From 1c3c08c7107cd4722323b94937a44d1aaf7b4211 Mon Sep 17 00:00:00 2001
From: Joe Fusco <hello@josephfus.co>
Date: Thu, 26 Jun 2025 13:10:17 -0400
Subject: [PATCH 1/6] Fix inability to delete via UI

---
 .../src/Admin/WebhooksAdmin.php               | 49 ++++++++++++++-----
 .../src/Admin/WebhooksListTable.php           | 36 +-------------
 2 files changed, 39 insertions(+), 46 deletions(-)

diff --git a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
index c2b6d408..80b2bd7b 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
@@ -147,10 +147,6 @@ public function handle_actions(): void {
 		if ( isset( $_POST['action'] ) && 'save_webhook' === $_POST['action'] ) {
 			$this->handle_webhook_save();
 		}
-
-		if ( isset( $_GET['action'] ) && 'delete' === $_GET['action'] && isset( $_GET['webhook_id'] ) ) {
-			$this->handle_webhook_delete();
-		}
 	}
 
 	/**
@@ -186,7 +182,7 @@ private function verify_nonce( string $nonce_name, string $action ): bool {
 	 */
 	public function handle_webhook_save() {
 		// Verify permissions and nonce
-		if ( ! $this->verify_admin_permission() || ! $this->verify_nonce( 'webhook_save', 'webhook_nonce' ) ) {
+		if ( ! $this->verify_admin_permission() || ! $this->verify_nonce( 'webhook_nonce', 'webhook_save' ) ) {
 			wp_die( __( 'Unauthorized', 'wp-graphql-webhooks' ) );
 		}
 
@@ -200,7 +196,7 @@ public function handle_webhook_save() {
 		];
 
 		// Validate data
-		$validation = $this->repository->validate_data( $data );
+		$validation = $this->repository->validate_data( $data['event'], $data['url'], $data['method'] );
 		if ( is_wp_error( $validation ) ) {
 			wp_die( $validation->get_error_message() );
 		}
@@ -231,15 +227,44 @@ public function handle_webhook_delete() {
 	 * Handle admin actions
 	 */
 	public function handle_admin_actions() {
-		// Handle bulk actions from WP_List_Table
-		if ( isset( $_REQUEST['action'] ) && 'delete' === $_REQUEST['action'] || 
-		     isset( $_REQUEST['action2'] ) && 'delete' === $_REQUEST['action2'] ) {
+		// Only process on our admin page
+		if ( ! isset( $_GET['page'] ) || self::ADMIN_PAGE_SLUG !== $_GET['page'] ) {
+			return;
+		}
+
+		// Handle single delete action
+		if ( isset( $_GET['action'] ) && 'delete' === $_GET['action'] && isset( $_GET['webhook'] ) ) {
+			if ( ! $this->verify_admin_permission() ) {
+				return;
+			}
+
+			$webhook_id = intval( $_GET['webhook'] );
+			$nonce = isset( $_GET['_wpnonce'] ) ? $_GET['_wpnonce'] : '';
+
+			if ( ! wp_verify_nonce( $nonce, 'delete-webhook-' . $webhook_id ) ) {
+				wp_die( __( 'Security check failed.', 'wp-graphql-headless-webhooks' ) );
+			}
+
+			if ( $this->repository->delete( $webhook_id ) ) {
+				wp_redirect( add_query_arg( [ 'deleted' => 1 ], remove_query_arg( [ 'action', 'webhook', '_wpnonce' ], $this->get_admin_url() ) ) );
+				exit;
+			}
+		}
+
+		// Handle bulk delete actions from WP_List_Table
+		if ( isset( $_POST['action'] ) && 'delete' === $_POST['action'] || 
+		     isset( $_POST['action2'] ) && 'delete' === $_POST['action2'] ) {
 			
-			if ( ! $this->verify_admin_permission() || ! $this->verify_nonce( 'bulk-webhooks', '_wpnonce' ) ) {
+			if ( ! $this->verify_admin_permission() ) {
 				return;
 			}
 
