Skip to content

Don't load editor AI image and media tools for secondary accounts not connected to WordPress.com#50079

Open
saroshaga wants to merge 5 commits into
trunkfrom
fix/image-studio-hide-for-non-connected-users
Open

Don't load editor AI image and media tools for secondary accounts not connected to WordPress.com#50079
saroshaga wants to merge 5 commits into
trunkfrom
fix/image-studio-hide-for-non-connected-users

Conversation

@saroshaga

@saroshaga saroshaga commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Proposed changes

The editor's AI image and media generation tools load from a single asset. Until now that asset was enqueued whenever the site offered the tools, so it also loaded for administrators who hadn't connected their own WordPress.com account — users who can't actually use the tools and would only hit errors. The block-level AI features already gate on the current user's own connection, so this brings the media tools in line.

  • Add an is_current_user_connected() helper. It returns true on WordPress.com Simple (which has no per-user Jetpack connection, so every admin counts as connected); otherwise it requires the current user to have connected their own WordPress.com account. Atomic (WoA), self-hosted, and VIP all have per-user connections, so a user who disconnects their account is correctly treated as not connected.
  • Gate the editor and media-library asset enqueue, plus the media-library "Edit with AI" row action, on that helper. A non-connected user no longer loads the asset or sees the entry points.
  • Leave the site-level "does this site offer the tools" check unchanged. It also drives coordination with the standalone Big Sky build (telling it to stand down) and the suppression of the legacy AI image extensions — gating that on the individual visitor would let those older tools resurface for non-connected users.

Does this pull request change what data or activity we track or use?

No.

Testing instructions

Use a site connected to WordPress.com by one user (the connection owner) plus a second administrator who has not connected their own WordPress.com account. This applies to self-hosted Jetpack, VIP, and Atomic (where a second user can disconnect their account).

  • As the connection owner, open the post editor and the Media Library — the AI image and media tools appear and work as before.
  • As the non-connected administrator, open the post editor and the Media Library:
    • Before this change: the tools appear but error when used.
    • After this change: the tools no longer appear, and the asset is not enqueued on the page.
  • Reconnect that administrator's WordPress.com account, reload, and confirm the tools return.
  • On WordPress.com Simple, confirm no change — all admins keep the tools, since Simple has no per-user connection.

New unit tests in Image_Studio_Test.php cover the split: site-level enablement stays true for a non-connected user, while the asset enqueue and the media-library row action are gated on the user's own connection.

@github-actions

github-actions Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Are you an Automattician? Please test your changes on all WordPress.com environments to help mitigate accidental explosions.

  • To test on WoA, go to the Plugins menu on a WoA dev site. Click on the "Upload" button and follow the upgrade flow to be able to upload, install, and activate the Jetpack Beta plugin. Once the plugin is active, go to Jetpack > Jetpack Beta, select your plugin (Jetpack), and enable the fix/image-studio-hide-for-non-connected-users branch.
  • To test on Simple, run the following command on your sandbox:
bin/jetpack-downloader test jetpack fix/image-studio-hide-for-non-connected-users

Interested in more tips and information?

  • In your local development environment, use the jetpack rsync command to sync your changes to a WoA dev blog.
  • Read more about our development workflow here: PCYsg-eg0-p2
  • Figure out when your changes will be shipped to customers here: PCYsg-eg5-p2

@github-actions github-actions Bot added [Extension] Image Studio [Plugin] Jetpack Issues about the Jetpack plugin. https://wordpress.org/plugins/jetpack/ [Status] In Progress [Tests] Includes Tests labels Jun 30, 2026
@github-actions

github-actions Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Thank you for your PR!

When contributing to Jetpack, we have a few suggestions that can help us test and review your patch:

  • ✅ Include a description of your PR changes.
  • ✅ Add a "[Status]" label (In Progress, Needs Review, ...).
  • ✅ Add testing instructions.
  • ✅ Specify whether this PR includes any changes to data or privacy.
  • ✅ Add changelog entries to affected projects

This comment will be updated as you work on your PR and make changes. If you think that some of those checks are not needed for your PR, please explain why you think so. Thanks for cooperation 🤖


Follow this PR Review Process:

  1. Ensure all required checks appearing at the bottom of this PR are passing.
  2. Make sure to test your changes on all platforms that it applies to. You're responsible for the quality of the code you ship.
  3. You can use GitHub's Reviewers functionality to request a review.
  4. When it's reviewed and merged, you will be pinged in Slack to deploy the changes to WordPress.com simple once the build is done.

If you have questions about anything, reach out in #jetpack-developers for guidance!


Jetpack plugin:

The Jetpack plugin has different release cadences depending on the platform:

  • WordPress.com Simple releases happen as soon as you deploy your changes after merging this PR (PCYsg-Jjm-p2).
  • WoA releases happen weekly.
  • Releases to self-hosted sites happen monthly:
    • Scheduled release: July 7, 2026
    • Code freeze: July 6, 2026

If you have any questions about the release process, please ask in the #jetpack-releases channel on Slack.

