817 | | protected function prepare_items_query( $prepared_args = array(), $request = null ) { |
818 | | |
819 | | $valid_vars = array_flip( $this->get_allowed_query_vars( $request ) ); |
820 | | $query_args = array(); |
821 | | |
822 | | foreach ( $valid_vars as $var => $index ) { |
823 | | if ( isset( $prepared_args[ $var ] ) ) { |
824 | | /** |
825 | | * Filters the query_vars used in get_items() for the constructed query. |
826 | | * |
827 | | * The dynamic portion of the hook name, `$var`, refers to the query_var key. |
828 | | * |
829 | | * @since 4.7.0 |
830 | | * |
831 | | * @param string $var The query_var value. |
832 | | */ |
833 | | $query_args[ $var ] = apply_filters( "rest_query_var-{$var}", $prepared_args[ $var ] ); |
834 | | } |
835 | | } |
836 | | |
| 817 | protected function prepare_items_query( $query_args = array(), $request = null ) { |
849 | | * Retrieves all of the WP Query vars that are allowed for the REST API request. |
850 | | * |
851 | | * @since 4.7.0 |
852 | | * @access protected |
853 | | * |
854 | | * @param WP_REST_Request $request Optional. Full details about the request. |
855 | | * @return array Allowed query variables. |
856 | | */ |
857 | | protected function get_allowed_query_vars( $request = null ) { |
858 | | global $wp; |
859 | | |
860 | | /** This filter is documented in wp-includes/class-wp.php */ |
861 | | $valid_vars = apply_filters( 'query_vars', $wp->public_query_vars ); |
862 | | |
863 | | $post_type_obj = get_post_type_object( $this->post_type ); |
864 | | if ( current_user_can( $post_type_obj->cap->edit_posts ) ) { |
865 | | /** |
866 | | * Filters the allowed 'private' query vars for authorized users. |
867 | | * |
868 | | * If the user has the `edit_posts` capability, we also allow use of |
869 | | * private query parameters, which are only undesirable on the |
870 | | * frontend, but are safe for use in query strings. |
871 | | * |
872 | | * To disable anyway, use |
873 | | * `add_filter( 'rest_private_query_vars', '__return_empty_array' );` |
874 | | * |
875 | | * @since 4.7.0 |
876 | | * |
877 | | * @param array $private_query_vars Array of allowed query vars for authorized users. |
878 | | */ |
879 | | $private = apply_filters( 'rest_private_query_vars', $wp->private_query_vars ); |
880 | | |
881 | | $valid_vars = array_merge( $valid_vars, $private ); |
882 | | } |
883 | | |
884 | | // Define our own in addition to WP's normal vars. |
885 | | $rest_valid = array( |
886 | | 'author__in', |
887 | | 'author__not_in', |
888 | | 'ignore_sticky_posts', |
889 | | 'menu_order', |
890 | | 'offset', |
891 | | 'post__in', |
892 | | 'post__not_in', |
893 | | 'post_parent', |
894 | | 'post_parent__in', |
895 | | 'post_parent__not_in', |
896 | | 'posts_per_page', |
897 | | 'date_query', |
898 | | 'post_name__in', |
899 | | ); |
900 | | |
901 | | $valid_vars = array_merge( $valid_vars, $rest_valid ); |
902 | | |
903 | | /** |
904 | | * Filters allowed query vars for the REST API. |
905 | | * |
906 | | * This filter allows you to add or remove query vars from the final allowed |
907 | | * list for all requests, including unauthenticated ones. To alter the |
908 | | * vars for editors only, see {@see 'rest_private_query_vars'}. |
909 | | * |
910 | | * @since 4.7.0 |
911 | | * |
912 | | * @param array { |
913 | | * Array of allowed WP_Query query vars. |
914 | | * |
915 | | * @param string $allowed_query_var The query var to allow. |
916 | | * @param WP_REST_Request $request Request object. |
917 | | * } |
918 | | */ |
919 | | $valid_vars = apply_filters( 'rest_query_vars', $valid_vars, $request ); |
920 | | |
921 | | return $valid_vars; |
922 | | } |
923 | | |
924 | | /** |
2198 | | return $params; |
| 2103 | /** |
| 2104 | * Filter collection parameters for the posts controller. |
| 2105 | * |
| 2106 | * The dynamic part of the filter `$this->post_type` refers to the post |
| 2107 | * type slug for the controller. |
| 2108 | * |
| 2109 | * This filter registers the collection parameter, but does not map the |
| 2110 | * collection parameter to an internal WP_Query parameter. Use the |
| 2111 | * `rest_{$this->post_type}_query` filter to set WP_Query parameters. |
| 2112 | * |
| 2113 | * @since 4.7.0 |
| 2114 | * |
| 2115 | * @param $params JSON Schema-formatted collection parameters. |
| 2116 | * @param WP_Post_Type $post_type_obj Post type object. |
| 2117 | */ |
| 2118 | return apply_filters( "rest_{$this->post_type}_collection_params", $params, $post_type_obj ); |