-			$webhook_ids = isset( $_REQUEST['webhook'] ) ? array_map( 'intval', (array) $_REQUEST['webhook'] ) : [];
+			// Check bulk action nonce
+			if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'bulk-webhooks' ) ) {
+				wp_die( __( 'Security check failed.', 'wp-graphql-headless-webhooks' ) );
+			}
+
+			$webhook_ids = isset( $_POST['webhook'] ) ? array_map( 'intval', (array) $_POST['webhook'] ) : [];
 			$deleted = 0;
 
 			foreach ( $webhook_ids as $webhook_id ) {
@@ -249,7 +274,7 @@ public function handle_admin_actions() {
 			}
 
 			if ( $deleted > 0 ) {
-				wp_redirect( add_query_arg( [ 'deleted' => $deleted ], $this->get_admin_url() ) );
+				wp_redirect( add_query_arg( [ 'deleted' => $deleted ], remove_query_arg( [ 'action', 'action2', 'webhook', '_wpnonce' ], $this->get_admin_url() ) ) );
 				exit;
 			}
 		}
diff --git a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksListTable.php b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksListTable.php
index 1e1e9aea..3e57c611 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksListTable.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksListTable.php
@@ -77,47 +77,15 @@ public function get_sortable_columns() {
 	 */
 	public function get_bulk_actions() {
 		return [
-			'bulk-delete' => __( 'Delete', 'wp-graphql-webhooks' ),
+			'delete' => __( 'Delete', 'wp-graphql-webhooks' ),
 		];
 	}
 
-	/**
-	 * Process bulk actions
-	 */
-	public function process_bulk_action() {
-		// Handle bulk delete
-		if ( 'bulk-delete' === $this->current_action() ) {
-			$webhook_ids = isset( $_POST['webhook'] ) ? array_map( 'intval', $_POST['webhook'] ) : [];
-			
-			if ( ! empty( $webhook_ids ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'bulk-' . $this->_args['plural'] ) ) {
-				foreach ( $webhook_ids as $id ) {
-					$this->repository->delete( $id );
-				}
-				
-				wp_redirect( add_query_arg( 'deleted', count( $webhook_ids ), remove_query_arg( [ 'action', 'webhook', '_wpnonce' ] ) ) );
-				exit;
-			}
-		}
-		
-		// Handle single delete
-		if ( 'delete' === $this->current_action() ) {
-			$webhook_id = isset( $_GET['webhook'] ) ? intval( $_GET['webhook'] ) : 0;
-			$nonce = isset( $_GET['_wpnonce'] ) ? $_GET['_wpnonce'] : '';
-			
-			if ( $webhook_id && wp_verify_nonce( $nonce, 'delete-webhook-' . $webhook_id ) ) {
-				$this->repository->delete( $webhook_id );
-				wp_redirect( add_query_arg( 'deleted', 1, remove_query_arg( [ 'action', 'webhook', '_wpnonce' ] ) ) );
-				exit;
-			}
-		}
-	}
 
 	/**
 	 * Prepare items for display
 	 */
-	public function prepare_items() {
-		$this->process_bulk_action();
-		
+	public function prepare_items() {		
 		$per_page = $this->get_items_per_page( 'webhooks_per_page', 20 );
 		$current_page = $this->get_pagenum();
 		

From ad13b9eaf61b683a7b5e9a1dd1a03c3a09d735b5 Mon Sep 17 00:00:00 2001
From: Joe Fusco <hello@josephfus.co>
Date: Thu, 26 Jun 2025 14:03:08 -0400
Subject: [PATCH 2/6] Fix delete

---
 .../assets/js/admin.js                        |  2 +-
 .../src/Admin/WebhooksAdmin.php               | 26 ++++++++-----------
 .../src/Plugin.php                            |  2 +-
 3 files changed, 13 insertions(+), 17 deletions(-)

diff --git a/plugins/wp-graphql-headless-webhooks/assets/js/admin.js b/plugins/wp-graphql-headless-webhooks/assets/js/admin.js
index 0a9f1c0e..e43f51d4 100644
--- a/plugins/wp-graphql-headless-webhooks/assets/js/admin.js
+++ b/plugins/wp-graphql-headless-webhooks/assets/js/admin.js
@@ -11,7 +11,7 @@
 				'click',
 				function () {
 					var headerRow = $( wpGraphQLWebhooks.headerTemplate || wpGraphQLWebhooks.headerRowTemplate );
-					$( '#webhook-headers-container, #webhook-headers' ).append( headerRow );
+					$( '#webhook-headers-container' ).append( headerRow );
 				}
 			);
 
diff --git a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
index 745a8eed..a0b233c9 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
@@ -51,28 +51,19 @@ public function __construct( WebhookRepositoryInterface $repository ) {
 	}
 