@github-actions github-actions Bot added the [Status] Needs Author Reply We need more details from you. This label will be auto-added until the PR meets all requirements. label Jun 30, 2026
@jp-launch-control

jp-launch-control Bot commented Jun 30, 2026

Copy link
Copy Markdown

Code Coverage Summary

Coverage changed in 1 file.

File Coverage Δ% Δ Uncovered
projects/plugins/jetpack/extensions/plugins/image-studio/image-studio.php 181/197 (91.88%) 0.13% 0 💚

Full summary · PHP report · JS report

saroshaga and others added 4 commits July 1, 2026 10:53
… WordPress.com

The editor's AI image and media generation tools load from a single asset
that was enqueued whenever the site had a connection owner. That meant the
asset also loaded for admins who had not connected their own WordPress.com
account, even though they cannot use the tools and the tools error out when
used.

Gate enablement on the current user's own connection (always true on
WordPress.com Simple and WoA, otherwise the current user must be connected),
matching how the block-level AI features already behave. The asset is no
longer enqueued for non-connected users, so the related editor and
media-library entry points are hidden instead of shown and erroring.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The site-level enablement check does double duty: it decides whether the site
offers the AI media tools (which drives the Big Sky stand-down signal and the
suppression of the legacy AI image extensions) and, previously, whether to load
them for the current user. Gating the whole thing on the current user's
connection meant a non-connected visitor stopped Jetpack from signalling
ownership, so Big Sky loaded its own copy instead.

Keep the site-level check independent of the visitor and move the per-user
connection gate onto the actual asset enqueue and the media-library entry point.
A non-connected user now gets neither Jetpack's tools nor the Big Sky fallback,
and the legacy image extensions stay suppressed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Atomic (WoA) has per-user Jetpack connections, so a user who disconnects
their own account can no longer use the AI tools. is_wpcom_platform() lumped
Atomic in with Simple and treated that user as connected, so the assets still
loaded. Short-circuit only Simple (no per-user connection there) and let
Atomic fall through to the real is_user_connected() check, like self-hosted
and VIP.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@saroshaga saroshaga force-pushed the fix/image-studio-hide-for-non-connected-users branch from c1e3880 to 44b7b92 Compare July 1, 2026 06:53
@saroshaga saroshaga requested review from Copilot, kat3samsin and t-wright and removed request for kat3samsin July 1, 2026 07:26

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR aligns Image Studio’s editor/media-library entry points with the existing per-user connection gating used by other AI features, preventing AI image/media tooling from loading (and erroring) for administrators who haven’t connected their own WordPress.com account.

Changes:

  • Add a per-user connection helper (is_current_user_connected()) with WordPress.com Simple short-circuit behavior.
  • Gate editor/admin asset enqueue and Media Library row-action registration on the current user’s connection.
  • Add/extend PHPUnit coverage to verify site-level enablement remains independent of per-user gating.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
projects/plugins/jetpack/extensions/plugins/image-studio/image-studio.php Adds per-user connection helper and uses it to gate asset loading and Media Library entry points.
projects/plugins/jetpack/tests/php/extensions/plugins/image-studio/Image_Studio_Test.php Adds tests covering site-level enablement vs per-user asset/row-action gating.
projects/plugins/jetpack/changelog/fix-image-studio-hide-for-non-connected-users Adds changelog entry describing the user-facing behavior change.

Comment on lines +60 to +64
* True on WordPress.com Simple, which has no per-user Jetpack connection so every
* admin counts as connected. Atomic (WoA), self-hosted and VIP all have per-user
* connections, so there the current user must have connected their own
* WordPress.com account — a user who has disconnected is correctly treated as not
* connected. Gates the asset enqueue and the media-library entry point so

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@saroshaga saroshaga marked this pull request as ready for review July 1, 2026 07:28
Drop the $connection_owner_id test property and its assignment (set but never
read after the test rework), and reword the is_current_user_connected() docblock
so it says the current user is always treated as connected on Simple rather than
implying a role check the function doesn't do.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@saroshaga saroshaga requested a review from aagam-shah July 1, 2026 07:41

@t-wright t-wright left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for fixing this. Works as expected.

@saroshaga saroshaga changed the title Don't load editor AI image and media tools for users not connected to WordPress.com Don't load editor AI image and media tools for secondary accounts not connected to WordPress.com Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

[Extension] Image Studio [Plugin] Jetpack Issues about the Jetpack plugin. https://wordpress.org/plugins/jetpack/ [Status] In Progress [Status] Needs Author Reply We need more details from you. This label will be auto-added until the PR meets all requirements. [Tests] Includes Tests

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants