Before Changes

Describe the issue before changes with screenshots(s).

After Changes

Describe the issue after changes with screenshot(s).

Feature Video (optional)

Link of detailed video if this PR is for a feature.

PR Self Review Checklist:

• Code is not following code style guidelines
• Bad naming: make sure you would understand your code if you read it a few months from now.
• KISS: Keep it simple, Sweetie (not stupid!).
• DRY: Don't Repeat Yourself.
• Code that is not readable: too many nested 'if's are a bad sign.
• Performance issues
• Complicated constructions that need refactoring or comments: code should almost always be self-explanatory.
• Grammar errors.

FOR PR REVIEWER ONLY:

As a reviewer, your feedback should be focused on the idea, not the person. Seek to understand, be respectful, and focus on constructive dialog.

As a contributor, your responsibility is to learn from suggestions and iterate your pull request should it be needed based on feedback. Seek to collaborate and produce the best possible contribution to the greater whole.

• Correct — Does the change do what it’s supposed to? ie: code 100% fulfilling the requirements?
• Secure — Would a nefarious party find some way to exploit this change? ie: everything is sanitized/escaped appropriately for any SQL or XSS injection possibilities?
• Readable — Will your future self be able to understand this change months down the road?
• Elegant — Does the change fit aesthetically within the overall style and architecture?

Summary by CodeRabbit

Summary by CodeRabbit

• New Features

  • Introduced a new method for retrieving linked products dynamically based on search criteria and user IDs.
  • Enhanced API response to return detailed product attribute information instead of a simple success/failure status.

• Bug Fixes

  • Improved error handling in product attribute management by ensuring attribute checks are performed on arrays.

• Refactor

  • Optimized product search and filtering logic for better performance and maintainability.

[coderabbitai]

Walkthrough

The recent changes streamline product searching and retrieval in the application by consolidating logic into fewer methods. The json_search_product function now utilizes a single call to fetch filtered product IDs, improving efficiency and readability. A new method, get_linked_products, enhances the Manager class with dynamic product retrieval capabilities. Additionally, API responses are enriched with more detailed information, boosting functionality for clients. Overall, these updates enhance code clarity, efficiency, and maintainability.

Changes

Files	Change Summary
includes/Ajax.php	Simplified json_search_product function by consolidating multiple operations into a single call.
includes/Product/Manager.php	Introduced get_linked_products method for dynamic retrieval of linked products with filtering.
includes/Product/ProductAttribute.php	Modified set method to check if request_attributes is an array, improving error handling.
includes/REST/ProductAttributeController.php	Changed update_product_attribute response to return detailed product attribute object instead of a success indicator.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Ajax
    participant Manager
    participant Product

    User->>Ajax: Search for products
    Ajax->>Manager: Get linked products with criteria
    Manager->>Product: Retrieve and filter products
    Product-->>Manager: Return filtered product IDs
    Manager-->>Ajax: Return product details
    Ajax-->>User: Display product results

Loading

🐰 In the code, I found a way,
To fetch products without delay.
With filters set and responses bright,
Now searching brings pure delight!
Hops of joy with every call,
For better code has come for all! 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  -- I pushed a fix in commit <commit_id>, please review it.
  -- Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  -- @coderabbitai generate unit testing code for this file.
  -- @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  -- @coderabbitai generate interesting stats about this repository and render them as a table.
  -- @coderabbitai read src/utils.ts and generate unit testing code.
  -- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  -- @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

Outside diff range, codebase verification and nitpick comments (1)

includes/Ajax.php (1)

654-660: Ensure proper sanitization and validation of exclude, include, and limit parameters.

The exclude, include, and limit parameters from $_GET are directly passed to the get_linked_products method without explicit sanitization or validation. This could pose a security risk. Ensure these parameters are properly sanitized and validated to prevent potential vulnerabilities.

• Review and sanitize the exclude, include, and limit parameters in the json_search_product function.

Analysis chain

Ensure proper sanitization and validation of GET parameters.