 	/**
-	 * Optionally initialize additional admin hooks.
-	 *
-	 * @return void
-	 */
-	public function init(): void {
-		add_action( 'admin_init', [ $this, 'handle_actions' ] );
-	}
-
-	/**
-	 * Registers the top-level "Webhooks" admin menu.
+	 * Registers the webhooks submenu under the GraphQL admin menu.
 	 *
 	 * @return void
 	 */
 	public function add_admin_menu(): void {
-		add_menu_page(
-			__( 'Webhooks', 'wp-graphql-headless-webhooks' ),
+		// Add submenu under GraphQL menu using the correct parent slug
+		add_submenu_page(
+			'graphiql-ide',
+			__( 'GraphQL Webhooks', 'wp-graphql-headless-webhooks' ),
 			__( 'Webhooks', 'wp-graphql-headless-webhooks' ),
 			'manage_options',
 			self::ADMIN_PAGE_SLUG,
-			[ $this, 'render_admin_page' ],
-			'dashicons-rss',
-			25
+			[ $this, 'render_admin_page' ]
 		);
 	}
 
@@ -97,6 +88,11 @@ public function get_admin_url( array $args = [] ): string {
 	 * @return void
 	 */
 	public function enqueue_assets( string $hook ): void {
+		// Only enqueue on our admin page
+		if ( false === strpos( $hook, self::ADMIN_PAGE_SLUG ) ) {
+			return;
+		}
+
 		wp_enqueue_style(
 			'graphql-webhooks-admin',
 			WPGRAPHQL_HEADLESS_WEBHOOKS_PLUGIN_URL . 'assets/css/admin.css',
diff --git a/plugins/wp-graphql-headless-webhooks/src/Plugin.php b/plugins/wp-graphql-headless-webhooks/src/Plugin.php
index 51d49a1a..aa26e4be 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Plugin.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Plugin.php
@@ -96,7 +96,7 @@ private function setup(): void {
 				
 				if ( class_exists( 'WPGraphQL\Webhooks\Admin\WebhooksAdmin' ) ) {
 					$admin = new \WPGraphQL\Webhooks\Admin\WebhooksAdmin( $repository );
-					$admin->init();
+					// The constructor already sets up all necessary hooks
 				}
 			}
 

From a43f170879705bbd96dbb80d037b6d65afa738ea Mon Sep 17 00:00:00 2001
From: Joe Fusco <hello@josephfus.co>
Date: Thu, 26 Jun 2025 14:09:38 -0400
Subject: [PATCH 3/6] Update WebhooksAdmin.php

---
 .../src/Admin/WebhooksAdmin.php                           | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
index a0b233c9..8f92a6fa 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
@@ -233,11 +233,9 @@ public function handle_webhook_delete() {
 	 * @return void
 	 */
 	public function handle_admin_actions() {
-		if (
-			( isset( $_REQUEST['action'] ) && 'delete' === $_REQUEST['action'] ) ||
-			( isset( $_REQUEST['action2'] ) && 'delete' === $_REQUEST['action2'] )
-		) {
-			if ( ! $this->verify_admin_permission() || ! $this->verify_nonce( 'bulk-webhooks', '_wpnonce' ) ) {
+		// Handle single webhook delete
+		if ( isset( $_REQUEST['action'] ) && 'delete' === $_REQUEST['action'] && isset( $_GET['webhook'] ) ) {
+			if ( ! $this->verify_admin_permission() ) {
 				return;
 			}
 

From f708a52baf31b9cb660bbe0e0fe42ed1c0c2c89f Mon Sep 17 00:00:00 2001
From: Joe Fusco <hello@josephfus.co>
Date: Thu, 26 Jun 2025 14:49:15 -0400
Subject: [PATCH 4/6] resolve bulk delete issue

---
 .../src/Admin/WebhooksAdmin.php               | 97 ++++++-------------
 .../src/Admin/WebhooksListTable.php           | 45 ++++++++-
 2 files changed, 73 insertions(+), 69 deletions(-)

diff --git a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
index 8f92a6fa..96104401 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
@@ -45,8 +45,7 @@ public function __construct( WebhookRepositoryInterface $repository ) {
 		add_action( 'admin_menu', [ $this, 'add_admin_menu' ] );
 		add_action( 'admin_enqueue_scripts', [ $this, 'enqueue_assets' ] );
 		add_action( 'admin_post_graphql_webhook_save', [ $this, 'handle_webhook_save' ] );
-		add_action( 'admin_post_graphql_webhook_delete', [ $this, 'handle_webhook_delete' ] );
-		add_action( 'admin_init', [ $this, 'handle_admin_actions' ] );
+		add_action( 'admin_init', [ $this, 'handle_delete_actions' ] );
 		add_action( 'wp_ajax_test_webhook', [ $this, 'ajax_test_webhook' ] );
 	}
 
