myaidev-method 0.0.7 → 0.1.0

package/src/lib/wordpress-admin-utils.js

@@ -0,0 +1,703 @@
+/**
+ * WordPress Admin Utilities
+ * Reusable functions for WordPress administration tasks
+ * Supports scriptable operations with predictable JSON output
+ */
+
+import fetch from 'node-fetch';
+import { readFileSync } from 'fs';
+import { parse } from 'dotenv';
+
+export class WordPressAdminUtils {
+  constructor(config = {}) {
+    // Load config from .env if not provided
+    if (!config.url || !config.username || !config.appPassword) {
+      const envConfig = this.loadEnvConfig();
+      config = { ...envConfig, ...config };
+    }
+
+    this.url = config.url?.replace(/\/$/, '');
+    this.username = config.username;
+    this.appPassword = config.appPassword;
+    this.authHeader = this.createAuthHeader(this.username, this.appPassword);
+  }
+
+  loadEnvConfig() {
+    try {
+      const envPath = process.env.ENV_PATH || '.env';
+      const envContent = readFileSync(envPath, 'utf8');
+      const parsed = parse(envContent);
+
+      return {
+        url: parsed.WORDPRESS_URL,
+        username: parsed.WORDPRESS_USERNAME,
+        appPassword: parsed.WORDPRESS_APP_PASSWORD
+      };
+    } catch (error) {
+      throw new Error(`Failed to load WordPress configuration: ${error.message}`);
+    }
+  }
+
+  createAuthHeader(username, appPassword) {
+    const credentials = `${username}:${appPassword}`;
+    return `Basic ${Buffer.from(credentials).toString('base64')}`;
+  }
+
+  /**
+   * Make authenticated WordPress REST API request
+   */
+  async request(endpoint, options = {}) {
+    const url = `${this.url}/wp-json${endpoint}`;
+    const headers = {
+      'Authorization': this.authHeader,
+      'Content-Type': 'application/json',
+      ...options.headers
+    };
+
+    try {
+      const response = await fetch(url, { ...options, headers });
+
+      if (!response.ok) {
+        const errorText = await response.text();
+        throw new Error(`HTTP ${response.status}: ${errorText}`);
+      }
+
+      return await response.json();
+    } catch (error) {
+      throw new Error(`WordPress API request failed: ${error.message}`);
+    }
+  }
+
+  /**
+   * Site Information
+   */
+  async getSiteInfo() {
+    const [siteData, users, plugins] = await Promise.all([
+      this.request('/'),
+      this.request('/wp/v2/users?per_page=1').catch(() => []),
+      this.request('/wp/v2/plugins').catch(() => [])
+    ]);
+
+    return {
+      name: siteData.name,
+      description: siteData.description,
+      url: siteData.url,
+      wordpress_version: siteData.version || 'unknown',
+      api_version: siteData.namespaces?.includes('wp/v2') ? 'v2' : 'unknown',
+      timezone: siteData.timezone_string || 'UTC',
+      user_count: await this.getUserCount(),
+      plugin_count: plugins.length || 0
+    };
+  }
+
+  /**
+   * User Management
+   */
+  async getUserCount() {
+    try {
+      const response = await fetch(`${this.url}/wp-json/wp/v2/users?per_page=1`, {
+        headers: { 'Authorization': this.authHeader }
+      });
+      const total = response.headers.get('x-wp-total');
+      return parseInt(total) || 0;
+    } catch (error) {
+      return 0;
+    }
+  }
+
+  async getUsers(params = {}) {
+    const queryParams = new URLSearchParams({
+      per_page: 100,
+      context: 'edit',
+      ...params
+    });
+
+    return await this.request(`/wp/v2/users?${queryParams}`);
+  }
+
+  async getUserSecurityAudit() {
+    const users = await this.getUsers();
+
+    return users.map(user => ({
+      id: user.id,
+      username: user.username,
+      email: user.email,
+      roles: user.roles || [],
+      registered_date: user.registered_date,
+      capabilities: Object.keys(user.capabilities || {}),
+      security_flags: this.analyzeUserSecurity(user)
+    }));
+  }
+
+  analyzeUserSecurity(user) {
+    const flags = [];
+
+    // Check for admin users with weak patterns
+    if (user.roles?.includes('administrator')) {
+      if (['admin', 'administrator', 'root', 'test'].includes(user.username.toLowerCase())) {
+        flags.push('common_admin_username');
+      }
+    }
+
+    // Check for users without email
+    if (!user.email || user.email === '') {
+      flags.push('missing_email');
+    }
+
+    // Check for old accounts without recent activity
+    if (user.registered_date) {
+      const regDate = new Date(user.registered_date);
+      const yearOld = new Date();
+      yearOld.setFullYear(yearOld.getFullYear() - 1);
+
+      if (regDate < yearOld && !user.meta?.last_login) {
+        flags.push('inactive_old_account');
+      }
+    }
+
+    return flags;
+  }
+
+  /**
+   * Plugin Management
+   */
+  async getPlugins(status = null) {
+    const endpoint = status
+      ? `/wp/v2/plugins?status=${status}`
+      : '/wp/v2/plugins';
+
+    return await this.request(endpoint);
+  }
+
+  async getPluginSecurityStatus() {
+    const plugins = await this.getPlugins();
+
+    return plugins.map(plugin => ({
+      name: plugin.name,
+      slug: plugin.plugin,
+      version: plugin.version,
+      status: plugin.status,
+      author: plugin.author,
+      requires_wp: plugin.requires_wp,
+      requires_php: plugin.requires_php,
+      update_available: plugin.update?.new_version ? true : false,
+      new_version: plugin.update?.new_version || null
+    }));
+  }
+
+  /**
+   * Content Management
+   */
+  async getPosts(params = {}) {
+    const queryParams = new URLSearchParams({
+      per_page: 100,
+      ...params
+    });
+
+    return await this.request(`/wp/v2/posts?${queryParams}`);
+  }
+
+  async getPostStats() {
+    const [published, draft, pending, trash] = await Promise.all([
+      this.getPosts({ status: 'publish', per_page: 1 }).then(r => this.getTotalFromResponse(r)),
+      this.getPosts({ status: 'draft', per_page: 1 }).then(r => this.getTotalFromResponse(r)),
+      this.getPosts({ status: 'pending', per_page: 1 }).then(r => this.getTotalFromResponse(r)),
+      this.getPosts({ status: 'trash', per_page: 1 }).then(r => this.getTotalFromResponse(r))
+    ]);
+
+    return { published, draft, pending, trash, total: published + draft + pending + trash };
+  }
+
+  async getMediaStats() {
+    try {
+      const media = await this.request('/wp/v2/media?per_page=100');
+
+      const stats = {
+        total: media.length,
+        by_type: {},
+        total_size: 0,
+        unattached: 0
+      };
+
+      media.forEach(item => {
+        const type = item.mime_type?.split('/')[0] || 'unknown';
+        stats.by_type[type] = (stats.by_type[type] || 0) + 1;
+
+        if (item.source_url) {
+          // Approximate size - would need actual file size from filesystem
+          stats.total_size += 0; // Placeholder
+        }
+
+        if (!item.post) {
+          stats.unattached++;
+        }
+      });
+
+      return stats;
+    } catch (error) {
+      return { total: 0, by_type: {}, total_size: 0, unattached: 0, error: error.message };
+    }
+  }
+
+  getTotalFromResponse(response) {
+    // WordPress includes total in headers, but we need to handle array response
+    return Array.isArray(response) ? response.length : 0;
+  }
+
+  /**
+   * Theme Management
+   */
+  async getThemes() {
+    return await this.request('/wp/v2/themes');
+  }
+
+  async getActiveTheme() {
+    const themes = await this.getThemes();
+    return themes.find(theme => theme.status === 'active');
+  }
+
+  /**
+   * Performance Metrics
+   */
+  async getPerformanceMetrics() {
+    const start = Date.now();
+    await this.request('/');
+    const apiResponseTime = Date.now() - start;
+
+    const [postStats, mediaStats, plugins, themes] = await Promise.all([
+      this.getPostStats(),
+      this.getMediaStats(),
+      this.getPlugins().catch(() => []),
+      this.getThemes().catch(() => [])
+    ]);
+
+    return {
+      api_response_time_ms: apiResponseTime,
+      post_count: postStats.total,
+      media_count: mediaStats.total,
+      plugin_count: plugins.length,
+      theme_count: themes.length,
+      active_plugins: plugins.filter(p => p.status === 'active').length
+    };
+  }
+
+  /**
+   * Health Check Components
+   */
+  async checkWordPressVersion() {
+    try {
+      const siteInfo = await this.getSiteInfo();
+      const version = siteInfo.wordpress_version;
+
+      // Would need to check against latest version from wordpress.org
+      // For now, return version info
+      return {
+        check: 'wordpress_version',
+        status: 'info',
+        message: `WordPress ${version}`,
+        current_version: version,
+        details: 'Version check requires external API to determine if update available'
+      };
+    } catch (error) {
+      return {
+        check: 'wordpress_version',
+        status: 'error',
+        message: error.message
+      };
+    }
+  }
+
+  async checkPluginHealth() {
+    try {
+      const plugins = await this.getPluginSecurityStatus();
+      const outdated = plugins.filter(p => p.update_available);
+      const inactive = plugins.filter(p => p.status === 'inactive');
+
+      return {
+        check: 'plugin_health',
+        status: outdated.length > 5 ? 'warning' : 'passed',
+        message: `${plugins.length} plugins installed, ${outdated.length} updates available`,
+        total_plugins: plugins.length,
+        updates_available: outdated.length,
+        inactive_plugins: inactive.length,
+        outdated_plugins: outdated.map(p => ({ name: p.name, current: p.version, new: p.new_version }))
+      };
+    } catch (error) {
+      return {
+        check: 'plugin_health',
+        status: 'error',
+        message: error.message
+      };
+    }
+  }
+
+  async checkContentHealth() {
+    try {
+      const postStats = await this.getPostStats();
+      const mediaStats = await this.getMediaStats();
+
+      const warnings = [];
+      if (postStats.trash > 50) warnings.push(`${postStats.trash} posts in trash`);
+      if (postStats.draft > 100) warnings.push(`${postStats.draft} draft posts`);
+      if (mediaStats.unattached > 20) warnings.push(`${mediaStats.unattached} unattached media files`);
+
+      return {
+        check: 'content_health',
+        status: warnings.length > 0 ? 'warning' : 'passed',
+        message: warnings.length > 0 ? warnings.join(', ') : 'Content is healthy',
+        post_stats: postStats,
+        media_stats: mediaStats,
+        recommendations: warnings.length > 0 ? ['Consider cleanup of trash and drafts'] : []
+      };
+    } catch (error) {
+      return {
+        check: 'content_health',
+        status: 'error',
+        message: error.message
+      };
+    }
+  }
+
+  async checkUserSecurity() {
+    try {
+      const audit = await this.getUserSecurityAudit();
+      const admins = audit.filter(u => u.roles.includes('administrator'));
+      const flaggedUsers = audit.filter(u => u.security_flags.length > 0);
+
+      return {
+        check: 'user_security',
+        status: flaggedUsers.length > 0 ? 'warning' : 'passed',
+        message: `${audit.length} users, ${admins.length} administrators, ${flaggedUsers.length} security concerns`,
+        total_users: audit.length,
+        admin_count: admins.length,
+        flagged_users: flaggedUsers.map(u => ({
+          username: u.username,
+          flags: u.security_flags
+        })),
+        recommendations: flaggedUsers.length > 0
+          ? ['Review flagged user accounts', 'Consider enforcing strong passwords']
+          : []
+      };
+    } catch (error) {
+      return {
+        check: 'user_security',
+        status: 'error',
+        message: error.message
+      };
+    }
+  }
+
+  async checkPerformance() {
+    try {
+      const metrics = await this.getPerformanceMetrics();
+
+      const status = metrics.api_response_time_ms > 1000 ? 'warning' : 'passed';
+      const message = `API response: ${metrics.api_response_time_ms}ms, ${metrics.active_plugins} active plugins`;
+
+      return {
+        check: 'performance',
+        status,
+        message,
+        metrics,
+        recommendations: status === 'warning'
+          ? ['Consider caching optimization', 'Review active plugin count']
+          : []
+      };
+    } catch (error) {
+      return {
+        check: 'performance',
+        status: 'error',
+        message: error.message
+      };
+    }
+  }
+
+  /**
+   * Comprehensive Health Check
+   */
+  async runHealthCheck() {
+    const timestamp = new Date().toISOString();
+
+    try {
+      const checks = await Promise.all([
+        this.checkWordPressVersion(),
+        this.checkPluginHealth(),
+        this.checkContentHealth(),
+        this.checkUserSecurity(),
+        this.checkPerformance()
+      ]);
+
+      const critical = checks.filter(c => c.status === 'critical');
+      const warnings = checks.filter(c => c.status === 'warning');
+      const passed = checks.filter(c => c.status === 'passed');
+      const errors = checks.filter(c => c.status === 'error');
+
+      const score = this.calculateHealthScore(checks);
+
+      return {
+        success: true,
+        timestamp,
+        site: await this.getSiteInfo().catch(() => ({ url: this.url })),
+        overall_health: {
+          score,
+          grade: this.getHealthGrade(score),
+          status: critical.length > 0 ? 'critical' : (warnings.length > 0 ? 'warning' : 'healthy')
+        },
+        checks,
+        summary: {
+          total_checks: checks.length,
+          passed: passed.length,
+          warnings: warnings.length,
+          critical: critical.length,
+          errors: errors.length
+        },
+        recommendations: this.aggregateRecommendations(checks)
+      };
+    } catch (error) {
+      return {
+        success: false,
+        timestamp,
+        error: error.message,
+        site: { url: this.url }
+      };
+    }
+  }
+
+  calculateHealthScore(checks) {
+    const weights = {
+      passed: 1.0,
+      info: 0.9,
+      warning: 0.5,
+      critical: 0.0,
+      error: 0.3
+    };
+
+    let totalWeight = 0;
+    let totalScore = 0;
+
+    checks.forEach(check => {
+      const weight = weights[check.status] || 0.5;
+      totalWeight += 1;
+      totalScore += weight;
+    });
+
+    return totalWeight > 0 ? Math.round((totalScore / totalWeight) * 100) : 0;
+  }
+
+  getHealthGrade(score) {
+    if (score >= 90) return 'A';
+    if (score >= 80) return 'B';
+    if (score >= 70) return 'C';
+    if (score >= 60) return 'D';
+    return 'F';
+  }
+
+  aggregateRecommendations(checks) {
+    const recommendations = [];
+
+    checks.forEach(check => {
+      if (check.recommendations) {
+        recommendations.push(...check.recommendations);
+      }
+    });
+
+    // Deduplicate
+    return [...new Set(recommendations)];
+  }
+
+  /**
+   * Security Scan
+   */
+  async runSecurityScan() {
+    const timestamp = new Date().toISOString();
+
+    try {
+      const [userAudit, pluginStatus, siteInfo] = await Promise.all([
+        this.getUserSecurityAudit(),
+        this.getPluginSecurityStatus(),
+        this.getSiteInfo()
+      ]);
+
+      const vulnerabilities = [];
+      const warnings = [];
+
+      // Check plugins for updates (potential vulnerabilities)
+      const outdatedPlugins = pluginStatus.filter(p => p.update_available);
+      if (outdatedPlugins.length > 0) {
+        warnings.push({
+          type: 'outdated_plugins',
+          severity: 'medium',
+          count: outdatedPlugins.length,
+          details: outdatedPlugins.map(p => `${p.name} (${p.version} → ${p.new_version})`)
+        });
+      }
+
+      // Check user security
+      const flaggedUsers = userAudit.filter(u => u.security_flags.length > 0);
+      if (flaggedUsers.length > 0) {
+        warnings.push({
+          type: 'user_security',
+          severity: 'medium',
+          count: flaggedUsers.length,
+          details: flaggedUsers.map(u => `${u.username}: ${u.security_flags.join(', ')}`)
+        });
+      }
+
+      const securityScore = this.calculateSecurityScore(vulnerabilities, warnings);
+
+      return {
+        success: true,
+        timestamp,
+        site: siteInfo,
+        security_score: securityScore,
+        vulnerabilities,
+        warnings,
+        summary: {
+          critical_issues: vulnerabilities.length,
+          warnings: warnings.length,
+          status: vulnerabilities.length > 0 ? 'critical' : (warnings.length > 0 ? 'warning' : 'secure')
+        },
+        recommendations: this.getSecurityRecommendations(vulnerabilities, warnings)
+      };
+    } catch (error) {
+      return {
+        success: false,
+        timestamp,
+        error: error.message
