Skip to content

rocketdeploy-dev/showcase-woocommerce-admin-extension

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 

Repository files navigation

Reference architecture notice

This repository is a reference architecture showcase extracted from a real production WooCommerce extension.
It focuses on architectural decisions, execution boundaries, and operational behavior — not on business-specific logic or proprietary implementation details.

The corresponding business and delivery context is described in the dedicated case study:
👉 https://rocketdeploy.dev/en/case-studies/woocommerce-order-status-manager

Overview

This Plugin extends WooCommerce order-status operations in the admin area.

Its core responsibility is to allow store staff to define, reorder, import, export, and present order statuses while preserving compatibility with platform-native status flows.

The architecture follows a procedural, hook-driven model aligned with WordPress runtime principles:

  • A bootstrap stage wires modules and registers hooks
  • Admin handlers process operator actions
  • A normalization layer validates and canonicalizes input
  • A storage layer persists configuration
  • An integration adapter projects stored state back into WooCommerce behavior

The design intentionally stays within platform boundaries and avoids invasive runtime mutations.

System context

Primary actors

  • Operator / Store staff interacting with the Admin UI
  • WordPress runtime providing lifecycle hooks, nonce utilities, capability APIs, options/transients storage, and AJAX routing
  • WooCommerce runtime consuming status registration and status-list filtering hooks

High-level interaction

  1. Operator uses the Order screen settings area.
  2. Admin UI submits actions to nonce-protected handlers.
  3. Handlers apply capability gates and sanitize payloads.
  4. Normalized state is written to the configuration store.
  5. Integration hooks rehydrate runtime status behavior from persisted state.

Start here (reading map)

Recommended reading sequence for reviewers:

  1. Bootstrap entry point — lifecycle wiring and hook registration.
  2. Admin page renderer + action handlers — UI routing, POST handling, capability checks.
  3. AJAX reorder endpoint — authenticated async reorder flow.
  4. Import/export pipeline — upload, preview, apply, export path.
  5. Persistence adapter — normalization and option/transient usage.
  6. Integration adapter — projection of persisted state into WooCommerce runtime.

Architecture at a glance

Admin UI (settings tab + wizard + drag/drop)
   │
   ▼
Nonce-protected handlers + Capability gate
   │
   ▼
Configuration normalizer (sanitize, validate, canonicalize)
   │
   ▼
Storage layer (options + transient session token)
   │
   ▼
Platform integration hooks (status registration, status lists, admin badges)

Architecture boundaries

In-scope

  • Manage custom status definitions and metadata for built-in statuses
  • Control ordering and admin visibility behavior
  • Import/export configuration snapshots
  • Provide synchronous form handlers and asynchronous reorder handling

Out-of-scope

  • No custom database tables
  • No mutation of WooCommerce core schemas
  • No checkout/cart/payment pipeline modifications
  • No storefront rendering concerns

Runtime authority remains with WordPress/WooCommerce; this Plugin contributes configuration and hook-based overlays only.

Module / component map

1. Bootstrap entry point

  • Loads module set
  • Registers lifecycle hooks and filters
  • Declares compatibility flags early in initialization

2. Admin page renderer

  • Adds dedicated settings tab
  • Routes between sections (status management, add-new, import/export)
  • Uses action-based form handling rather than settings API saves

3. Action handlers (POST path)

  • Guarded by nonce + capability checks
  • Support create/update/delete operations
  • Persist normalized state only

4. AJAX reorder endpoint

  • Authenticated admin AJAX entry
  • Validates membership and remaps sequence values
  • Persists atomically at option level

5. Import/export pipeline

  • Export path validates capability and streams downloadable artifact
  • Import path performs upload validation, schema checks, preview generation, and conflict-aware apply
  • Uses short-lived tokenized transient state between preview and apply

6. Persistence adapter

  • Reads/writes configuration via platform options
  • Normalizes labels, locale maps, booleans, order values, and color values
  • Performs defensive repair when stored state is partially malformed

7. Integration adapter

  • Registers custom statuses
  • Rebuilds effective status ordering
  • Injects admin integrations (bulk actions, badge output, dropdown filtering)

Platform integration model

Integration is hook-first and side-effect constrained:

  • Initialization hooks register statuses and load localization
  • Admin hooks attach asset loading and form/export handling
  • Filter hooks rewrite effective status arrays
  • AJAX hook exposes reorder behavior

A guard flag prevents recursive status-fetching loops when integration code reads filtered WooCommerce status data.

