Ticket #38398: 38398.diff
File 38398.diff, 90.0 KB (added by , 8 years ago) |
---|
-
src/wp-includes/rest-api/class-wp-rest-request.php
359 359 360 360 // Ensure we parse the body data. 361 361 $body = $this->get_body(); 362 if ( $this->method !== 'POST'&& ! empty( $body ) ) {362 if ( 'POST' !== $this->method && ! empty( $body ) ) { 363 363 $this->parse_body_params(); 364 364 } 365 365 … … 967 967 968 968 $api_root = rest_url(); 969 969 if ( get_option( 'permalink_structure' ) && 0 === strpos( $url, $api_root ) ) { 970 // Pretty permalinks on, and URL is under the API root 970 // Pretty permalinks on, and URL is under the API root. 971 971 $api_url_part = substr( $url, strlen( untrailingslashit( $api_root ) ) ); 972 972 $route = parse_url( $api_url_part, PHP_URL_PATH ); 973 973 } elseif ( ! empty( $query_params['rest_route'] ) ) { -
src/wp-includes/rest-api/class-wp-rest-response.php
246 246 $data = $this->get_data(); 247 247 $error->add( $data['code'], $data['message'], $data['data'] ); 248 248 if ( ! empty( $data['additional_errors'] ) ) { 249 foreach ( $data['additional_errors'] as $err ) {249 foreach ( $data['additional_errors'] as $err ) { 250 250 $error->add( $err['code'], $err['message'], $err['data'] ); 251 251 } 252 252 } -
src/wp-includes/rest-api/class-wp-rest-server.php
391 391 } 392 392 393 393 if ( $jsonp_callback ) { 394 // Prepend '/**/' to mitigate possible JSONP Flash attacks 394 // Prepend '/**/' to mitigate possible JSONP Flash attacks. 395 395 // https://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/ 396 396 echo '/**/' . $jsonp_callback . '(' . $result . ')'; 397 397 } else { … … 502 502 continue; 503 503 } 504 504 505 // Relation now changes from '$uri' to '$curie:$relation' 505 // Relation now changes from '$uri' to '$curie:$relation'. 506 506 $rel_regex = str_replace( '\{rel\}', '(.+)', preg_quote( $curie['href'], '!' ) ); 507 507 preg_match( '!' . $rel_regex . '!', $rel, $matches ); 508 508 if ( $matches ) { … … 585 585 if ( $has_links ) { 586 586 $embedded[ $rel ] = $embeds; 587 587 } 588 } 588 } // End foreach(). 589 589 590 590 if ( ! empty( $embedded ) ) { 591 591 $data['_embedded'] = $embedded; … … 741 741 // Allow comma-separated HTTP methods. 742 742 if ( is_string( $handler['methods'] ) ) { 743 743 $methods = explode( ',', $handler['methods'] ); 744 } else 744 } elseif ( is_array( $handler['methods'] ) ) { 745 745 $methods = $handler['methods']; 746 746 } else { 747 747 $methods = array(); … … 753 753 $method = strtoupper( trim( $method ) ); 754 754 $handler['methods'][ $method ] = true; 755 755 } 756 } 757 } 756 } // End foreach(). 757 } // End foreach(). 758 758 return $endpoints; 759 759 } 760 760 … … 896 896 897 897 if ( is_wp_error( $permission ) ) { 898 898 $response = $permission; 899 } else 899 } elseif ( false === $permission || null === $permission ) { 900 900 $response = new WP_Error( 'rest_forbidden', __( 'Sorry, you are not allowed to do that.' ), array( 'status' => 403 ) ); 901 901 } 902 902 } … … 958 958 $response->set_matched_handler( $handler ); 959 959 960 960 return $response; 961 } 962 } 961 } // End foreach(). 962 } // End foreach(). 963 963 964 964 return $this->error_to_response( new WP_Error( 'rest_no_route', __( 'No route was found matching the URL and request method' ), array( 'status' => 404 ) ) ); 965 965 } … … 1193 1193 'self' => rest_url( $route ), 1194 1194 ); 1195 1195 } 1196 } 1196 } // End foreach(). 1197 1197 1198 1198 if ( empty( $data['methods'] ) ) { 1199 1199 // No methods supported, hide the route. -
src/wp-includes/rest-api/endpoints/class-wp-rest-controller.php
1 1 <?php 2 3 2 /** 3 * REST API: WP_REST_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 9 10 /** 11 * Core base class extended to access via REST API. 12 * 13 * @since 4.7.0 14 */ 4 15 abstract class WP_REST_Controller { 5 16 6 17 /** 7 18 * The namespace of this controller's route. 8 19 * 20 * @since 4.7.0 21 * @access protected 9 22 * @var string 10 23 */ 11 24 protected $namespace; … … 13 26 /** 14 27 * The base of this controller's route. 15 28 * 29 * @since 4.7.0 30 * @access protected 16 31 * @var string 17 32 */ 18 33 protected $rest_base; 19 34 20 35 /** 21 * Register the routes for the objects of the controller. 36 * Registers the routes for the objects of the controller. 37 * 38 * @since 4.7.0 39 * @access public 22 40 */ 23 41 public function register_routes() { 24 42 _doing_it_wrong( 'WP_REST_Controller::register_routes', __( 'The register_routes() method must be overridden' ), 'WPAPI-2.0' ); 25 43 } 26 44 27 45 /** 28 * Check if a given request has access to get items. 46 * Checks if a given request has access to get items. 47 * 48 * @since 4.7.0 49 * @access public 29 50 * 30 51 * @param WP_REST_Request $request Full data about the request. 31 * @return WP_Error|bool ean52 * @return WP_Error|bool True if the request has read access, error object otherwise. 32 53 */ 33 54 public function get_items_permissions_check( $request ) { 34 55 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 35 56 } 36 57 37 58 /** 38 * Get a collection of items. 59 * Gets a collection of items. 60 * 61 * @since 4.7.0 62 * @access public 39 63 * 40 64 * @param WP_REST_Request $request Full data about the request. 41 * @return WP_Error|WP_REST_Response 65 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 42 66 */ 43 67 public function get_items( $request ) { 44 68 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 45 69 } 46 70 47 71 /** 48 * Check if a given request has access to get a specific item. 72 * Checks if a given request has access to get a specific item. 73 * 74 * @since 4.7.0 75 * @access public 49 76 * 50 77 * @param WP_REST_Request $request Full data about the request. 51 * @return WP_Error|bool ean78 * @return WP_Error|bool True if the request has read access for the item, error object otherwise. 52 79 */ 53 80 public function get_item_permissions_check( $request ) { 54 81 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 55 82 } 56 83 57 84 /** 58 * Get one item from the collection. 85 * Gets one item from the collection. 86 * 87 * @since 4.7.0 88 * @access public 59 89 * 60 90 * @param WP_REST_Request $request Full data about the request. 61 * @return WP_Error|WP_REST_Response 91 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 62 92 */ 63 93 public function get_item( $request ) { 64 94 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 65 95 } 66 96 67 97 /** 68 * Check if a given request has access to create items. 98 * Checks if a given request has access to create items. 99 * 100 * @since 4.7.0 101 * @access public 69 102 * 70 103 * @param WP_REST_Request $request Full data about the request. 71 * @return WP_Error|bool ean104 * @return WP_Error|bool True if the request has access to create items, error object otherwise. 72 105 */ 73 106 public function create_item_permissions_check( $request ) { 74 107 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 75 108 } 76 109 77 110 /** 78 * Create one item from the collection. 111 * Creates one item from the collection. 112 * 113 * @since 4.7.0 114 * @access public 79 115 * 80 116 * @param WP_REST_Request $request Full data about the request. 81 * @return WP_Error|WP_REST_Response 117 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 82 118 */ 83 119 public function create_item( $request ) { 84 120 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 85 121 } 86 122 87 123 /** 88 * Check if a given request has access to update a specific item. 124 * Checks if a given request has access to update a specific item. 125 * 126 * @since 4.7.0 127 * @access public 89 128 * 90 129 * @param WP_REST_Request $request Full data about the request. 91 * @return WP_Error|bool ean130 * @return WP_Error|bool True if the request has access to update the item, error object otherwise. 92 131 */ 93 132 public function update_item_permissions_check( $request ) { 94 133 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 95 134 } 96 135 97 136 /** 98 * Update one item from the collection. 137 * Updates one item from the collection. 138 * 139 * @since 4.7.0 140 * @access public 99 141 * 100 142 * @param WP_REST_Request $request Full data about the request. 101 * @return WP_Error|WP_REST_Response 143 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 102 144 */ 103 145 public function update_item( $request ) { 104 146 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 105 147 } 106 148 107 149 /** 108 * Check if a given request has access to delete a specific item. 150 * Checks if a given request has access to delete a specific item. 151 * 152 * @since 4.7.0 153 * @access public 109 154 * 110 155 * @param WP_REST_Request $request Full data about the request. 111 * @return WP_Error|bool ean156 * @return WP_Error|bool True if the request has access to delete the item, error object otherwise. 112 157 */ 113 158 public function delete_item_permissions_check( $request ) { 114 159 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 115 160 } 116 161 117 162 /** 118 * Delete one item from the collection. 163 * Deletes one item from the collection. 164 * 165 * @since 4.7.0 166 * @access public 119 167 * 120 168 * @param WP_REST_Request $request Full data about the request. 121 * @return WP_Error|WP_REST_Response 169 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 122 170 */ 123 171 public function delete_item( $request ) { 124 172 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 125 173 } 126 174 127 175 /** 128 * Prepare the item for create or update operation. 176 * Prepares the item for create or update operation. 177 * 178 * @since 4.7.0 179 * @access public 129 180 * 130 181 * @param WP_REST_Request $request Request object. 131 * @return WP_Error|object $prepared_item 182 * @return WP_Error|object $prepared_item The prepared item, or error object on failure. 132 183 */ 133 184 protected function prepare_item_for_database( $request ) { 134 185 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 135 186 } 136 187 137 188 /** 138 * Prepare the item for the REST response.189 * Prepares the item for the REST response. 139 190 * 140 * @param mixed $item WordPress representation of the item. 191 * @since 4.7.0 192 * @access public 193 * 194 * @param mixed $item WordPress representation of the item. 141 195 * @param WP_REST_Request $request Request object. 142 * @return WP_Error|WP_REST_Response $response 196 * @return WP_Error|WP_REST_Response $response Response object on success, or error object on failure. 143 197 */ 144 198 public function prepare_item_for_response( $item, $request ) { 145 199 return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), array( 'status' => 405 ) ); 146 200 } 147 201 148 202 /** 149 * Prepare a response for inserting into a collection. 203 * Prepares a response for inserting into a collection. 204 * 205 * @since 4.7.0 206 * @access public 150 207 * 151 208 * @param WP_REST_Response $response Response object. 152 209 * @return array Response data, ready for insertion into collection data. … … 173 230 } 174 231 175 232 /** 176 * Filter a response based on the context defined in the schema.233 * Filters a response based on the context defined in the schema. 