Ticket #38786: 38786.diff
| File 38786.diff, 10.9 KB (added by , 7 years ago) |
|---|
-
src/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php
66 66 $response = array(); 67 67 68 68 foreach ( $fields as $name => $args ) { 69 $all_values = get_metadata( $this->get_meta_type(), $object_id, $name, false ); 69 $meta_key = $args['name']; 70 if ( empty( $meta_key ) ) { 71 return new WP_Error( 'rest_cannot_get', sprintf( __( 'The %s field does not have a meta key.' ), $name ) ); 72 } 73 74 $all_values = get_metadata( $this->get_meta_type(), $object_id, $meta_key, false ); 70 75 if ( $args['single'] ) { 71 76 if ( empty( $all_values ) ) { 72 77 $value = $args['schema']['default']; … … 127 132 continue; 128 133 } 129 134 135 $meta_key = $args['name']; 136 if ( empty( $meta_key ) ) { 137 return new WP_Error( 'rest_cannot_get', sprintf( __( 'The %s field does not have a meta key.' ), $name ) ); 138 } 139 130 140 /* 131 141 * A null value means reset the field, which is essentially deleting it 132 142 * from the database and then relying on the default value. 133 143 */ 134 144 if ( is_null( $request[ $name ] ) ) { 135 $result = $this->delete_meta_value( $object_id, $ name );145 $result = $this->delete_meta_value( $object_id, $meta_key, $name ); 136 146 if ( is_wp_error( $result ) ) { 137 147 return $result; 138 148 } … … 148 158 $value = rest_sanitize_value_from_schema( $request[ $name ], $args['schema'] ); 149 159 150 160 if ( $args['single'] ) { 151 $result = $this->update_meta_value( $object_id, $ name, $value );161 $result = $this->update_meta_value( $object_id, $meta_key, $value, $name ); 152 162 } else { 153 $result = $this->update_multi_meta_value( $object_id, $ name, $value );163 $result = $this->update_multi_meta_value( $object_id, $meta_key, $value, $name ); 154 164 } 155 165 156 166 if ( is_wp_error( $result ) ) { … … 171 181 * @param string $name Key for the field. 172 182 * @return bool|WP_Error True if meta field is deleted, WP_Error otherwise. 173 183 */ 174 protected function delete_meta_value( $object_id, $ name ) {184 protected function delete_meta_value( $object_id, $meta_key, $name ) { 175 185 $meta_type = $this->get_meta_type(); 176 if ( ! current_user_can( "delete_{$meta_type}_meta", $object_id, $ name) ) {186 if ( ! current_user_can( "delete_{$meta_type}_meta", $object_id, $meta_key ) ) { 177 187 return new WP_Error( 178 188 'rest_cannot_delete', 179 189 sprintf( __( 'You do not have permission to edit the %s custom field.' ), $name ), … … 181 191 ); 182 192 } 183 193 184 if ( ! delete_metadata( $meta_type, $object_id, wp_slash( $ name) ) ) {194 if ( ! delete_metadata( $meta_type, $object_id, wp_slash( $meta_key ) ) ) { 185 195 return new WP_Error( 186 196 'rest_meta_database_error', 187 197 __( 'Could not delete meta value from database.' ), … … 205 215 * @param array $values List of values to update to. 206 216 * @return bool|WP_Error True if meta fields are updated, WP_Error otherwise. 207 217 */ 208 protected function update_multi_meta_value( $object_id, $ name, $values) {218 protected function update_multi_meta_value( $object_id, $meta_key, $values, $name ) { 209 219 $meta_type = $this->get_meta_type(); 210 if ( ! current_user_can( "edit_{$meta_type}_meta", $object_id, $ name) ) {220 if ( ! current_user_can( "edit_{$meta_type}_meta", $object_id, $meta_key ) ) { 211 221 return new WP_Error( 212 222 'rest_cannot_update', 213 223 sprintf( __( 'You do not have permission to edit the %s custom field.' ), $name ), … … 215 225 ); 216 226 } 217 227 218 $current = get_metadata( $meta_type, $object_id, $ name, false );228 $current = get_metadata( $meta_type, $object_id, $meta_key, false ); 219 229 220 230 $to_remove = $current; 221 231 $to_add = $values; … … 242 252 $to_remove = array_unique( $to_remove ); 243 253 244 254 foreach ( $to_remove as $value ) { 245 if ( ! delete_metadata( $meta_type, $object_id, wp_slash( $ name), wp_slash( $value ) ) ) {255 if ( ! delete_metadata( $meta_type, $object_id, wp_slash( $meta_key ), wp_slash( $value ) ) ) { 246 256 return new WP_Error( 247 257 'rest_meta_database_error', 248 258 __( 'Could not update meta value in database.' ), … … 252 262 } 253 263 254 264 foreach ( $to_add as $value ) { 255 if ( ! add_metadata( $meta_type, $object_id, wp_slash( $ name), wp_slash( $value ) ) ) {265 if ( ! add_metadata( $meta_type, $object_id, wp_slash( $meta_key ), wp_slash( $value ) ) ) { 256 266 return new WP_Error( 257 267 'rest_meta_database_error', 258 268 __( 'Could not update meta value in database.' ), … … 275 285 * @param mixed $value Updated value. 276 286 * @return bool|WP_Error True if the meta field was updated, WP_Error otherwise. 277 287 */ 278 protected function update_meta_value( $object_id, $ name, $value ) {288 protected function update_meta_value( $object_id, $meta_key, $value, $name ) { 279 289 $meta_type = $this->get_meta_type(); 280 if ( ! current_user_can( "edit_{$meta_type}_meta", $object_id, $name) ) {290 if ( ! current_user_can( "edit_{$meta_type}_meta", $object_id, $meta_key ) ) { 281 291 return new WP_Error( 282 292 'rest_cannot_update', 283 293 sprintf( __( 'You do not have permission to edit the %s custom field.' ), $name ), … … 285 295 ); 286 296 } 287 297 288 $meta_key = wp_slash( $ name);298 $meta_key = wp_slash( $meta_key ); 289 299 $meta_value = wp_slash( $value ); 290 300 291 301 // Do the exact same check for a duplicate value as in update_metadata() to avoid update_metadata() returning false. … … 330 340 $rest_args = $args['show_in_rest']; 331 341 } 332 342 343 $property_name = ( ! empty( $rest_args['name'] ) ) ? $rest_args['name'] : $name; 344 333 345 $default_args = array( 334 'name' => $name,335 346 'single' => $args['single'], 336 347 'type' => ! empty( $args['type'] ) ? $args['type'] : null, 337 348 'schema' => array(), … … 361 372 $rest_args['schema']['type'] = 'array'; 362 373 } 363 374 364 $registered[ $rest_args['name'] ] = $rest_args; 375 $rest_args['name'] = $name; 376 377 $registered[ $property_name ] = $rest_args; 365 378 } 366 379 367 380 return $registered; -
tests/phpunit/tests/rest-api/rest-post-meta-fields.php
79 79 'show_in_rest' => true, 80 80 )); 81 81 82 register_meta( 'post', 'test_custom_name', array( 83 'single' => true, 84 'type' => 'string', 85 'show_in_rest' => array( 86 'name' => 'new_name', 87 ), 88 )); 89 90 register_meta( 'post', 'test_custom_name_multi', array( 91 'single' => false, 92 'type' => 'string', 93 'show_in_rest' => array( 94 'name' => 'new_name_multi', 95 ), 96 )); 97 82 98 /** @var WP_REST_Server $wp_rest_server */ 83 99 global $wp_rest_server; 84 100 $this->server = $wp_rest_server = new Spy_REST_Server; … … 227 243 $this->assertSame( true, $meta['test_bool'] ); 228 244 } 229 245 246 public function test_get_value_custom_name() { 247 add_post_meta( self::$post_id, 'test_custom_name', 'janet' ); 248 249 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 250 $response = $this->server->dispatch( $request ); 251 252 $this->assertEquals( 200, $response->get_status() ); 253 254 $data = $response->get_data(); 255 $this->assertArrayHasKey( 'meta', $data ); 256 257 $meta = (array) $data['meta']; 258 $this->assertArrayHasKey( 'new_name', $meta ); 259 $this->assertEquals( 'janet', $meta['new_name'] ); 260 } 261 230 262 /** 231 263 * @depends test_get_value 232 264 */ … … 681 713 $this->assertContains( 8, $meta ); 682 714 } 683 715 716 /** 717 * @depends test_get_value_custom_name 718 */ 719 public function test_set_value_custom_name() { 720 // Ensure no data exists currently. 