+      };
+    }
+  }
+
+  calculateSecurityScore(vulnerabilities, warnings) {
+    let score = 100;
+    score -= vulnerabilities.length * 20; // Critical issues
+    score -= warnings.length * 5; // Warnings
+    return Math.max(0, score);
+  }
+
+  getSecurityRecommendations(vulnerabilities, warnings) {
+    const recommendations = [];
+
+    if (vulnerabilities.length > 0) {
+      recommendations.push('Address critical security vulnerabilities immediately');
+    }
+
+    warnings.forEach(warning => {
+      switch (warning.type) {
+        case 'outdated_plugins':
+          recommendations.push('Update all plugins to latest versions');
+          break;
+        case 'user_security':
+          recommendations.push('Review user accounts and strengthen security policies');
+          break;
+      }
+    });
+
+    return recommendations;
+  }
+
+  /**
+   * Format output for CLI
+   */
+  formatHealthReport(healthData) {
+    if (!healthData.success) {
+      return `ERROR: ${healthData.error}`;
+    }
+
+    const lines = [];
+    lines.push('='.repeat(60));
+    lines.push('WordPress Health Check Report');
+    lines.push('='.repeat(60));
+    lines.push(`Site: ${healthData.site.name || healthData.site.url}`);
+    lines.push(`Timestamp: ${healthData.timestamp}`);
+    lines.push('');
+    lines.push(`Overall Health: ${healthData.overall_health.grade} (${healthData.overall_health.score}/100)`);
+    lines.push(`Status: ${healthData.overall_health.status.toUpperCase()}`);
+    lines.push('');
+    lines.push('Check Results:');
+    lines.push('-'.repeat(60));
+
+    healthData.checks.forEach(check => {
+      const statusIcon = {
+        passed: '✓',
+        warning: '⚠',
+        critical: '✗',
+        error: '✗',
+        info: 'ℹ'
+      }[check.status] || '?';
+
+      lines.push(`${statusIcon} ${check.check}: ${check.message}`);
+    });
+
+    if (healthData.recommendations.length > 0) {
+      lines.push('');
+      lines.push('Recommendations:');
+      lines.push('-'.repeat(60));
+      healthData.recommendations.forEach((rec, i) => {
+        lines.push(`${i + 1}. ${rec}`);
+      });
+    }
+
+    lines.push('');
+    lines.push('='.repeat(60));
+
+    return lines.join('\n');
+  }
+
+  formatSecurityReport(securityData) {
+    if (!securityData.success) {
+      return `ERROR: ${securityData.error}`;
+    }
+
+    const lines = [];
+    lines.push('='.repeat(60));
+    lines.push('WordPress Security Scan Report');
+    lines.push('='.repeat(60));
+    lines.push(`Site: ${securityData.site.name || securityData.site.url}`);
+    lines.push(`Timestamp: ${securityData.timestamp}`);
+    lines.push('');
+    lines.push(`Security Score: ${securityData.security_score}/100`);
+    lines.push(`Status: ${securityData.summary.status.toUpperCase()}`);
+    lines.push('');
+
+    if (securityData.vulnerabilities.length > 0) {
+      lines.push('CRITICAL VULNERABILITIES:');
+      lines.push('-'.repeat(60));
+      securityData.vulnerabilities.forEach(vuln => {
+        lines.push(`✗ ${vuln.type} (${vuln.severity})`);
+        vuln.details.forEach(detail => lines.push(`  - ${detail}`));
+      });
+      lines.push('');
+    }
+
+    if (securityData.warnings.length > 0) {
+      lines.push('WARNINGS:');
+      lines.push('-'.repeat(60));
+      securityData.warnings.forEach(warning => {
+        lines.push(`⚠ ${warning.type} (${warning.severity}) - ${warning.count} issues`);
+        if (warning.details.length <= 5) {
+          warning.details.forEach(detail => lines.push(`  - ${detail}`));
+        } else {
+          warning.details.slice(0, 3).forEach(detail => lines.push(`  - ${detail}`));
+          lines.push(`  ... and ${warning.details.length - 3} more`);
+        }
+      });
+      lines.push('');
+    }
+
+    if (securityData.recommendations.length > 0) {
+      lines.push('RECOMMENDATIONS:');
+      lines.push('-'.repeat(60));
+      securityData.recommendations.forEach((rec, i) => {
+        lines.push(`${i + 1}. ${rec}`);
+      });
+    }
+
+    lines.push('');
+    lines.push('='.repeat(60));
+
+    return lines.join('\n');
+  }
+}
+
+export default WordPressAdminUtils;