Ticket #42785: 42785.3.diff
| File 42785.3.diff, 4.1 KB (added by , 7 years ago) |
|---|
-
src/wp-includes/class-wp-post-type.php
309 309 /** 310 310 * Whether this post type should appear in the REST API. 311 311 * 312 * Default false. If true, standard endpoints will be registered with313 * respect to $rest_base and $rest_controller_class.312 * Default true for public post types, and for logged in users. If true, standard endpoints 313 * will be registered with respect to $rest_base and $rest_controller_class. 314 314 * 315 315 * @since 4.7.4 316 316 * @var bool $show_in_rest … … 377 377 378 378 $has_edit_link = ! empty( $args['_edit_link'] ); 379 379 380 $show_in_rest_default = false; 381 382 if ( ! empty( $args['public'] ) || ! empty( $args['publicly_queryable'] ) ) { 383 $show_in_rest_default = true; 384 } 385 380 386 // Args prefixed with an underscore are reserved for internal use. 381 387 $defaults = array( 382 388 'labels' => array(), … … 402 408 'query_var' => true, 403 409 'can_export' => true, 404 410 'delete_with_user' => null, 405 'show_in_rest' => false,411 'show_in_rest' => $show_in_rest_default, 406 412 'rest_base' => false, 407 413 'rest_controller_class' => false, 408 414 '_builtin' => false, … … 413 419 414 420 $args['name'] = $this->name; 415 421 422 // Logged in users will see endpoints for all post types. 423 if ( function_exists( 'is_user_logged_in' ) && is_user_logged_in() ) { 424 $args['show_in_rest'] = true; 425 } 426 416 427 // If not set, default to the setting for public. 417 428 if ( null === $args['publicly_queryable'] ) { 418 429 $args['publicly_queryable'] = $args['public']; -
src/wp-includes/meta.php
1049 1049 $args = (array) $args; 1050 1050 } 1051 1051 1052 // Logged in users can see meta keys. 1053 if( is_user_logged_in() ) { 1054 $args['show_in_rest'] = true; 1055 } 1056 1052 1057 if ( is_callable( $deprecated ) ) { 1053 1058 $args['auth_callback'] = $deprecated; 1054 1059 $has_old_auth_cb = true; -
src/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php
342 342 343 343 foreach ( get_registered_meta_keys( $this->get_meta_type() ) as $name => $args ) { 344 344 if ( empty( $args['show_in_rest'] ) ) { 345 continue; 345 if ( is_user_logged_in() ) { 346 $args['show_in_rest'] = true; 347 } else { 348 continue; 349 } 346 350 } 347 351 348 352 $rest_args = array(); -
tests/phpunit/tests/rest-api/rest-post-meta-fields.php
197 197 /** 198 198 * @depends test_get_value 199 199 */ 200 public function test_get_registered_no_api_access() { 200 public function test_get_registered_no_api_access_logged_out() { 201 wp_set_current_user( 0 ); 201 202 add_post_meta( self::$post_id, 'test_no_rest', 'for_the_wicked' ); 202 203 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 203 204 … … 210 211 } 211 212 212 213 /** 214 * @depends test_get_value 215 */ 216 public function test_get_registered_no_api_access_logged_in() { 217 $this->grant_write_permission(); 218 219 add_post_meta( self::$post_id, 'test_no_rest', 'for_the_wicked' ); 220 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 221 222 $response = rest_get_server()->dispatch( $request ); 223 $this->assertEquals( 200, $response->get_status() ); 224 225 $data = $response->get_data(); 226 $meta = (array) $data['meta']; 227 $this->assertArrayHasKey( 'test_no_rest', $meta ); 228 } 229 230 /** 213 231 * @depends test_get_value 214 232 */ 215 233 public function test_get_registered_api_disabled() {