177 234 * 178 * @param array $data 179 * @param string $context 235 * @since 4.7.0 236 * @access public 237 * 238 * @param array $data Response data to fiter. 239 * @param string $context Context defined in the schema. 180 240 * @return array 181 241 */ 182 242 public function filter_response_by_context( $data, $context ) { … … 210 270 } 211 271 212 272 /** 213 * Get the item's schema, conforming to JSON Schema. 273 * Gets the item's schema, conforming to JSON Schema. 274 * 275 * @since 4.7.0 276 * @access public 214 277 * 215 278 * @return array 216 279 */ … … 219 282 } 220 283 221 284 /** 222 * Get the item's schema for display / public consumption purposes. 285 * Gets the item's schema for display / public consumption purposes. 286 * 287 * @since 4.7.0 288 * @access public 223 289 * 224 290 * @return array 225 291 */ … … 235 301 } 236 302 237 303 /** 238 * Get the query params for collections. 304 * Gets the query params for collections. 305 * 306 * @since 4.7.0 307 * @access public 239 308 * 240 309 * @return array 241 310 */ … … 269 338 } 270 339 271 340 /** 272 * Get the magical context param.341 * Gets the magical context param. 273 342 * 274 343 * Ensures consistent description between endpoints, and populates enum from schema. 275 344 * 276 * @param array $args 345 * @since 4.7.0 346 * @access public 347 * 348 * @param array $args Additional arguments for context parameter. 277 349 * @return array 278 350 */ 279 351 public function get_context_param( $args = array() ) { … … 301 373 } 302 374 303 375 /** 304 * Add the values from additional fields to a data object. 376 * Adds the values from additional fields to a data object. 377 * 378 * @since 4.7.0 379 * @access protected 305 380 * 306 * @param array $object307 * @param WP_REST_Request $request 381 * @param array $object data object. 382 * @param WP_REST_Request $request Full details about the request. 308 383 * @return array modified object with additional fields. 309 384 */ 310 385 protected function add_additional_fields_to_object( $object, $request ) { … … 324 399 } 325 400 326 401 /** 327 * Update the values of additional fields added to a data object.402 * Updates the values of additional fields added to a data object. 328 403 * 329 * @param array $object 330 * @param WP_REST_Request $request 404 * @since 4.7.0 405 * @access protected 406 * 407 * @param array $object data Object. 408 * @param WP_REST_Request $request Full details about the request. 331 409 * @return bool|WP_Error True on success, WP_Error object if a field cannot be updated. 332 410 */ 333 411 protected function update_additional_fields_for_object( $object, $request ) { … … 353 431 } 354 432 355 433 /** 356 * Add the schema from additional fields to an schema array.434 * Adds the schema from additional fields to an schema array. 357 435 * 358 436 * The type of object is inferred from the passed schema. 359 437 * 438 * @since 4.7.0 439 * @access protected 440 * 360 441 * @param array $schema Schema array. 361 442 * @return array Modified Schema array. 362 443 */ … … 384 465 } 385 466 386 467 /** 387 * Get all the registered additional fields for a given object-type.468 * Gets all the registered additional fields for a given object-type. 388 469 * 389 * @param string $object_type 470 * @since 4.7.0 471 * @access protected 472 * 473 * @param string $object_type Optional, default is null. Type of the Object. 390 474 * @return array 391 475 */ 392 476 protected function get_additional_fields( $object_type = null ) { … … 409 493 } 410 494 411 495 /** 412 * Get the object type this controller is responsible for managing. 496 * Gets the object type this controller is responsible for managing. 497 * 498 * @since 4.7.0 499 * @access protected 413 500 * 414 501 * @return string 415 502 */ … … 424 511 } 425 512 426 513 /** 427 * Get an array of endpoint arguments from the item schema for the controller. 514 * Gets an array of endpoint arguments from the item schema for the controller. 515 * 516 * @since 4.7.0 517 * @access public 428 518 * 429 519 * @param string $method HTTP method of the request. The arguments 430 520 * for `CREATABLE` requests are checked for required … … 479 569 480 570 $endpoint_args[ $field_id ] = array_merge( $endpoint_args[ $field_id ], $params['arg_options'] ); 481 571 } 482 } 572 } // End foreach(). 483 573 484 574 return $endpoint_args; 485 575 } … … 492 582 * resultant post object. This is done so that plugins may manipulate the 493 583 * post that is used in the REST API. 494 584 * 585 * @since 4.7.0 586 * @access public 587 * 495 588 * @see get_post() 496 589 * @global WP_Query $wp_query 497 590 * … … 502 595 $post_obj = get_post( $post ); 503 596 504 597 /** 505 * Filter the post.598 * Filters the post. 506 599 * 507 600 * Allows plugins to filter the post object as returned by `\WP_REST_Controller::get_post()`. 508 601 * 602 * @since 4.7.0 603 * 509 604 * @param WP_Post|null $post_obj The post object as returned by `get_post()`. 510 605 * @param int|WP_Post $post The original value used to obtain the post object. 511 606 */ … … 515 610 } 516 611 517 612 /** 518 * Sanitize the slug value. 613 * Sanitizes the slug value. 614 * 615 * @since 4.7.0 616 * @access public 519 617 * 520 618 * @internal We can't use {@see sanitize_title} directly, as the second 521 619 * parameter is the fallback title, which would end up being set to the -
src/wp-includes/rest-api/endpoints/class-wp-rest-post-statuses-controller.php
1 1 <?php 2 2 /** 3 * REST API: WP_REST_Post_Statuses_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 9 10 /** 11 * Core class to access post statuses via REST API. 12 * 13 * @since 4.7.0 14 */ 3 15 class WP_REST_Post_Statuses_Controller extends WP_REST_Controller { 4 16 17 /** 18 * Constructor. 19 * 20 * @since 4.7.0 21 * @access public 22 */ 5 23 public function __construct() { 6 24 $this->namespace = 'wp/v2'; 7 25 $this->rest_base = 'statuses'; 8 26 } 9 27 10 28 /** 11 * Register the routes for the objects of the controller. 29 * Registers the routes for the objects of the controller. 30 * 31 * @since 4.7.0 32 * @access public 12 33 */ 13 34 public function register_routes() { 14 35 … … 36 57 } 37 58 38 59 /** 39 * Check whether a given request has permission to read post statuses. 60 * Checks whether a given request has permission to read post statuses. 61 * 62 * @since 4.7.0 63 * @access public 40 64 * 41 65 * @param WP_REST_Request $request Full details about the request. 42 * @return WP_Error|bool ean66 * @return WP_Error|bool True if the request has read access, error object otherwise. 43 67 */ 44 68 public function get_items_permissions_check( $request ) { 45 69 if ( 'edit' === $request['context'] ) { … … 55 79 } 56 80 57 81 /** 58 * Get all post statuses, depending on user context 82 * Gets all post statuses, depending on user context. 83 * 84 * @since 4.7.0 85 * @access public 59 86 * 60 * @param WP_REST_Request $request 61 * @return array|WP_Error87 * @param WP_REST_Request $request Full details about the request. 88 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 62 89 */ 63 90 public function get_items( $request ) { 64 91 $data = array(); … … 78 105 /** 79 106 * Check if a given request has access to read a post status. 80 107 * 108 * @since 4.7.0 109 * @access public 110 * 81 111 * @param WP_REST_Request $request Full details about the request. 82 * @return WP_Error|bool ean112 * @return WP_Error|bool True if the request has read access for the item, error object otherwise. 83 113 */ 84 114 public function get_item_permissions_check( $request ) { 85 115 $status = get_post_status_object( $request['status'] ); … … 94 124 } 95 125 96 126 /** 97 * Check whether a given post status should be visible 127 * Checks whether a given post status should be visible. 128 * 129 * @since 4.7.0 130 * @access protected 98 131 * 99 * @param object $status 100 * @return bool ean132 * @param object $status Post status. 133 * @return bool True if the post status is visible, false otherwise. 101 134 */ 102 135 protected function check_read_permission( $status ) { 103 136 if ( true === $status->public ) { … … 115 148 } 116 149 117 150 /** 118 * Get a specific post status151 * Gets a specific post status. 119 152 * 120 * @param WP_REST_Request $request 121 * @return array|WP_Error 153 * @since 4.7.0 154 * @access public 155 * 156 * @param WP_REST_Request $request Full details about the request. 157 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 122 158 */ 123 159 public function get_item( $request ) { 124 160 $obj = get_post_status_object( $request['status'] ); … … 130 166 } 131 167 132 168 /** 133 * Prepare a post status object for serialization 169 * Prepares a post status object for serialization. 170 * 171 * @since 4.7.0 172 * @access public 134 173 * 135 * @param stdClass $status Post status data136 * @param WP_REST_Request $request 174 * @param stdClass $status Post status data. 175 * @param WP_REST_Request $request Full details about the request. 137 176 * @return WP_REST_Response Post status data 138 177 */ 139 178 public function prepare_item_for_response( $status, $request ) { … … 161 200 } 162 201 163 202 /** 164 * Filter a status returned from the API.203 * Filters a status returned from the API. 165 204 * 166 205 * Allows modification of the status data right before it is returned. 167 206 * 207 * @since 4.7.0 208 * 168 209 * @param WP_REST_Response $response The response object. 169 210 * @param object $status The original status object. 170 211 * @param WP_REST_Request $request Request used to generate the response. … … 173 214 } 174 215 175 216 /** 176 * Get the Post status' schema, conforming to JSON Schema 217 * Gets the Post status' schema, conforming to JSON Schema. 218 * 219 * @since 4.7.0 220 * @access public 177 221 * 178 222 * @return array 179 223 */ … … 231 275 } 232 276 233 277 /** 234 * Get the query params for collections 278 * Gets the query params for collections. 279 * 280 * @since 4.7.0 281 * @access public 235 282 * 236 283 * @return array 237 284 */ -
src/wp-includes/rest-api/endpoints/class-wp-rest-post-types-controller.php
1 1 <?php 2 2 /** 3 * REST API: WP_REST_Post_Types_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 9 10 /** 11 * Core class to access post types via REST API. 12 * 13 * @since 4.7.0 14 */ 3 15 class WP_REST_Post_Types_Controller extends WP_REST_Controller { 4 16 17 /** 18 * Constructor. 19 * 20 * @since 4.7.0 21 * @access public 22 */ 5 23 public function __construct() { 6 24 $this->namespace = 'wp/v2'; 7 25 $this->rest_base = 'types'; 8 26 } 9 27 10 28 /** 11 * Register the routes for the objects of the controller. 29 * Registers the routes for the objects of the controller. 30 * 31 * @since 4.7.0 32 * @access public 12 33 */ 13 34 public function register_routes() { 14 35 … … 35 56 } 36 57 37 58 /** 38 * Check whether a given request has permission to read types. 59 * Checks whether a given request has permission to read types. 60 * 61 * @since 4.7.0 62 * @access public 39 63 * 40 64 * @param WP_REST_Request $request Full details about the request. 41 * @return WP_Error|bool ean65 * @return WP_Error|bool True if the request has read access, error object otherwise. 42 66 */ 43 67 public function get_items_permissions_check( $request ) { 44 68 if ( 'edit' === $request['context'] ) { … … 53 77 } 54 78 55 79 /** 56 * Get all public post types80 * Gets all public post types. 57 81 * 58 * @param WP_REST_Request $request 59 * @return array|WP_Error 82 * @since 4.7.0 83 * @access public 84 * 85 * @param WP_REST_Request $request Full details about the request. 86 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 60 87 */ 61 88 public function get_items( $request ) { 62 89 $data = array(); … … 71 98 } 72 99 73 100 /** 74 * Get a specific post type 101 * Gets a specific post type. 102 * 103 * @since 4.7.0 104 * @access public 75 105 * 76 * @param WP_REST_Request $request 77 * @return array|WP_Error106 * @param WP_REST_Request $request Full details about the request. 107 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 78 108 */ 79 109 public function get_item( $request ) { 80 110 $obj = get_post_type_object( $request['type'] ); … … 92 122 } 93 123 94 124 /** 95 * Prepare a post type object for serialization 125 * Prepares a post type object for serialization. 126 * 127 * @since 4.7.0 128 * @access public 96 129 * 97 * @param stdClass $post_type Post type data98 * @param WP_REST_Request $request 99 * @return WP_REST_Response $response 130 * @param stdClass $post_type Post type data. 131 * @param WP_REST_Request $request Full details about the request. 132 * @return WP_REST_Response $response Response object. 100 133 */ 101 134 public function prepare_item_for_response( $post_type, $request ) { 102 135 $data = array( … … 125 158 ) ); 126 159 127 160 /** 128 * Filter a post type returned from the API.161 * Filters a post type returned from the API. 129 162 * 130 163 * Allows modification of the post type data right before it is returned. 131 164 * 165 * @since 4.7.0 166 * 132 167 * @param WP_REST_Response $response The response object. 133 168 * @param object $item The original post type object. 134 169 * @param WP_REST_Request $request Request used to generate the response. … … 137 172 } 138 173 139 174 /** 140 * Get the Post type's schema, conforming to JSON Schema 175 * Gets the Post type's schema, conforming to JSON Schema. 176 * 177 * @since 4.7.0 178 * @access public 141 179 * 142 180 * @return array 143 181 */ … … 189 227 } 190 228 191 229 /** 192 * Get the query params for collections 230 * Gets the query params for collections. 231 * 232 * @since 4.7.0 233 * @access public 193 234 * 194 235 * @return array 195 236 */ -
src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php
1 1 <?php 2 2 /** 3 * REST API: WP_REST_Posts_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 9 10 /** 11 * Core class to access posts via REST API. 12 * 13 * @since 4.7.0 14 */ 3 15 class WP_REST_Posts_Controller extends WP_REST_Controller { 4 16 5 17 /** 6 18 * Post type. 7 19 * 20 * @since 4.7.0 8 21 * @access protected 9 22 * @var string 10 23 */ … … 13 26 /** 14 27 * Instance of a post meta fields object. 15 28 * 29 * @since 4.7.0 16 30 * @access protected 17 31 * @var WP_REST_Post_Meta_Fields 18 32 */ … … 21 35 /** 22 36 * Constructor. 23 37 * 38 * @since 4.7.0 39 * @access public 40 * 24 41 * @param string $post_type Post type. 25 42 */ 26 43 public function __construct( $post_type ) { … … 33 50 } 34 51 35 52 /** 36 * Register the routes for the objects of the controller. 53 * Registers the routes for the objects of the controller. 54 * 55 * @since 4.7.0 56 * @access public 37 57 */ 38 58 public function register_routes() { 39 59 … … 52 72 ), 53 73 'schema' => array( $this, 'get_public_item_schema' ), 54 74 ) ); 75 55 76 register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P<id>[\d]+)', array( 56 77 array( 57 78 'methods' => WP_REST_Server::READABLE, … … 86 107 } 87 108 88 109 /** 89 * Check if a given request has access to read /posts. 110 * Checks if a given request has access to read /posts. 111 * 112 * @since 4.7.0 113 * @access public 90 114 * 91 115 * @param WP_REST_Request $request Full details about the request. 92 * @return WP_Error|bool ean116 * @return WP_Error|bool True if the request has read access, error object otherwise. 93 117 */ 94 118 public function get_items_permissions_check( $request ) { 95 119 … … 103 127 } 104 128 105 129 /** 106 * Get a collection of posts. 130 * Gets a collection of posts. 131 * 132 * @since 4.7.0 133 * @access public 107 134 * 108 135 * @param WP_REST_Request $request Full details about the request. 109 * @return WP_Error|WP_REST_Response 136 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 110 137 */ 111 138 public function get_items( $request ) { 112 139 … … 192 219 $args['post_type'] = $this->post_type; 193 220 194 221 /** 195 * Filter the query arguments for a request.222 * Filters the query arguments for a request. 196 223 * 197 224 * Enables adding extra arguments or setting defaults for a post 198 225 * collection request. 199 226 * 227 * @since 4.7.0 228 * 200 229 * @see https://developer.wordpress.org/reference/classes/wp_query/ 201 230 * 202 231 * @param array $args Key value array of query var to query value. … … 291 320 } 292 321 293 322 /** 294 * Check if a given request has access to read a post. 323 * Checks if a given request has access to read a post. 324 * 325 * @since 4.7.0 326 * @access public 295 327 * 296 328 * @param WP_REST_Request $request Full details about the request. 297 * @return WP_Error|bool ean329 * @return WP_Error|bool True if the request has read access for the item, error object otherwise. 298 330 */ 299 331 public function get_item_permissions_check( $request ) { 300 332 … … 324 356 } 325 357 326 358 /** 327 * C an the user access password-protected content?359 * Checks if the user can access password-protected content. 328 360 * 329 361 * This method determines whether we need to override the regular password 330 362 * check in core with a filter. 331 363 * 364 * @since 4.7.0 365 * @access protected 366 * 332 367 * @param WP_Post $post Post to check against. 333 368 * @param WP_REST_Request $request Request data to check. 334 369 * @return bool True if the user can access password-protected content, false otherwise. … … 354 389 } 355 390 356 391 /** 357 * Get a single post. 392 * Gets a single post. 393 * 394 * @since 4.7.0 395 * @access public 358 396 * 359 397 * @param WP_REST_Request $request Full details about the request. 360 * @return WP_Error|WP_REST_Response 398 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 361 399 */ 362 400 public function get_item( $request ) { 363 401 $id = (int) $request['id']; … … 378 416 } 379 417 380 418 /** 381 * Check if a given request has access to create a post. 419 * Checks if a given request has access to create a post. 420 * 421 * @since 4.7.0 422 * @access public 382 423 * 383 424 * @param WP_REST_Request $request Full details about the request. 384 * @return WP_Error|bool ean425 * @return WP_Error|bool True if the request has access to create items, error object otherwise. 385 426 */ 386 427 public function create_item_permissions_check( $request ) { 387 428 … … 402 443 } 403 444 404 445 /** 405 * Create a single post. 446 * Creates a single post. 447 * 448 * @since 4.7.0 449 * @access public 406 450 * 407 451 * @param WP_REST_Request $request Full details about the request. 408 * @return WP_Error|WP_REST_Response 452 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 409 453 */ 410 454 public function create_item( $request ) { 411 455 if ( ! empty( $request['id'] ) ) { … … 473 517 /** 474 518 * Fires after a single post is created or updated via the REST API. 475 519 * 520 * @since 4.7.0 521 * 476 522 * @param object $post Inserted Post object (not a WP_Post object). 477 523 * @param WP_REST_Request $request Request object. 478 * @param bool ean$creating True when creating post, false when updating.524 * @param bool $creating True when creating post, false when updating. 479 525 */ 480 526 do_action( "rest_insert_{$this->post_type}", $post, $request, true ); 481 527 … … 489 535 } 490 536 491 537 /** 492 * Check if a given request has access to update a post. 538 * Checks if a given request has access to update a post. 539 * 540 * @since 4.7.0 541 * @access public 493 542 * 494 543 * @param WP_REST_Request $request Full details about the request. 495 * @return WP_Error|bool ean544 * @return WP_Error|bool True if the request has access to update the item, error object otherwise. 496 545 */ 497 546 public function update_item_permissions_check( $request ) { 498 547 … … 515 564 } 516 565 517 566 /** 518 * Update a single post. 567 * Updates a single post. 568 * 569 * @since 4.7.0 570 * @access public 519 571 * 520 572 * @param WP_REST_Request $request Full details about the request. 521 * @return WP_Error|WP_REST_Response 573 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 522 574 */ 523 575 public function update_item( $request ) { 524 576 $id = (int) $request['id']; … … 593 645 } 594 646 595 647 /** 596 * Check if a given request has access to delete a post. 648 * Checks if a given request has access to delete a post. 649 * 650 * @since 4.7.0 651 * @access public 597 652 * 598 653 * @param WP_REST_Request $request Full details about the request. 599 * @return bool|WP_Error 654 * @return bool|WP_Error True if the request has access to delete the item, error object otherwise. 600 655 */ 601 656 public function delete_item_permissions_check( $request ) { 602 657 … … 610 665 } 611 666 612 667 /** 613 * Delete a single post. 668 * Deletes a single post. 669 * 670 * @since 4.7.0 671 * @access public 614 672 * 615 673 * @param WP_REST_Request $request Full details about the request. 616 * @return WP_REST_Response|WP_Error 674 * @return WP_REST_Response|WP_Error Response object on success, or error object on failure. 617 675 */ 618 676 public function delete_item( $request ) { 619 677 $id = (int) $request['id']; … … 635 693 * 636 694 * Return false to disable trash support for the post. 637 695 * 638 * @param boolean $supports_trash Whether the post type support trashing. 696 * @since 4.7.0 697 * 698 * @param bool $supports_trash Whether the post type support trashing. 639 699 * @param WP_Post $post The Post object being considered for trashing support. 640 700 */ 641 701 $supports_trash = apply_filters( "rest_{$this->post_type}_trashable", $supports_trash, $post ); … … 673 733 /** 674 734 * Fires after a single post is deleted or trashed via the REST API. 675 735 * 736 * @since 4.7.0 737 * 676 738 * @param object $post The deleted or trashed post. 677 739 * @param WP_REST_Response $response The response data. 678 740 * @param WP_REST_Request $request The request sent to the API. … … 683 745 } 684 746 685 747 /** 686 * Determine the allowed query_vars for a get_items() response and748 * Determines the allowed query_vars for a get_items() response and 687 749 * prepare for WP_Query. 688 750 * 751 * @since 4.7.0 752 * @access protected 753 * 689 754 * @param array $prepared_args Prepared WP_Query arguments. 690 755 * @param WP_REST_Request $request Full details about the request. 691 756 * @return array $query_args … … 701 766 * 702 767 * The dynamic portion of the hook name, $var, refers to the query_var key. 703 768 * 769 * @since 4.7.0 770 * 704 771 * @param mixed $prepared_args[ $var ] The query_var value. 705 772 */ 706 773 $query_args[ $var ] = apply_filters( "rest_query_var-{$var}", $prepared_args[ $var ] ); … … 719 786 } 720 787 721 788 /** 722 * Get all the WP Query vars that are allowed for the API request. 789 * Gets all the WP Query vars that are allowed for the API request. 790 * 791 * @since 4.7.0 792 * @access protected 723 793 * 724 794 * @param WP_REST_Request $request Full details about the request. 725 795 * @return array … … 728 798 global $wp; 729 799 730 800 /** 731 * Filter the publicly allowed query vars.801 * Filters the publicly allowed query vars. 732 802 * 733 803 * Allows adjusting of the default query vars that are made public. 734 804 * 805 * @since 4.7.0 806 * 735 807 * @param array Array of allowed WP_Query query vars. 736 808 */ 737 809 $valid_vars = apply_filters( 'query_vars', $wp->public_query_vars ); … … 739 811 $post_type_obj = get_post_type_object( $this->post_type ); 740 812 if ( current_user_can( $post_type_obj->cap->edit_posts ) ) { 741 813 /** 742 * Filter the allowed 'private' query vars for authorized users.814 * Filters the allowed 'private' query vars for authorized users. 743 815 * 744 816 * If the user has the `edit_posts` capability, we also allow use of 745 817 * private query parameters, which are only undesirable on the … … 748 820 * To disable anyway, use 749 821 * `add_filter( 'rest_private_query_vars', '__return_empty_array' );` 750 822 * 823 * @since 4.7.0 824 * 751 825 * @param array $private_query_vars Array of allowed query vars for authorized users. 752 * }753 826 */ 754 827 $private = apply_filters( 'rest_private_query_vars', $wp->private_query_vars ); 755 828 $valid_vars = array_merge( $valid_vars, $private ); … … 772 845 $valid_vars = array_merge( $valid_vars, $rest_valid ); 773 846 774 847 /** 775 * Filter allowed query vars for the REST API.848 * Filters allowed query vars for the REST API. 776 849 * 777 850 * This filter allows you to add or remove query vars from the final allowed 778 851 * list for all requests, including unauthenticated ones. To alter the 779 852 * vars for editors only, {@see rest_private_query_vars}. 780 853 * 854 * @since 4.7.0 855 * 781 856 * @param array { 782 857 * Array of allowed WP_Query query vars. 783 858 * … … 791 866 } 792 867 793 868 /** 794 * Check the post_date_gmt or modified_gmt and prepare any post or869 * Checks the post_date_gmt or modified_gmt and prepare any post or 795 870 * modified date for single post output. 796 871 * 872 * @since 4.7.0 873 * @access protected 874 * 797 875 * @param string $date_gmt GMT publication time. 798 876 * @param string|null $date Optional, default is null. Local publication time. 799 877 * @return string|null ISO8601/RFC3339 formatted datetime. … … 814 892 } 815 893 816 894 /** 817 * Prepare a single post for create or update. 895 * Prepares a single post for create or update. 896 * 897 * @since 4.7.0 898 * @access protected 818 899 * 819 900 * @param WP_REST_Request $request Request object. 820 901 * @return WP_Error|stdClass $prepared_post Post object. … … 951 1032 $prepared_post->ping_status = $request['ping_status']; 952 1033 } 953 1034 /** 954 * Filter a post before it is inserted via the REST API.1035 * Filters a post before it is inserted via the REST API. 955 1036 * 956 1037 * The dynamic portion of the hook name, $this->post_type, refers to post_type of the post being 957 1038 * prepared for insertion. 958 1039 * 1040 * @since 4.7.0 1041 * 959 1042 * @param stdClass $prepared_post An object representing a single post prepared 960 1043 * for inserting or updating the database. 961 1044 * @param WP_REST_Request $request Request object. … … 965 1048 } 966 1049 967 1050 /** 968 * Determine validity and normalize provided status param. 1051 * Determines validity and normalize provided status param. 1052 * 1053 * @since 4.7.0 1054 * @access protected 969 1055 * 970 1056 * @param string $post_status Post status. 971 1057 * @param object $post_type Post type. … … 999 1085 } 1000 1086 1001 1087 /** 1002 * Determine the featured media based on a request param. 1088 * Determines the featured media based on a request param. 1089 * 1090 * @since 4.7.0 1091 * @access protected 1003 1092 * 1004 1093 * @param int $featured_media Featured Media ID. 1005 1094 * @param int $post_id Post ID. … … 1022 1111 } 1023 1112 1024 1113 /** 1025 * Set the template for a page. 1114 * Sets the template for a page. 1115 * 1116 * @since 4.7.0 1117 * @access public 1026 1118 * 1027 1119 * @param string $template Page template filename. 1028 1120 * @param integer $post_id Post ID. … … 1036 1128 } 1037 1129 1038 1130 /** 1039 * Update the post's terms from a REST request. 1131 * Updates the post's terms from a REST request. 1132 * 1133 * @since 4.7.0 1134 * @access protected 1040 1135 * 1041 1136 * @param int $post_id The post ID to update the terms form. 1042 1137 * @param WP_REST_Request $request The request object with post and terms data. … … 1059 1154 } 1060 1155 1061 1156 /** 1062 * Check if a given post type should be viewed or managed. 1157 * Checks if a given post type should be viewed or managed. 1158 * 1159 * @since 4.7.0 1160 * @access protected 1063 1161 * 1064 1162 * @param object|string $post_type Post type name or object. 1065 * @return bool eanIs post type allowed?1163 * @return bool Is post type allowed? 1066 1164 */ 1067 1165 protected function check_is_post_type_allowed( $post_type ) { 1068 1166 if ( ! is_object( $post_type ) ) { … … 1077 1175 } 1078 1176 1079 1177 /** 1080 * Check if we can read a post.1178 * Checks if we can read a post. 1081 1179 * 1082 1180 * Correctly handles posts with the inherit status. 1083 1181 * 1182 * @since 4.7.0 1183 * @access public 1184 * 1084 1185 * @param object $post Post object. 1085 * @return bool eanCan we read it?1186 * @return bool Can we read it? 1086 1187 */ 1087 1188 public function check_read_permission( $post ) { 1088 1189 $post_type = get_post_type_object( $post->post_type ); … … 1116 1217 } 1117 1218 1118 1219 /** 1119 * Check if we can edit a post. 1220 * Checks if we can edit a post. 1221 * 1222 * @since 4.7.0 1223 * @access protected 1120 1224 * 1121 1225 * @param object $post Post object. 1122 * @return bool eanCan we edit it?1226 * @return bool Can we edit it? 1123 1227 */ 1124 1228 protected function check_update_permission( $post ) { 1125 1229 $post_type = get_post_type_object( $post->post_type ); … … 1132 1236 } 1133 1237 1134 1238 /** 1135 * Check if we can create a post. 1239 * Checks if we can create a post. 1240 * 1241 * @since 4.7.0 1242 * @access protected 1136 1243 * 1137 1244 * @param object $post Post object. 1138 * @return bool eanCan we create it?.1245 * @return bool Can we create it?. 1139 1246 */ 1140 1247 protected function check_create_permission( $post ) { 1141 1248 $post_type = get_post_type_object( $post->post_type ); … … 1148 1255 } 1149 1256 1150 1257 /** 1151 * Check if we can delete a post. 1258 * Checks if we can delete a post. 1259 * 1260 * @since 4.7.0 1261 * @access protected 1152 1262 * 1153 1263 * @param object $post Post object. 1154 * @return bool eanCan we delete it?1264 * @return bool Can we delete it? 1155 1265 */ 1156 1266 protected function check_delete_permission( $post ) { 1157 1267 $post_type = get_post_type_object( $post->post_type ); … … 1164 1274 } 1165 1275 1166 1276 /** 1167 * Prepare a single post output for response. 1277 * Prepares a single post output for response. 1278 * 1279 * @since 4.7.0 1280 * @access public 1168 1281 * 1169 1282 * @param WP_Post $post Post object. 1170 1283 * @param WP_REST_Request $request Request object. 1171 * @return WP_REST_Response $data 1284 * @return WP_REST_Response $data Response object. 1172 1285 */ 1173 1286 public function prepare_item_for_response( $post, $request ) { 1174 1287 $GLOBALS['post'] = $post; … … 1334 1447 $response->add_links( $this->prepare_links( $post ) ); 1335 1448 1336 1449 /** 1337 * Filter the post data for a response.1450 * Filters the post data for a response. 1338 1451 * 1339 1452 * The dynamic portion of the hook name, $this->post_type, refers to post_type of the post being 1340 1453 * prepared for the response. 1341 1454 * 1455 * @since 4.7.0 1456 * 1342 1457 * @param WP_REST_Response $response The response object. 1343 1458 * @param WP_Post $post Post object. 1344 1459 * @param WP_REST_Request $request Request object. … … 1347 1462 } 1348 1463 1349 1464 /** 1350 * Overwrite the default protected title format.1465 * Overwrites the default protected title format. 1351 1466 * 1352 1467 * By default WordPress will show password protected posts with a title of 1353 1468 * "Protected: %s", as the REST API communicates the protected status of a post … … 1360 1475 } 1361 1476 1362 1477 /** 1363 * Prepare links for the request. 1478 * Prepares links for the request. 1479 * 1480 * @since 4.7.0 1481 * @access protected 1364 1482 * 1365 1483 * @param WP_Post $post Post object. 1366 1484 * @return array Links for the given post. … … 1457 1575 } 1458 1576 1459 1577 /** 1460 * Get the Post's schema, conforming to JSON Schema. 1578 * Gets the Post's schema, conforming to JSON Schema. 1579 * 1580 * @since 4.7.0 1581 * @access public 1461 1582 * 1462 1583 * @return array 1463 1584 */ … … 1467 1588 '$schema' => 'http://json-schema.org/draft-04/schema#', 1468 1589 'title' => $this->post_type, 1469 1590 'type' => 'object', 1470 /* 1471 * Base properties for every Post. 1472 */ 1591 // Base properties for every Post. 1473 1592 'properties' => array( 1474 1593 'date' => array( 1475 1594 'description' => __( "The date the object was published, in the site's timezone." ), … … 1786 1905 } 1787 1906 1788 1907 /** 1789 * Get the query params for collections of attachments. 1908 * Gets the query params for collections of attachments. 1909 * 1910 * @since 4.7.0 1911 * @access public 1790 1912 * 1791 1913 * @return array 1792 1914 */ … … 1926 2048 } 1927 2049 1928 2050 /** 1929 * Validate whether the user can query private statuses. 2051 * Validates whether the user can query private statuses. 2052 * 2053 * @since 4.7.0 2054 * @access public 1930 2055 * 1931 2056 * @param mixed $value Post status. 1932 2057 * @param WP_REST_Request $request Full details about the request. 1933 * @param string $parameter 1934 * @return WP_Error|bool ean2058 * @param string $parameter Additional parameter to pass to validation. 2059 * @return WP_Error|bool 1935 2060 */ 1936 2061 public function validate_user_can_query_private_statuses( $value, $request, $parameter ) { 1937 2062 if ( 'publish' === $value ) { -
src/wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php
1 1 <?php 2 2 /** 3 * REST API: WP_REST_Revisions_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 9 10 /** 11 * Core class to access revisions via REST API. 12 * 13 * @since 4.7.0 14 */ 3 15 class WP_REST_Revisions_Controller extends WP_REST_Controller { 4 16 17 /** 18 * Parent post type. 19 * 20 * @since 4.7.0 21 * @access private 22 * @var string 23 */ 5 24 private $parent_post_type; 25 26 /** 27 * Parent controller. 28 * 29 * @since 4.7.0 30 * @access private 31 * @var WP_REST_Controller 32 */ 6 33 private $parent_controller; 34 35 /** 36 * The base of the parent controller's route. 37 * 38 * @since 4.7.0 39 * @access private 40 * @var string 41 */ 7 42 private $parent_base; 8 43 44 /** 45 * Constructor. 46 * 47 * @since 4.7.0 48 * @access public 49 * 50 * @param string $parent_post_type Post type of the parent. 51 */ 9 52 public function __construct( $parent_post_type ) { 10 53 $this->parent_post_type = $parent_post_type; 11 54 $this->parent_controller = new WP_REST_Posts_Controller( $parent_post_type ); … … 16 59 } 17 60 18 61 /** 19 * Register routes for revisions based on post types supporting revisions62 * Registers routes for revisions based on post types supporting revisions. 20 63 * 64 * @since 4.7.0 21 65 * @access public 22 66 */ 23 67 public function register_routes() { … … 52 96 } 53 97 54 98 /** 55 * Check if a given request has access to get revisions99 * Checks if a given request has access to get revisions. 56 100 * 101 * @since 4.7.0 57 102 * @access public 58 103 * 59 104 * @param WP_REST_Request $request Full data about the request. 60 * @return WP_Error|bool ean105 * @return WP_Error|bool True if the request has read access, error object otherwise. 61 106 */ 62 107 public function get_items_permissions_check( $request ) { 63 108 … … 74 119 } 75 120 76 121 /** 77 * Get a collection of revisions122 * Gets a collection of revisions. 78 123 * 124 * @since 4.7.0 79 125 * @access public 80 126 * 81 127 * @param WP_REST_Request $request Full data about the request. 82 * @return WP_Error|WP_REST_Response 128 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 83 129 */ 84 130 public function get_items( $request ) { 85 131 … … 99 145 } 100 146 101 147 /** 102 * Check if a given request has access to get a specific revision148 * Checks if a given request has access to get a specific revision. 103 149 * 150 * @since 4.7.0 104 151 * @access public 105 152 * 106 153 * @param WP_REST_Request $request Full data about the request. 107 * @return WP_Error|bool ean154 * @return WP_Error|bool True if the request has read access for the item, error object otherwise. 108 155 */ 109 156 public function get_item_permissions_check( $request ) { 110 157 return $this->get_items_permissions_check( $request ); 111 158 } 112 159 113 160 /** 114 * Get one revision from the collection161 * Gets one revision from the collection. 115 162 * 163 * @since 4.7.0 116 164 * @access public 117 165 * 118 166 * @param WP_REST_Request $request Full data about the request. 119 * @return WP_Error| array167 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 120 168 */ 121 169 public function get_item( $request ) { 122 170 … … 135 183 } 136 184 137 185 /** 138 * Check if a given request has access to delete a revision186 * Checks if a given request has access to delete a revision. 139 187 * 188 * @since 4.7.0 140 189 * @access public 141 190 * 142 191 * @param WP_REST_Request $request Full details about the request. 143 * @return WP_Error|bool ean192 * @return WP_Error|bool True if the request has access to delete the item, error object otherwise. 144 193 */ 145 194 public function delete_item_permissions_check( $request ) { 146 195 … … 158 207 } 159 208 160 209 /** 161 * Delete a single revision210 * Deletes a single revision. 162 211 * 212 * @since 4.7.0 163 213 * @access public 164 214 * 165 215 * @param WP_REST_Request $request Full details about the request. 166 * @return WP_Error|bool ean216 * @return WP_Error|bool True on success, or error object on failure. 167 217 */ 168 218 public function delete_item( $request ) { 169 219 $result = wp_delete_post( $request['id'], true ); … … 171 221 /** 172 222 * Fires after a revision is deleted via the REST API. 173 223 * 224 * @since 4.7.0 225 * 174 226 * @param (mixed) $result The revision object (if it was deleted or moved to the trash successfully) 175 227 * or false (failure). If the revision was moved to to the trash, $result represents 176 228 * its new state; if it was deleted, $result represents its state before deletion. … … 186 238 } 187 239 188 240 /** 189 * Prepare the revision for the REST response241 * Prepares the revision for the REST response. 190 242 * 243 * @since 4.7.0 191 244 * @access public 192 245 * 193 246 * @param WP_Post $post Post revision object. 194 247 * @param WP_REST_Request $request Request object. 195 * @return WP_REST_Response $response 248 * @return WP_REST_Response $response Response object. 196 249 */ 197 250 public function prepare_item_for_response( $post, $request ) { 198 251 … … 273 326 } 274 327 275 328 /** 276 * Filter a revision returned from the API.329 * Filters a revision returned from the API. 277 330 * 278 331 * Allows modification of the revision right before it is returned. 279 332 * 333 * @since 4.7.0 334 * 280 335 * @param WP_REST_Response $response The response object. 281 336 * @param WP_Post $post The original revision object. 282 337 * @param WP_REST_Request $request Request used to generate the response. … … 285 340 } 286 341 287 342 /** 288 * Check the post_date_gmt or modified_gmt and prepare any post or343 * Checks the post_date_gmt or modified_gmt and prepare any post or 289 344 * modified date for single post output. 290 345 * 346 * @since 4.7.0 291 347 * @access protected 292 348 * 293 349 * @param string $date_gmt GMT publication time. … … 307 363 } 308 364 309 365 /** 310 * Get the revision's schema, conforming to JSON Schema366 * Gets the revision's schema, conforming to JSON Schema. 311 367 * 368 * @since 4.7.0 312 369 * @access public 313 370 * 314 371 * @return array … … 318 375 '$schema' => 'http://json-schema.org/draft-04/schema#', 319 376 'title' => "{$this->parent_post_type}-revision", 320 377 'type' => 'object', 321 /* 322 * Base properties for every Revision 323 */ 378 // Base properties for every Revision. 324 379 'properties' => array( 325 380 'author' => array( 326 381 'description' => __( 'The id for the author of the object.' ), … … 393 448 } 394 449 395 450 /** 396 * Get the query params for collections451 * Gets the query params for collections. 397 452 * 453 * @since 4.7.0 398 454 * @access public 399 455 * 400 456 * @return array … … 406 462 } 407 463 408 464 /** 409 * Check the post excerpt and prepare it for single post output.465 * Checks the post excerpt and prepare it for single post output. 410 466 * 467 * @since 4.7.0 411 468 * @access protected 412 469 * 413 470 * @param string $excerpt The post excerpt. -
src/wp-includes/rest-api/endpoints/class-wp-rest-settings-controller.php
1 1 <?php 2 /** 3 * REST API: WP_REST_Settings_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 2 9 3 10 /** 4 * Manage a WordPress site's settings. 11 * Core class to access a WordPress site's settings via REST API. 12 * 13 * @since 4.7.0 5 14 */ 6 15 class WP_REST_Settings_Controller extends WP_REST_Controller { 7 16 … … 18 27 19 28 /** 20 29 * Register the routes for the objects of the controller. 30 * 31 * @since 4.7.0 32 * @access public 21 33 */ 22 34 public function register_routes() { 35 23 36 register_rest_route( $this->namespace, '/' . $this->rest_base, array( 24 37 array( 25 38 'methods' => WP_REST_Server::READABLE, … … 35 48 ), 36 49 'schema' => array( $this, 'get_public_item_schema' ), 37 50 ) ); 51 38 52 } 39 53 40 54 /** 41 * Check if a given request has access to read and manage settings. 55 * Checks if a given request has access to read and manage settings. 56 * 57 * @since 4.7.0 58 * @access public 42 59 * 43 60 * @param WP_REST_Request $request Full details about the request. 44 * @return bool ean61 * @return bool True if the request has read access for the item, false otherwise. 45 62 */ 46 63 public function get_item_permissions_check( $request ) { 47 64 return current_user_can( 'manage_options' ); 48 65 } 49 66 50 67 /** 51 * Get the settings. 68 * Gets the settings. 69 * 70 * @since 4.7.0 71 * @access public 52 72 * 53 73 * @param WP_REST_Request $request Full details about the request. 54 * @return WP_Error|array 74 * @return WP_Error|array Array on success, or error object on failure. 55 75 */ 56 76 public function get_item( $request ) { 57 77 $options = $this->get_registered_options(); … … 88 108 } 89 109 90 110 /** 91 * Prepare a value for output based off a schema array. 111 * Prepares a value for output based off a schema array. 112 * 113 * @since 4.7.0 114 * @access protected 92 115 * 93 * @param mixed $value 94 * @param array $schema 95 * @return mixed 116 * @param mixed $value Value to prepare. 117 * @param array $schema Schema to match. 118 * @return mixed The prepared value. 96 119 */ 97 120 protected function prepare_value( $value, $schema ) { 98 121 // If the value is not a scalar, it's not possible to cast it to … … 114 137 } 115 138 116 139 /** 117 * Update settings for the settings object. 140 * Updates settings for the settings object. 141 * 142 * @since 4.7.0 143 * @access public 118 144 * 119 145 * @param WP_REST_Request $request Full detail about the request. 120 * @return WP_Error|array 146 * @return WP_Error|array Array on success, or error object on failure. 121 147 */ 122 148 public function update_item( $request ) { 123 149 $options = $this->get_registered_options(); … … 136 162 * 137 163 * @since 4.7.0 138 164 * 139 * @param bool ean$result Whether to override the default behavior for updating the165 * @param bool $result Whether to override the default behavior for updating the 140 166 * value of a setting. 141 167 * @param string $name Setting name (as shown in REST API responses). 142 168 * @param mixed $value Updated setting value. … … 180 206 } 181 207 182 208 /** 183 * Get all the registered options for the Settings API209 * Gets all the registered options for the Settings API. 184 210 * 185 * @return array 211 * @since 4.7.0 212 * @access protected 213 * 214 * @return array Array of registered options. 186 215 */ 187 216 protected function get_registered_options() { 188 217 $rest_options = array(); … … 230 259 } 231 260 232 261 /** 233 * Get the site setting schema, conforming to JSON Schema. 262 * Gets the site setting schema, conforming to JSON Schema. 263 * 264 * @since 4.7.0 265 * @access public 234 266 * 235 267 * @return array 236 268 */ -
src/wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php
1 1 <?php 2 2 /** 3 * REST API: WP_REST_Taxonomies_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 9 10 /** 11 * Core class to access taxonomies via REST API. 12 * 13 * @since 4.7.0 14 */ 3 15 class WP_REST_Taxonomies_Controller extends WP_REST_Controller { 4 16 17 /** 18 * Constructor. 19 * 20 * @since 4.7.0 21 * @access public 22 */ 5 23 public function __construct() { 6 24 $this->namespace = 'wp/v2'; 7 25 $this->rest_base = 'taxonomies'; 8 26 } 9 27 10 28 /** 11 * Register the routes for the objects of the controller. 29 * Registers the routes for the objects of the controller. 30 * 31 * @since 4.7.0 32 * @access public 12 33 */ 13 34 public function register_routes() { 14 35 … … 36 57 } 37 58 38 59 /** 39 * Check whether a given request has permission to read taxonomies. 60 * Checks whether a given request has permission to read taxonomies. 61 * 62 * @since 4.7.0 63 * @access public 40 64 * 41 65 * @param WP_REST_Request $request Full details about the request. 42 * @return WP_Error|bool ean66 * @return WP_Error|bool True if the request has read access, error object otherwise. 43 67 */ 44 68 public function get_items_permissions_check( $request ) { 45 69 if ( 'edit' === $request['context'] ) { … … 59 83 } 60 84 61 85 /** 62 * Get all public taxonomies86 * Gets all public taxonomies. 63 87 * 64 * @param WP_REST_Request $request 65 * @return array 88 * @since 4.7.0 89 * @access public 90 * 91 * @param WP_REST_Request $request Full details about the request. 92 * @return WP_REST_Response Response object on success, or error object on failure. 66 93 */ 67 94 public function get_items( $request ) { 68 95 … … 93 120 } 94 121 95 122 /** 96 * Check if a given request has access a taxonomy 123 * Checks if a given request has access a taxonomy. 124 * 125 * @since 4.7.0 126 * @access public 97 127 * 98 128 * @param WP_REST_Request $request Full details about the request. 99 * @return WP_Error|bool ean129 * @return WP_Error|bool True if the request has read access for the item, false or error object otherwise. 100 130 */ 101 131 public function get_item_permissions_check( $request ) { 102 132 … … 115 145 } 116 146 117 147 /** 118 * Get a specific taxonomy148 * Gets a specific taxonomy. 119 149 * 120 * @param WP_REST_Request $request 121 * @return array|WP_Error 150 * @since 4.7.0 151 * @access public 152 * 153 * @param WP_REST_Request $request Full details about the request. 154 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 122 155 */ 123 156 public function get_item( $request ) { 124 157 $tax_obj = get_taxonomy( $request['taxonomy'] ); … … 130 163 } 131 164 132 165 /** 133 * Prepare a taxonomy object for serialization 166 * Prepares a taxonomy object for serialization. 167 * 168 * @since 4.7.0 169 * @access public 134 170 * 135 * @param stdClass $taxonomy Taxonomy data136 * @param WP_REST_Request $request 137 * @return WP_REST_Response $response 171 * @param stdClass $taxonomy Taxonomy data. 172 * @param WP_REST_Request $request Full details about the request. 173 * @return WP_REST_Response $response Response object. 138 174 */ 139 175 public function prepare_item_for_response( $taxonomy, $request ) { 140 176 … … 167 203 ) ); 168 204 169 205 /** 170 * Filter a taxonomy returned from the API.206 * Filters a taxonomy returned from the API. 171 207 * 172 208 * Allows modification of the taxonomy data right before it is returned. 173 209 * 210 * @since 4.7.0 211 * 174 212 * @param WP_REST_Response $response The response object. 175 213 * @param object $item The original taxonomy object. 176 214 * @param WP_REST_Request $request Request used to generate the response. … … 179 217 } 180 218 181 219 /** 182 * Get the taxonomy's schema, conforming to JSON Schema 220 * Gets the taxonomy's schema, conforming to JSON Schema. 221 * 222 * @since 4.7.0 223 * @access public 183 224 * 184 225 * @return array 185 226 */ … … 243 284 } 244 285 245 286 /** 246 * Get the query params for collections 287 * Gets the query params for collections. 288 * 289 * @since 4.7.0 290 * @access public 247 291 * 248 292 * @return array 249 293 */ -
src/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php
1 1 <?php 2 /** 3 * REST API: WP_REST_Terms_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 2 9 3 10 /** 4 * Access terms associated with a taxonomy. 11 * Core class to access terms associated with a taxonomy via REST API. 12 * 13 * @since 4.7.0 5 14 */ 6 15 class WP_REST_Terms_Controller extends WP_REST_Controller { 7 16 8 17 /** 9 18 * Taxonomy key. 10 19 * 20 * @since 4.7.0 11 21 * @access protected 12 22 * @var string 13 23 */ … … 16 26 /** 17 27 * Instance of a term meta fields object. 18 28 * 29 * @since 4.7.0 19 30 * @access protected 20 31 * @var WP_REST_Term_Meta_Fields 21 32 */ … … 24 35 /** 25 36 * Column to have the terms be sorted by. 26 37 * 38 * @since 4.7.0 27 39 * @access protected 28 40 * @var string 29 41 */ … … 32 44 /** 33 45 * Number of terms that were found. 34 46 * 47 * @since 4.7.0 35 48 * @access protected 36 49 * @var int 37 50 */ … … 40 53 /** 41 54 * Constructor. 42 55 * 56 * @since 4.7.0 57 * @access public 58 * 43 59 * @param string $taxonomy Taxonomy key. 44 60 */ 45 61 public function __construct( $taxonomy ) { … … 53 69 54 70 /** 55 71 * Registers the routes for the objects of the controller. 72 * 73 * @since 4.7.0 74 * @access public 56 75 */ 57 76 public function register_routes() { 58 77 … … 71 90 ), 72 91 'schema' => array( $this, 'get_public_item_schema' ), 73 92 ) ); 93 74 94 register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P<id>[\d]+)', array( 75 95 array( 76 96 'methods' => WP_REST_Server::READABLE, … … 104 124 /** 105 125 * Checks if a request has access to read terms in the specified taxonomy. 106 126 * 127 * @since 4.7.0 128 * @access public 129 * 107 130 * @param WP_REST_Request $request Full details about the request. 108 * @return WP_Error|bool ean131 * @return WP_Error|bool True if the request has read access, false or error object otherwise. 109 132 */ 110 133 public function get_items_permissions_check( $request ) { 111 134 $tax_obj = get_taxonomy( $this->taxonomy ); … … 121 144 /** 122 145 * Gets terms associated with a taxonomy. 123 146 * 147 * @since 4.7.0 148 * @access public 149 * 124 150 * @param WP_REST_Request $request Full details about the request. 125 * @return WP_ REST_Response|WP_Error151 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 126 152 */ 127 153 public function get_items( $request ) { 128 154 … … 180 206 * Enables adding extra arguments or setting defaults for a terms 181 207 * collection request. 182 208 * 209 * @since 4.7.0 210 * 183 211 * @see https://developer.wordpress.org/reference/functions/get_terms/ 184 212 * 185 213 * @param array $prepared_args Array of arguments to be … … 201 229 unset( $count_args['number'], $count_args['offset'] ); 202 230 $total_terms = wp_count_terms( $this->taxonomy, $count_args ); 203 231 204 // wp_count_terms can return a falsy value when the term has no children 232 // wp_count_terms can return a falsy value when the term has no children. 205 233 if ( ! $total_terms ) { 206 234 $total_terms = 0; 207 235 } … … 243 271 /** 244 272 * Checks if a request has access to read the specified term. 245 273 * 274 * @since 4.7.0 275 * @access public 276 * 246 277 * @param WP_REST_Request $request Full details about the request. 247 * @return WP_Error|bool ean278 * @return WP_Error|bool True if the request has read access for the item, false or error object otherwise. 248 279 */ 249 280 public function get_item_permissions_check( $request ) { 250 281 $tax_obj = get_taxonomy( $this->taxonomy ); … … 260 291 /** 261 292 * Gets a single term from a taxonomy. 262 293 * 263 * @param WP_REST_Request $request Full details about the request 264 * @return WP_REST_Request|WP_Error 294 * @since 4.7.0 295 * @access public 296 * 297 * @param WP_REST_Request $request Full details about the request. 298 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 265 299 */ 266 300 public function get_item( $request ) { 267 301 … … 281 315 /** 282 316 * Checks if a request has access to create a term. 283 317 * 318 * @since 4.7.0 319 * @access public 320 * 284 321 * @param WP_REST_Request $request Full details about the request. 285 * @return WP_Error|bool ean322 * @return WP_Error|bool True if the request has access to create items, false or error object otherwise. 286 323 */ 287 324 public function create_item_permissions_check( $request ) { 288 325 … … 301 338 /** 302 339 * Creates a single term in a taxonomy. 303 340 * 304 * @param WP_REST_Request $request Full details about the request 305 * @return WP_REST_Request|WP_Error 341 * @since 4.7.0 342 * @access public 343 * 344 * @param WP_REST_Request $request Full details about the request. 345 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 306 346 */ 307 347 public function create_item( $request ) { 308 348 if ( isset( $request['parent'] ) ) { … … 321 361 322 362 $term = wp_insert_term( $prepared_term->name, $this->taxonomy, $prepared_term ); 323 363 if ( is_wp_error( $term ) ) { 324 325 364 /* 326 365 * If we're going to inform the client that the term already exists, 327 366 * give them the identifier for future use. … … 339 378 /** 340 379 * Fires after a single term is created or updated via the REST API. 341 380 * 381 * @since 4.7.0 382 * 342 383 * @param WP_Term $term Inserted Term object. 343 384 * @param WP_REST_Request $request Request object. 344 * @param bool ean$creating True when creating term, false when updating.385 * @param bool $creating True when creating term, false when updating. 345 386 */ 346 387 do_action( "rest_insert_{$this->taxonomy}", $term, $request, true ); 347 388 … … 369 410 /** 370 411 * Checks if a request has access to update the specified term. 371 412 * 413 * @since 4.7.0 414 * @access public 415 * 372 416 * @param WP_REST_Request $request Full details about the request. 373 * @return WP_Error|bool ean417 * @return WP_Error|bool True if the request has access to update the item, false or error object otherwise. 374 418 */ 375 419 public function update_item_permissions_check( $request ) { 376 420 … … 393 437 /** 394 438 * Updates a single term from a taxonomy. 395 439 * 396 * @param WP_REST_Request $request Full details about the request 397 * @return WP_REST_Request|WP_Error 440 * @since 4.7.0 441 * @access public 442 * 443 * @param WP_REST_Request $request Full details about the request. 444 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 398 445 */ 399 446 public function update_item( $request ) { 400 447 if ( isset( $request['parent'] ) ) { … … 447 494 /** 448 495 * Checks if a request has access to delete the specified term. 449 496 * 497 * @since 4.7.0 498 * @access public 499 * 450 500 * @param WP_REST_Request $request Full details about the request. 451 * @return WP_Error|bool ean501 * @return WP_Error|bool True if the request has access to delete the item, false or error object otherwise. 452 502 */ 453 503 public function delete_item_permissions_check( $request ) { 454 504 if ( ! $this->check_is_taxonomy_allowed( $this->taxonomy ) ) { … … 468 518 /** 469 519 * Deletes a single term from a taxonomy. 470 520 * 471 * @param WP_REST_Request $request Full details about the request 472 * @return WP_REST_Response|WP_Error 521 * @since 4.7.0 522 * @access public 523 * 524 * @param WP_REST_Request $request Full details about the request. 525 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 473 526 */ 474 527 public function delete_item( $request ) { 475 528 … … 492 545 /** 493 546 * Fires after a single term is deleted via the REST API. 494 547 * 548 * @since 4.7.0 549 * 495 550 * @param WP_Term $term The deleted term. 496 551 * @param WP_REST_Response $response The response data. 497 552 * @param WP_REST_Request $request The request sent to the API. … … 504 559 /** 505 560 * Prepares a single term for create or update. 506 561 * 562 * @since 4.7.0 563 * @access public 564 * 507 565 * @param WP_REST_Request $request Request object. 508 566 * @return object $prepared_term Term object. 509 567 */ … … 541 599 /** 542 600 * Filters term data before inserting term via the REST API. 543 601 * 602 * @since 4.7.0 603 * 544 604 * @param object $prepared_term Term object. 545 605 * @param WP_REST_Request $request Request object. 546 606 */ … … 550 610 /** 551 611 * Prepares a single term output for response. 552 612 * 613 * @since 4.7.0 614 * @access public 615 * 553 616 * @param obj $item Term object. 554 617 * @param WP_REST_Request $request Request object. 555 * @return WP_REST_Response $response 618 * @return WP_REST_Response $response Response object. 556 619 */ 557 620 public function prepare_item_for_response( $item, $request ) { 558 621 … … 599 662 * 600 663 * Allows modification of the term data right before it is returned. 601 664 * 665 * @since 4.7.0 666 * 602 667 * @param WP_REST_Response $response The response object. 603 668 * @param object $item The original term object. 604 669 * @param WP_REST_Request $request Request used to generate the response. … … 609 674 /** 610 675 * Prepares links for the request. 611 676 * 677 * @since 4.7.0 678 * @access protected 679 * 612 680 * @param object $term Term object. 613 681 * @return array Links for the given term. 614 682 */ … … 662 730 /** 663 731 * Gets the term's schema, conforming to JSON Schema. 664 732 * 733 * @since 4.7.0 734 * @access public 735 * 665 736 * @return array 666 737 */ 667 738 public function get_item_schema() { … … 739 810 /** 740 811 * Gets the query params for collections. 741 812 * 813 * @since 4.7.0 814 * @access public 815 * 742 816 * @return array 743 817 */ 744 818 public function get_collection_params() { … … 826 900 /** 827 901 * Checks that the taxonomy is valid. 828 902 * 903 * @since 4.7.0 904 * @access protected 905 * 829 906 * @param string $taxonomy Taxonomy to check. 830 * @return WP_Error|bool ean907 * @return WP_Error|bool 831 908 */ 832 909 protected function check_is_taxonomy_allowed( $taxonomy ) { 833 910 $taxonomy_obj = get_taxonomy( $taxonomy ); -
src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
1 1 <?php 2 /** 3 * REST API: WP_REST_Users_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 2 9 3 10 /** 4 * Access users 11 * Core class to access users via REST API. 12 * 13 * @since 4.7.0 5 14 */ 6 15 class WP_REST_Users_Controller extends WP_REST_Controller { 7 16 8 17 /** 9 18 * Instance of a user meta fields object. 10 19 * 20 * @since 4.7.0 11 21 * @access protected 12 22 * @var WP_REST_User_Meta_Fields 13 23 */ 14 24 protected $meta; 15 25 26 /** 27 * Constructor. 28 * 29 * @since 4.7.0 30 * @access public 31 */ 16 32 public function __construct() { 17 33 $this->namespace = 'wp/v2'; 18 34 $this->rest_base = 'users'; … … 21 37 } 22 38 23 39 /** 24 * Register the routes for the objects of the controller. 40 * Registers the routes for the objects of the controller. 41 * 42 * @since 4.7.0 43 * @access public 25 44 */ 26 45 public function register_routes() { 27 46 … … 40 59 ), 41 60 'schema' => array( $this, 'get_public_item_schema' ), 42 61 ) ); 62 43 63 register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P<id>[\d]+)', array( 44 64 array( 45 65 'methods' => WP_REST_Server::READABLE, … … 83 103 /** 84 104 * Permissions check for getting all users. 85 105 * 106 * @since 4.7.0 107 * @access public 108 * 86 109 * @param WP_REST_Request $request Full details about the request. 87 * @return WP_Error|bool ean110 * @return WP_Error|bool True if the request has read access, error object otherwise. 88 111 */ 89 112 public function get_items_permissions_check( $request ) { 90 113 // Check if roles is specified in GET request and if user can list users. … … 104 127 } 105 128 106 129 /** 107 * Get all users 130 * Gets all users. 131 * 132 * @since 4.7.0 133 * @access public 108 134 * 109 135 * @param WP_REST_Request $request Full details about the request. 110 * @return WP_Error|WP_REST_Response 136 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 111 137 */ 112 138 public function get_items( $request ) { 113 139 … … 172 198 /** 173 199 * Filter arguments, before passing to WP_User_Query, when querying users via the REST API. 174 200 * 201 * @since 4.7.0 202 * 175 203 * @see https://developer.wordpress.org/reference/classes/wp_user_query/ 176 204 * 177 205 * @param array $prepared_args Array of arguments for WP_User_Query. … … 197 225 198 226 $total_users = $query->get_total(); 199 227 if ( $total_users < 1 ) { 200 // Out-of-bounds, run the query again without LIMIT for total count 228 // Out-of-bounds, run the query again without LIMIT for total count. 201 229 unset( $prepared_args['number'], $prepared_args['offset'] ); 202 230 $count_query = new WP_User_Query( $prepared_args ); 203 231 $total_users = $count_query->get_total(); … … 225 253 } 226 254 227 255 /** 228 * Check if a given request has access to read a user 256 * Checks if a given request has access to read a user. 257 * 258 * @since 4.7.0 259 * @access public 229 260 * 230 261 * @param WP_REST_Request $request Full details about the request. 231 * @return WP_Error|bool ean262 * @return WP_Error|bool True if the request has read access for the item, error object otherwise. 232 263 */ 233 264 public function get_item_permissions_check( $request ) { 234 265 … … 254 285 } 255 286 256 287 /** 257 * Get a single user 288 * Gets a single user. 289 * 290 * @since 4.7.0 291 * @access public 258 292 * 259 293 * @param WP_REST_Request $request Full details about the request. 260 * @return WP_Error|WP_REST_Response 294 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 261 295 */ 262 296 public function get_item( $request ) { 263 297 $id = (int) $request['id']; … … 274 308 } 275 309 276 310 /** 277 * Get the current user 311 * Gets the current user. 312 * 313 * @since 4.7.0 314 * @access public 278 315 * 279 316 * @param WP_REST_Request $request Full details about the request. 280 * @return WP_Error|WP_REST_Response 317 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 281 318 */ 282 319 public function get_current_item( $request ) { 283 320 $current_user_id = get_current_user_id(); … … 295 332 } 296 333 297 334 /** 298 * Check if a given request has access create users 335 * Checks if a given request has access create users. 336 * 337 * @since 4.7.0 338 * @access public 299 339 * 300 340 * @param WP_REST_Request $request Full details about the request. 301 * @return WP_Error|bool ean341 * @return WP_Error|bool True if the request has access to create items, error object otherwise. 302 342 */ 303 343 public function create_item_permissions_check( $request ) { 304 344 … … 310 350 } 311 351 312 352 /** 313 * Create a single user 353 * Creates a single user. 354 * 355 * @since 4.7.0 356 * @access public 314 357 * 315 358 * @param WP_REST_Request $request Full details about the request. 316 * @return WP_Error|WP_REST_Response 359 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 317 360 */ 318 361 public function create_item( $request ) { 319 362 if ( ! empty( $request['id'] ) ) { … … 375 418 /** 376 419 * Fires after a user is created or updated via the REST API. 377 420 * 421 * @since 4.7.0 422 * 378 423 * @param WP_User $user Data used to create the user. 379 424 * @param WP_REST_Request $request Request object. 380 * @param bool ean$creating True when creating user, false when updating user.425 * @param bool $creating True when creating user, false when updating user. 381 426 */ 382 427 do_action( 'rest_insert_user', $user, $request, true ); 383 428 … … 391 436 } 392 437 393 438 /** 394 * Check if a given request has access update a user 439 * Checks if a given request has access update a user. 440 * 441 * @since 4.7.0 442 * @access public 395 443 * 396 444 * @param WP_REST_Request $request Full details about the request. 397 * @return WP_Error|bool ean445 * @return WP_Error|bool True if the request has access to update the item, error object otherwise. 398 446 */ 399 447 public function update_item_permissions_check( $request ) { 400 448 … … 412 460 } 413 461 414 462 /** 415 * Update a single user 463 * Updates a single user. 464 * 465 * @since 4.7.0 466 * @access public 416 467 * 417 468 * @param WP_REST_Request $request Full details about the request. 418 * @return WP_Error|WP_REST_Response 469 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 419 470 */ 420 471 public function update_item( $request ) { 421 472 $id = (int) $request['id']; … … 446 497 447 498 $user = $this->prepare_item_for_database( $request ); 448 499 449 // Ensure we're operating on the same user we already checked 500 // Ensure we're operating on the same user we already checked. 450 501 $user->ID = $id; 451 502 452 503 $user_id = wp_update_user( $user ); … … 482 533 } 483 534 484 535 /** 485 * Check if a given request has access delete a user 536 * Checks if a given request has access delete a user. 537 * 538 * @since 4.7.0 539 * @access public 486 540 * 487 541 * @param WP_REST_Request $request Full details about the request. 488 * @return WP_Error|bool ean542 * @return WP_Error|bool True if the request has access to delete the item, error object otherwise. 489 543 */ 490 544 public function delete_item_permissions_check( $request ) { 491 545 … … 499 553 } 500 554 501 555 /** 502 * Delete a single user 556 * Deletes a single user. 557 * 558 * @since 4.7.0 559 * @access public 503 560 * 504 561 * @param WP_REST_Request $request Full details about the request. 505 * @return WP_Error|WP_REST_Response 562 * @return WP_Error|WP_REST_Response Response object on success, or error object on failure. 506 563 */ 507 564 public function delete_item( $request ) { 508 565 $id = (int) $request['id']; 509 566 $reassign = isset( $request['reassign'] ) ? absint( $request['reassign'] ) : null; 510 567 $force = isset( $request['force'] ) ? (bool) $request['force'] : false; 511 568 512 // We don't support trashing for this type, error out 569 // We don't support trashing for this type, error out. 513 570 if ( ! $force ) { 514 571 return new WP_Error( 'rest_trash_not_supported', __( 'Users do not support trashing.' ), array( 'status' => 501 ) ); 515 572 } … … 540 597 /** 541 598 * Fires after a user is deleted via the REST API. 542 599 * 600 * @since 4.7.0 601 * 543 602 * @param WP_User $user The user data. 544 603 * @param WP_REST_Response $response The response returned from the API. 545 604 * @param WP_REST_Request $request The request sent to the API. … … 550 609 } 551 610 552 611 /** 553 * Prepare a single user output for response612 * Prepares a single user output for response. 554 613 * 555 * @param object $user User object. 614 * @since 4.7.0 615 * @access public 616 * 617 * @param object $user User object. 556 618 * @param WP_REST_Request $request Request object. 557 * @return WP_REST_Response $response Response data.619 * @return WP_REST_Response $response Response object. 558 620 */ 559 621 public function prepare_item_for_response( $user, $request ) { 560 622 … … 634 696 $data = $this->add_additional_fields_to_object( $data, $request ); 635 697 $data = $this->filter_response_by_context( $data, $context ); 636 698 637 // Wrap the data in a response object 699 // Wrap the data in a response object. 