@@ -132,20 +131,6 @@ private function get_header_row_template(): string {
 		return ob_get_clean();
 	}
 
-	/**
-	 * Handles admin actions from the webhooks page.
-	 *
-	 * @return void
-	 */
-	public function handle_actions(): void {
-		if ( ! isset( $_GET['page'] ) || self::ADMIN_PAGE_SLUG !== $_GET['page'] ) {
-			return;
-		}
-
-		if ( isset( $_POST['action'] ) && 'save_webhook' === $_POST['action'] ) {
-			$this->handle_webhook_save();
-		}
-	}
 
 	/**
 	 * Checks if the current user has permission to manage options.
@@ -219,68 +204,44 @@ public function handle_webhook_save() {
 	}
 
 	/**
-	 * Handles deleting a webhook.
+	 * Handles webhook delete actions (both single and bulk).
+	 * Consolidates delete logic in one place for easier maintenance.
 	 *
 	 * @return void
 	 */
-	public function handle_webhook_delete() {
-		// To be implemented: Individual deletes are handled through the list table's handle_row_actions.
-	}
-
-	/**
-	 * Handles bulk admin actions (such as bulk delete).
-	 *
-	 * @return void
-	 */
-	public function handle_admin_actions() {
-		// Handle single webhook delete
-		if ( isset( $_REQUEST['action'] ) && 'delete' === $_REQUEST['action'] && isset( $_GET['webhook'] ) ) {
-			if ( ! $this->verify_admin_permission() ) {
-				return;
-			}
-
-			$webhook_id = intval( $_GET['webhook'] );
-			$nonce = isset( $_GET['_wpnonce'] ) ? $_GET['_wpnonce'] : '';
-
-			if ( ! wp_verify_nonce( $nonce, 'delete-webhook-' . $webhook_id ) ) {
-				wp_die( __( 'Security check failed.', 'wp-graphql-headless-webhooks' ) );
-			}
-
-			if ( $this->repository->delete( $webhook_id ) ) {
-				wp_redirect( add_query_arg( [ 'deleted' => 1 ], remove_query_arg( [ 'action', 'webhook', '_wpnonce' ], $this->get_admin_url() ) ) );
-				exit;
-			}
+	public function handle_delete_actions() {
+		// Only process on our admin page
+		if ( ! isset( $_REQUEST['page'] ) || self::ADMIN_PAGE_SLUG !== $_REQUEST['page'] ) {
+			return;
 		}
 
-		// Handle bulk delete actions from WP_List_Table
-		if ( isset( $_POST['action'] ) && 'delete' === $_POST['action'] || 
-		     isset( $_POST['action2'] ) && 'delete' === $_POST['action2'] ) {
-			
-			if ( ! $this->verify_admin_permission() ) {
-				return;
-			}
-
-			// Check bulk action nonce
-			if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'bulk-webhooks' ) ) {
-				wp_die( __( 'Security check failed.', 'wp-graphql-headless-webhooks' ) );
-			}
-
-			$webhook_ids = isset( $_POST['webhook'] ) ? array_map( 'intval', (array) $_POST['webhook'] ) : [];
-			$deleted = 0;
+		// Check if this is a delete action
+		$is_single_delete = isset( $_GET['action'] ) && 'delete' === $_GET['action'] && isset( $_GET['webhook'] );
+		
+		if ( ! $is_single_delete ) {
+			return;
+		}
 
-			foreach ( $webhook_ids as $webhook_id ) {
-				if ( $this->repository->delete( $webhook_id ) ) {
-					$deleted++;
-				}
-			}
+		// Verify permissions once
+		if ( ! $this->verify_admin_permission() ) {
+			return;
+		}
 
-			if ( $deleted > 0 ) {
-				wp_redirect( add_query_arg( [ 'deleted' => $deleted ], remove_query_arg( [ 'action', 'action2', 'webhook', '_wpnonce' ], $this->get_admin_url() ) ) );
-				exit;
-			}
+		// Single delete
+		$webhook_id = intval( $_GET['webhook'] );
+		$nonce = isset( $_GET['_wpnonce'] ) ? $_GET['_wpnonce'] : '';
+		
+		if ( ! wp_verify_nonce( $nonce, 'delete-webhook-' . $webhook_id ) ) {
+			wp_die( __( 'Security check failed.', 'wp-graphql-headless-webhooks' ) );
 		}
+
+		// Delete and redirect
+		$deleted = $this->repository->delete( $webhook_id ) ? 1 : 0;
+		wp_redirect( add_query_arg( [ 'deleted' => $deleted ], remove_query_arg( [ 'action', 'webhook', '_wpnonce' ], $this->get_admin_url() ) ) );
+		exit;
 	}
 
+
 	/**
 	 * Renders the webhooks admin page.
 	 *
diff --git a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksListTable.php b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksListTable.php
index 3e57c611..ec92182e 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksListTable.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksListTable.php
@@ -82,10 +82,53 @@ public function get_bulk_actions() {
 	}
 
 
+	/**
+	 * Process bulk actions
+	 */
+	public function process_bulk_action() {
+		// Only handle delete action
+		if ( 'delete' !== $this->current_action() ) {
+			return;
+		}
+
+		// Verify nonce
+		if ( ! isset( $_REQUEST['_wpnonce'] ) || ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'bulk-' . $this->_args['plural'] ) ) {
+			wp_die( __( 'Security check failed.', 'wp-graphql-webhooks' ) );
+		}
+
+		// Check permissions
+		if ( ! current_user_can( 'manage_options' ) ) {
+			wp_die( __( 'You do not have sufficient permissions to access this page.', 'wp-graphql-headless-webhooks' ) );
+		}
+
+		// Get selected webhooks
+		$webhook_ids = isset( $_REQUEST['webhook'] ) ? array_map( 'intval', (array) $_REQUEST['webhook'] ) : [];
+		if ( empty( $webhook_ids ) ) {
+			return;
+		}
+
+		// Delete webhooks
+		$deleted = 0;
+		foreach ( $webhook_ids as $webhook_id ) {
+			if ( $this->repository->delete( $webhook_id ) ) {
+				$deleted++;
+			}
+		}
+
+		// Redirect with success message
+		if ( $deleted > 0 ) {
+			wp_redirect( add_query_arg( [ 'deleted' => $deleted ], remove_query_arg( [ 'action', 'action2', 'webhook', '_wpnonce' ] ) ) );
+			exit;
+		}
+	}
+
 	/**
 	 * Prepare items for display
 	 */
-	public function prepare_items() {		
+	public function prepare_items() {
+		// Process bulk actions first
+		$this->process_bulk_action();
+		
 		$per_page = $this->get_items_per_page( 'webhooks_per_page', 20 );
 		$current_page = $this->get_pagenum();
 		

From fbf9139db73c2881c4a586fd9bc03610640ba0da Mon Sep 17 00:00:00 2001
From: Joe Fusco <hello@josephfus.co>
Date: Thu, 26 Jun 2025 14:59:39 -0400
Subject: [PATCH 5/6] Clean up handle_actions

---
 .../src/Admin/WebhooksAdmin.php               | 38 ++++++++++++-------
 .../src/Admin/views/webhook-form.php          |  4 +-
 2 files changed, 26 insertions(+), 16 deletions(-)

diff --git a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
index 96104401..7b33b8e2 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
@@ -44,8 +44,7 @@ public function __construct( WebhookRepositoryInterface $repository ) {
 
 		add_action( 'admin_menu', [ $this, 'add_admin_menu' ] );
 		add_action( 'admin_enqueue_scripts', [ $this, 'enqueue_assets' ] );
-		add_action( 'admin_post_graphql_webhook_save', [ $this, 'handle_webhook_save' ] );
-		add_action( 'admin_init', [ $this, 'handle_delete_actions' ] );
+		add_action( 'admin_init', [ $this, 'handle_actions' ] );
 		add_action( 'wp_ajax_test_webhook', [ $this, 'ajax_test_webhook' ] );
 	}
 
@@ -204,39 +203,50 @@ public function handle_webhook_save() {
 	}
 
 	/**
-	 * Handles webhook delete actions (both single and bulk).
-	 * Consolidates delete logic in one place for easier maintenance.
+	 * Handles admin actions from the webhooks page.
 	 *
 	 * @return void
 	 */
-	public function handle_delete_actions() {
-		// Only process on our admin page
+	public function handle_actions(): void {
 		if ( ! isset( $_REQUEST['page'] ) || self::ADMIN_PAGE_SLUG !== $_REQUEST['page'] ) {
 			return;
 		}
 
-		// Check if this is a delete action
-		$is_single_delete = isset( $_GET['action'] ) && 'delete' === $_GET['action'] && isset( $_GET['webhook'] );
-		
-		if ( ! $is_single_delete ) {
-			return;
+		// Handle save action
+		if ( isset( $_POST['action'] ) && 'save_webhook' === $_POST['action'] ) {
+			$this->handle_webhook_save();
 		}
 
-		// Verify permissions once
+		// Handle delete action
+		if ( isset( $_GET['action'] ) && 'delete' === $_GET['action'] && isset( $_GET['webhook'] ) ) {
+			$this->handle_webhook_delete();
+		}
+	}
+
+	/**
+	 * Handles single webhook deletion.
+	 *
+	 * @return void
+	 */
+	private function handle_webhook_delete(): void {
+		// Verify permissions
 		if ( ! $this->verify_admin_permission() ) {
 			return;
 		}
 
-		// Single delete
+		// Get webhook ID
 		$webhook_id = intval( $_GET['webhook'] );
 		$nonce = isset( $_GET['_wpnonce'] ) ? $_GET['_wpnonce'] : '';
 		
+		// Verify nonce
 		if ( ! wp_verify_nonce( $nonce, 'delete-webhook-' . $webhook_id ) ) {
 			wp_die( __( 'Security check failed.', 'wp-graphql-headless-webhooks' ) );
 		}
 
-		// Delete and redirect
+		// Delete webhook
 		$deleted = $this->repository->delete( $webhook_id ) ? 1 : 0;
+		
+		// Redirect with result
 		wp_redirect( add_query_arg( [ 'deleted' => $deleted ], remove_query_arg( [ 'action', 'webhook', '_wpnonce' ], $this->get_admin_url() ) ) );
 		exit;
 	}
diff --git a/plugins/wp-graphql-headless-webhooks/src/Admin/views/webhook-form.php b/plugins/wp-graphql-headless-webhooks/src/Admin/views/webhook-form.php
index cc9e7abd..6f7d1ab3 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Admin/views/webhook-form.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Admin/views/webhook-form.php
@@ -28,9 +28,9 @@
 <div class="wrap">
 	<h1><?php echo esc_html( $form_title ); ?></h1>
 
-	<form method="post" action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>">
+	<form method="post">
 		<?php wp_nonce_field( 'webhook_save', 'webhook_nonce' ); ?>
-		<input type="hidden" name="action" value="graphql_webhook_save">
+		<input type="hidden" name="action" value="save_webhook">
 		<?php if ( $webhook ) : ?>
 			<input type="hidden" name="webhook_id" value="<?php echo esc_attr( $webhook->id ); ?>">
 		<?php endif; ?>

From 797b03c471145148e93717c66fbe2e4290f0f10b Mon Sep 17 00:00:00 2001
From: Joe Fusco <hello@josephfus.co>
Date: Thu, 26 Jun 2025 15:05:54 -0400
Subject: [PATCH 6/6] Init in init so it's testable

---
 .../src/Admin/WebhooksAdmin.php                            | 7 +++++++
 plugins/wp-graphql-headless-webhooks/src/Plugin.php        | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
index 7b33b8e2..77a0e162 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Admin/WebhooksAdmin.php
@@ -41,7 +41,14 @@ class WebhooksAdmin {
 	 */
 	public function __construct( WebhookRepositoryInterface $repository ) {
 		$this->repository = $repository;
+	}
 
+	/**
+	 * Initialize the admin functionality.
+	 *
+	 * @return void
+	 */
+	public function init(): void {
 		add_action( 'admin_menu', [ $this, 'add_admin_menu' ] );
 		add_action( 'admin_enqueue_scripts', [ $this, 'enqueue_assets' ] );
 		add_action( 'admin_init', [ $this, 'handle_actions' ] );
diff --git a/plugins/wp-graphql-headless-webhooks/src/Plugin.php b/plugins/wp-graphql-headless-webhooks/src/Plugin.php
index aa26e4be..51d49a1a 100644
--- a/plugins/wp-graphql-headless-webhooks/src/Plugin.php
+++ b/plugins/wp-graphql-headless-webhooks/src/Plugin.php
@@ -96,7 +96,7 @@ private function setup(): void {
 				
 				if ( class_exists( 'WPGraphQL\Webhooks\Admin\WebhooksAdmin' ) ) {
 					$admin = new \WPGraphQL\Webhooks\Admin\WebhooksAdmin( $repository );
-					// The constructor already sets up all necessary hooks
+					$admin->init();
 				}
 			}