The exclude, include, and limit parameters from $_GET are directly passed to the get_linked_products method. Ensure these parameters are properly sanitized and validated to prevent security vulnerabilities.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the proper sanitization and validation of GET parameters in `json_search_product`.

# Test: Search for the function usage. Expect: Proper sanitization and validation of parameters.
rg --type php -A 5 $'json_search_product'

Length of output: 1752

---

Script:

#!/bin/bash
# Description: Search for handling of `exclude`, `include`, and `limit` parameters in `json_search_product`.

# Test: Search for the specific parameters within the function to check their sanitization and validation.
rg --type php -A 10 $'public function json_search_product()' | rg 'exclude|include|limit'

Length of output: 769

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 2a015fc and 44e2f2b.

Files selected for processing (4)

• includes/Ajax.php (1 hunks)
• includes/Product/Manager.php (1 hunks)
• includes/Product/ProductAttribute.php (1 hunks)
• includes/REST/ProductAttributeController.php (1 hunks)

Additional comments not posted (3)

includes/REST/ProductAttributeController.php (1)

240-240: Improved API response detail.

The change in the update_product_attribute function enhances the response by providing detailed product attribute information. This improves the utility of the API for clients.

Ensure that the consumers of this API are updated or notified about the change in the response structure.

includes/Product/ProductAttribute.php (1)

176-176: Enhanced robustness in attribute handling.

The condition in the set method now checks if $this->request_attributes is an array, improving robustness and preventing potential errors.

includes/Ajax.php (1)

654-662: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to json_search_product match the new implementation.

Verification successful

---

Function usage verified for json_search_product.

The function json_search_product is only used in add_action hooks within includes/Ajax.php. No other calls or references were found in the codebase. The changes are correctly scoped.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all function calls to `json_search_product` match the new implementation.

# Test: Search for the function usage. Expect: Only occurrences of the new implementation.
rg --type php -A 5 $'json_search_product'

Length of output: 1752

---

Script:

#!/bin/bash
# Comprehensive search for any usage of the `json_search_product` function across the codebase.
rg --type php 'json_search_product'

Length of output: 569

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 44e2f2b and 67c98e0.

Files selected for processing (1)

• includes/Product/Manager.php (1 hunks)

Additional comments not posted (1)

includes/Product/Manager.php (1)

718-754: Review of get_linked_products method: Well-implemented with considerations for security and functionality.

The method get_linked_products is well-implemented with appropriate input sanitization and handling of parameters. It efficiently fetches and filters product IDs based on the provided criteria, which aligns with the PR's objectives to enhance product variation handling on the vendor dashboard.

Suggestions:

• Performance: Ensure that the method's performance is evaluated, especially with large datasets. Consider implementing caching if the method is called frequently.
• Integration Testing: Verify the integration of this method with other components of the system, particularly how it interacts with the front-end and other backend services.

Verification successful

---

Integration of get_linked_products is correct but consider early input sanitization.

The get_linked_products method is integrated into includes/Ajax.php, where it is used to fetch product objects based on user input. While the method itself sanitizes inputs, it is advisable to sanitize inputs as early as possible in the code to prevent potential issues.

• Early Input Sanitization: Consider sanitizing $_GET parameters in includes/Ajax.php before passing them to get_linked_products.
• Performance Testing: Evaluate the performance of this AJAX call, especially with large datasets, and consider implementing caching if necessary.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify integration of `get_linked_products` with other system components.

# Test: Search for method usage in frontend and backend services. Expect: Proper integration without issues.
rg --type php -A 5 $'get_linked_products'

Length of output: 1474

[StalinDurjo]

Issue: For variable products, the min-max quantity vales cannot be saved
Description: Vendor has created a variable product and tries to set the min-max quantity limit for an individual variation. However, setting the values and saving does not actually set any value.

Please refer to the video attached
https://jam.dev/c/c52da8b5-bee9-43f6-8447-1d2e4f0e513c

@Aunshon bhai

[mrabbani]

Does the get_linked_products method exist?