638 700 $response = rest_ensure_response( $data ); 639 701 640 702 $response->add_links( $this->prepare_links( $user ) ); 641 703 642 704 /** 643 * Filter user data returned from the REST API. 705 * Filters user data returned from the REST API. 706 * 707 * @since 4.7.0 644 708 * 645 709 * @param WP_REST_Response $response The response object. 646 710 * @param object $user User object used to create response. … … 650 714 } 651 715 652 716 /** 653 * Prepare links for the request. 717 * Prepares links for the request. 718 * 719 * @since 4.7.0 720 * @access protected 654 721 * 655 722 * @param WP_Post $user User object. 656 723 * @return array Links for the given user. … … 669 736 } 670 737 671 738 /** 672 * Prepare a single user for create or update 739 * Prepares a single user for create or update. 740 * 741 * @since 4.7.0 742 * @access protected 673 743 * 674 744 * @param WP_REST_Request $request Request object. 675 745 * @return object $prepared_user User object. … … 723 793 } 724 794 725 795 /** 726 * Filter user data before inserting user via the REST API. 796 * Filters user data before inserting user via the REST API. 797 * 798 * @since 4.7.0 727 799 * 728 800 * @param object $prepared_user User object. 729 801 * @param WP_REST_Request $request Request object. … … 732 804 } 733 805 734 806 /** 735 * Determine if the current user is allowed to make the desired roles change. 807 * Determines if the current user is allowed to make the desired roles change. 808 * 809 * @since 4.7.0 810 * @access protected 736 811 * 737 812 * @param integer $user_id User ID. 738 813 * @param array $roles New user roles. 739 * @return WP_Error|bool ean814 * @return WP_Error|bool 740 815 */ 741 816 protected function check_role_update( $user_id, $roles ) { 742 817 global $wp_roles; … … 754 829 return new WP_Error( 'rest_user_invalid_role', __( 'You cannot give resource that role.' ), array( 'status' => rest_authorization_required_code() ) ); 755 830 } 756 831 757 // The new role must be editable by the logged-in user.758 759 832 /** Include admin functions to get access to get_editable_roles() */ 760 833 require_once ABSPATH . 'wp-admin/includes/admin.php'; 761 834 835 // The new role must be editable by the logged-in user. 762 836 $editable_roles = get_editable_roles(); 763 837 if ( empty( $editable_roles[ $role ] ) ) { 764 838 return new WP_Error( 'rest_user_invalid_role', __( 'You cannot give resource that role.' ), array( 'status' => 403 ) ); … … 770 844 } 771 845 772 846 /** 773 * Get the User's schema, conforming to JSON Schema 847 * Gets the User's schema, conforming to JSON Schema. 848 * 849 * @since 4.7.0 850 * @access public 774 851 * 775 852 * @return array 776 853 */ … … 878 955 'password' => array( 879 956 'description' => __( 'Password for the resource (never included).' ), 880 957 'type' => 'string', 881 'context' => array(), // Password is never displayed 958 'context' => array(), // Password is never displayed. 882 959 'required' => true, 883 960 ), 884 961 'capabilities' => array( … … 924 1001 } 925 1002 926 1003 /** 927 * Get the query params for collections 1004 * Gets the query params for collections. 1005 * 1006 * @since 4.7.0 1007 * @access public 928 1008 * 929 1009 * @return array 930 1010 */ -
src/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php
1 1 <?php 2 /** 3 * REST API: WP_REST_Meta_Fields class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 2 9 3 10 /** 4 * Manage meta values for an object. 11 * Core class to manage meta values for an object via REST API. 12 * 13 * @since 4.7.0 5 14 */ 6 15 abstract class WP_REST_Meta_Fields { 7 16 8 17 /** 9 * Get the object type for meta. 18 * Gets the object type for meta. 19 * 20 * @since 4.7.0 21 * @access protected 10 22 * 11 23 * @return string One of 'post', 'comment', 'term', 'user', or anything 12 24 * else supported by `_get_meta_table()`. … … 14 26 abstract protected function get_meta_type(); 15 27 16 28 /** 17 * Get the object type for `register_rest_field`. 29 * Gets the object type for `register_rest_field`. 30 * 31 * @since 4.7.0 32 * @access protected 18 33 * 19 * @return string Custom post type, 'taxonomy', 'comment', or `user`.34 * @return string The REST field type, such as post type name, taxonomy name, 'comment', or `user`. 20 35 */ 21 36 abstract protected function get_rest_field_type(); 22 37 23 38 /** 24 * Register the meta field. 39 * Registers the meta field. 40 * 41 * @since 4.7.0 42 * @access public 25 43 */ 26 44 public function register_field() { 27 45 register_rest_field( $this->get_rest_field_type(), 'meta', array( … … 32 50 } 33 51 34 52 /** 35 * Get the `meta` field value. 53 * Gets the `meta` field value. 54 * 55 * @since 4.7.0 56 * @access public 36 57 * 37 58 * @param int $object_id Object ID to fetch meta for. 38 59 * @param WP_REST_Request $request Full details about the request. … … 65 86 } 66 87 67 88 /** 68 * Prepare value for response.89 * Prepares value for response. 69 90 * 70 91 * This is required because some native types cannot be stored correctly in 71 92 * the database, such as booleans. We need to cast back to the relevant 72 93 * type before passing back to JSON. 73 94 * 95 * @since 4.7.0 96 * @access protected 97 * 74 98 * @param mixed $value Value to prepare. 75 99 * @param WP_REST_Request $request Current request object. 76 100 * @param array $args Options for the field. … … 85 109 } 86 110 87 111 /** 88 * Update meta values. 112 * Updates meta values. 113 * 114 * @since 4.7.0 115 * @access public 89 116 * 90 117 * @param WP_REST_Request $request Full details about the request. 91 118 * @param int $object_id Object ID to fetch meta for. … … 118 145 } 119 146 120 147 /** 121 * Delete meta value for an object. 148 * Deletes meta value for an object. 149 * 150 * @since 4.7.0 151 * @access protected 122 152 * 123 153 * @param int $object_id Object ID the field belongs to. 124 154 * @param string $name Key for the field. … … 145 175 } 146 176 147 177 /** 148 * Update multiple meta values for an object.178 * Updates multiple meta values for an object. 149 179 * 150 180 * Alters the list of values in the database to match the list of provided values. 151 181 * 182 * @since 4.7.0 183 * @access protected 184 * 152 185 * @param int $object_id Object ID to update. 153 186 * @param string $name Key for the custom field. 154 187 * @param array $values List of values to update to. … … 209 242 } 210 243 211 244 /** 212 * Update meta value for an object. 245 * Updates meta value for an object. 246 * 247 * @since 4.7.0 248 * @access protected 213 249 * 214 250 * @param int $object_id Object ID to update. 215 251 * @param string $name Key for the custom field. … … 249 285 } 250 286 251 287 /** 252 * Get all the registered meta fields. 288 * Gets all the registered meta fields. 289 * 290 * @since 4.7.0 291 * @access protected 253 292 * 254 293 * @return array 255 294 */ … … 303 342 } 304 343 305 344 /** 306 * Get the object's `meta` schema, conforming to JSON Schema. 345 * Gets the object's `meta` schema, conforming to JSON Schema. 346 * 347 * @since 4.7.0 348 * @access protected 307 349 * 308 350 * @return array 309 351 */ … … 325 367 } 326 368 327 369 /** 328 * Prepare a meta value for output.370 * Prepares a meta value for output. 329 371 * 330 372 * Default preparation for meta fields. Override by passing the 331 373 * `prepare_callback` in your `show_in_rest` options. 332 374 * 375 * @since 4.7.0 376 * @access public 377 * 333 378 * @param mixed $value Meta value from the database. 334 379 * @param WP_REST_Request $request Request object. 335 380 * @param array $args REST-specific options for the meta key. -
src/wp-includes/rest-api/fields/class-wp-rest-post-meta-fields.php
1 1 <?php 2 /** 3 * REST API: WP_REST_Post_Meta_Fields class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 2 9 10 /** 11 * Core class to manage meta values for posts via REST API. 12 * 13 * @since 4.7.0 14 */ 3 15 class WP_REST_Post_Meta_Fields extends WP_REST_Meta_Fields { 16 4 17 /** 5 18 * Post type to register fields for. 6 19 * 20 * @since 4.7.0 21 * @access protected 7 22 * @var string 8 23 */ 9 24 protected $post_type; … … 11 26 /** 12 27 * Constructor. 13 28 * 29 * @since 4.7.0 30 * @access public 31 * 14 32 * @param string $post_type Post type to register fields for. 15 33 */ 16 34 public function __construct( $post_type ) { … … 18 36 } 19 37 20 38 /** 21 * Get the object type for meta.39 * Gets the object type for meta. 22 40 * 23 * @return string 41 * @since 4.7.0 42 * @access protected 43 * 44 * @return string The meta type. 24 45 */ 25 46 protected function get_meta_type() { 26 47 return 'post'; 27 48 } 28 49 29 50 /** 30 * Get the type for `register_rest_field`. 51 * Gets the type for `register_rest_field`. 52 * 53 * @since 4.7.0 54 * @access public 31 55 * 32 * @return string Custom post type slug.56 * @return string The REST field type. 33 57 */ 34 58 public function get_rest_field_type() { 35 59 return $this->post_type; -
src/wp-includes/rest-api/fields/class-wp-rest-term-meta-fields.php
1 1 <?php 2 /** 3 * REST API: WP_REST_Term_Meta_Fields class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 2 9 3 10 /** 4 * Manage meta values for terms. 11 * Core class to manage meta values for terms via REST API. 12 * 13 * @since 4.7.0 5 14 */ 6 15 class WP_REST_Term_Meta_Fields extends WP_REST_Meta_Fields { 16 7 17 /** 8 18 * Taxonomy to register fields for. 9 19 * 20 * @since 4.7.0 21 * @access protected 10 22 * @var string 11 23 */ 12 24 protected $taxonomy; 25 13 26 /** 14 27 * Constructor. 15 28 * 29 * @since 4.7.0 30 * @access public 31 * 16 32 * @param string $taxonomy Taxonomy to register fields for. 17 33 */ 18 34 public function __construct( $taxonomy ) { … … 20 36 } 21 37 22 38 /** 23 * Get the object type for meta. 39 * Gets the object type for meta. 40 * 41 * @since 4.7.0 42 * @access protected 24 43 * 25 * @return string 44 * @return string The meta type. 26 45 */ 27 46 protected function get_meta_type() { 28 47 return 'term'; 29 48 } 30 49 31 50 /** 32 * Get the type for `register_rest_field`. 51 * Gets the type for `register_rest_field`. 52 * 53 * @since 4.7.0 54 * @access public 33 55 * 34 * @return string 56 * @return string The REST field type. 35 57 */ 36 58 public function get_rest_field_type() { 37 59 return 'post_tag' === $this->taxonomy ? 'tag' : $this->taxonomy; -
src/wp-includes/rest-api/fields/class-wp-rest-user-meta-fields.php
1 1 <?php 2 /** 3 * REST API: WP_REST_User_Meta_Fields class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 2 9 10 /** 11 * Core class to manage meta values for users via REST API. 12 * 13 * @since 4.7.0 14 */ 3 15 class WP_REST_User_Meta_Fields extends WP_REST_Meta_Fields { 16 4 17 /** 5 * Get the object type for meta. 18 * Gets the object type for meta. 19 * 20 * @since 4.7.0 21 * @access protected 6 22 * 7 * @return string 23 * @return string The meta type. 8 24 */ 9 25 protected function get_meta_type() { 10 26 return 'user'; 11 27 } 12 28 13 29 /** 14 * Get the type for `register_rest_field`. 30 * Gets the type for `register_rest_field`. 31 * 32 * @since 4.7.0 33 * @access public 15 34 * 16 * @return string 35 * @return string The REST field type. 17 36 */ 18 37 public function get_rest_field_type() { 19 38 return 'user';