721 $values = get_post_meta( self::$post_id, 'test_custom_name', false ); 722 $this->assertEmpty( $values ); 723 724 $this->grant_write_permission(); 725 726 $data = array( 727 'meta' => array( 728 'new_name' => 'janet', 729 ), 730 ); 731 $request = new WP_REST_Request( 'POST', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 732 $request->set_body_params( $data ); 733 734 $response = $this->server->dispatch( $request ); 735 $this->assertEquals( 200, $response->get_status() ); 736 737 $meta = get_post_meta( self::$post_id, 'test_custom_name', false ); 738 $this->assertNotEmpty( $meta ); 739 $this->assertCount( 1, $meta ); 740 $this->assertEquals( 'janet', $meta[0] ); 741 742 $data = $response->get_data(); 743 $meta = (array) $data['meta']; 744 $this->assertArrayHasKey( 'new_name', $meta ); 745 $this->assertEquals( 'janet', $meta['new_name'] ); 746 } 747 748 public function test_set_value_custom_name_multiple() { 749 // Ensure no data exists currently. 750 $values = get_post_meta( self::$post_id, 'test_custom_name_multi', false ); 751 $this->assertEmpty( $values ); 752 753 $this->grant_write_permission(); 754 755 $data = array( 756 'meta' => array( 757 'new_name_multi' => array( 'janet' ), 758 ), 759 ); 760 $request = new WP_REST_Request( 'POST', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 761 $request->set_body_params( $data ); 762 763 $response = $this->server->dispatch( $request ); 764 $this->assertEquals( 200, $response->get_status() ); 765 766 $meta = get_post_meta( self::$post_id, 'test_custom_name_multi', false ); 767 $this->assertNotEmpty( $meta ); 768 $this->assertCount( 1, $meta ); 769 $this->assertEquals( 'janet', $meta[0] ); 770 771 // Add another value. 772 $data = array( 773 'meta' => array( 774 'new_name_multi' => array( 'janet', 'graeme' ), 775 ), 776 ); 777 $request->set_body_params( $data ); 778 779 $response = $this->server->dispatch( $request ); 780 $this->assertEquals( 200, $response->get_status() ); 781 782 $meta = get_post_meta( self::$post_id, 'test_custom_name_multi', false ); 783 $this->assertNotEmpty( $meta ); 784 $this->assertCount( 2, $meta ); 785 $this->assertContains( 'janet', $meta ); 786 $this->assertContains( 'graeme', $meta ); 787 } 788 684 789 public function test_remove_multi_value_db_error() { 685 790 add_post_meta( self::$post_id, 'test_multi', 'val1' ); 686 791 $values = get_post_meta( self::$post_id, 'test_multi', false ); … … 791 896 $this->assertErrorResponse( 'rest_meta_database_error', $response, 500 ); 792 897 } 793 898 899 public function test_delete_value_custom_name() { 900 add_post_meta( self::$post_id, 'test_custom_name', 'janet' ); 901 $current = get_post_meta( self::$post_id, 'test_custom_name', true ); 902 $this->assertEquals( 'janet', $current ); 903 904 $this->grant_write_permission(); 905 906 $data = array( 907 'meta' => array( 908 'new_name' => null, 909 ), 910 ); 911 $request = new WP_REST_Request( 'POST', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 912 $request->set_body_params( $data ); 913 914 $response = $this->server->dispatch( $request ); 915 $this->assertEquals( 200, $response->get_status() ); 916 917 $meta = get_post_meta( self::$post_id, 'test_custom_name', false ); 918 $this->assertEmpty( $meta ); 919 } 920 794 921 public function test_get_schema() { 795 922 $request = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 796 923 $response = $this->server->dispatch( $request );