Execution flows

1) Bootstrap flow

  1. Entry defines constants and compatibility callback
  2. Modules load
  3. Hook map registers for lifecycle and admin events

2) Status management flow (sync)

  1. Operator submits form
  2. Nonce + capability validated
  3. Payload sanitized and normalized
  4. Configuration store updated
  5. Admin notice returned

3) Reorder flow (async)

  1. UI computes ordered identifiers
  2. Client posts via AJAX
  3. Endpoint validates
  4. Sequence values remapped
  5. JSON response returned

4) Export flow

  1. Operator triggers export
  2. Capability + nonce validated
  3. Payload built
  4. File streamed

5) Import flow

  1. Upload validated
  2. JSON parsed and schema-checked
  3. Transient token created
  4. Preview generated
  5. Apply merges state deterministically

State & data management

Persistent state

  • Configuration store (options):
    • Custom status definitions
    • Built-in status metadata

Ephemeral state

  • Transient import session keyed by token

Data discipline

  • Canonical slug sanitization
  • Locale-aware normalization with fallback
  • Color normalization to constrained hex format
  • Integer coercion and stable sorting
  • Self-healing re-save on repairable inconsistencies

Reliability & failure handling

  • Strict schema validation for imports
  • Early rejection of malformed uploads
  • Explicit error notices for UI
  • Structured JSON responses for AJAX
  • Idempotent conflict handling in import
  • Guardrails against unknown identifiers during reorder/merge

Security model

Security is enforced at every mutation entrypoint:

  • Capability gate for privileged operations
  • Nonce validation for forms and AJAX
  • Input sanitization before persistence
  • Escaped output in admin templates
  • Request scoping for context routing

Key engineering decisions & trade-offs

Procedural hook architecture

Aligns with WordPress runtime model and minimal bootstrap overhead.
Trade-off: requires naming discipline and clear modular separation.

Options + transients over custom tables

Simplifies deployment and uninstall lifecycle.
Trade-off: relies on normalization discipline and bounded payload sizes.

Two-phase import (preview → apply)

Improves operator safety and conflict transparency.
Trade-off: introduces transient session management complexity.

Server-authoritative normalization

Prevents client drift and enforces canonical state.
Trade-off: more transformation logic on write paths.

Dual sync/async mutation paths

Improves UX responsiveness while preserving deterministic validation.
Trade-off: requires consistency across validation channels.

How to evaluate this codebase

  1. Confirm capability + nonce checks on all mutation paths
  2. Verify normalization invariants before persistence
  3. Validate import parser robustness against malformed payloads
  4. Inspect conflict-resolution semantics
  5. Confirm reorder stability and recursion guards
  6. Ensure escaped rendering in admin output

Current state & evolution

Maturity indicators:

  • Clear separation of UI, storage, and integration projection
  • Deterministic import/export lifecycle
  • Support for both built-in metadata and custom definitions

Potential future evolution:

  • Shared validator utilities to reduce duplicated checks
  • Expanded integration-level test fixtures
  • Gradual encapsulation of procedural modules with domain-oriented wrappers

Source code reference

The production implementation of this architecture is publicly available in the plugin repository:

👉 https://github.com/rocketdeploy-dev/woocommerce-order-status-manager

This repository contains:

  • the complete plugin source code,
  • release history,
  • packaging workflows,
  • and the production-ready artifact used in real deployments.

The showcase focuses on architectural structure.
The plugin repository demonstrates the implementation.

Closing note & contact

This architecture reflects how rocketdeploy approaches operational tooling:
structured, platform-aligned, and execution-disciplined.

If you are designing or extending WooCommerce-based operational systems and need architectural review or implementation support:

👉 https://rocketdeploy.dev/en/contact

Built and maintained by rocketdeploy.

About

Architecture showcase of a WooCommerce admin extension for structured order status management.

rocketdeploy.dev/en/case-studies/woocommerce-order-status-manager

Topics

wordpress state-management architecture woocommerce plugin-architecture architecture-showcase admin-architecture hook-driven

Resources

Readme

License

View license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published