Ticket #42785: 42785.4.diff
| File 42785.4.diff, 9.7 KB (added by , 7 years ago) |
|---|
-
src/wp-includes/class-wp-post-type.php
309 309 /** 310 310 * Whether this post type should appear in the REST API. 311 311 * 312 * Default false. If true, standard endpoints will be registered with313 * respect to $rest_base and $rest_controller_class.312 * Default true for public post types, and for logged in users. If true, standard endpoints 313 * will be registered with respect to $rest_base and $rest_controller_class. 314 314 * 315 315 * @since 4.7.4 316 316 * @var bool $show_in_rest … … 377 377 378 378 $has_edit_link = ! empty( $args['_edit_link'] ); 379 379 380 $show_in_rest_default = false; 381 382 if ( ! empty( $args['public'] ) || ! empty( $args['publicly_queryable'] ) ) { 383 $show_in_rest_default = true; 384 } 385 380 386 // Args prefixed with an underscore are reserved for internal use. 381 387 $defaults = array( 382 388 'labels' => array(), … … 402 408 'query_var' => true, 403 409 'can_export' => true, 404 410 'delete_with_user' => null, 405 'show_in_rest' => false,411 'show_in_rest' => $show_in_rest_default, 406 412 'rest_base' => false, 407 413 'rest_controller_class' => false, 408 414 '_builtin' => false, … … 413 419 414 420 $args['name'] = $this->name; 415 421 422 // Logged in users will see endpoints for all post types. 423 if ( function_exists( 'is_user_logged_in' ) && is_user_logged_in() ) { 424 $args['show_in_rest'] = true; 425 } 426 416 427 // If not set, default to the setting for public. 417 428 if ( null === $args['publicly_queryable'] ) { 418 429 $args['publicly_queryable'] = $args['public']; -
src/wp-includes/class-wp-taxonomy.php
178 178 /** 179 179 * Whether this taxonomy should appear in the REST API. 180 180 * 181 * Default false. If true, standard endpoints will be registered with182 * respect to $rest_base and $rest_controller_class.181 * Default true for public taxonomies, and for logged in users. If true, standard endpoints 182 * will be registered with respect to $rest_base and $rest_controller_class. 183 183 * 184 184 * @since 4.7.4 185 185 * @var bool $show_in_rest … … 252 252 */ 253 253 $args = apply_filters( 'register_taxonomy_args', $args, $this->name, (array) $object_type ); 254 254 255 $show_in_rest_default = false; 256 257 if ( ! empty( $args['public'] ) || ! empty( $args['publicly_queryable'] ) ) { 258 $show_in_rest_default = true; 259 } 260 255 261 $defaults = array( 256 262 'labels' => array(), 257 263 'description' => '', … … 270 276 'rewrite' => true, 271 277 'query_var' => $this->name, 272 278 'update_count_callback' => '', 273 'show_in_rest' => false,279 'show_in_rest' => $show_in_rest_default, 274 280 'rest_base' => false, 275 281 'rest_controller_class' => false, 276 282 '_builtin' => false, … … 278 284 279 285 $args = array_merge( $defaults, $args ); 280 286 287 // Logged in users will see endpoints for all post types. 288 if ( function_exists( 'is_user_logged_in' ) && is_user_logged_in() ) { 289 $args['show_in_rest'] = true; 290 } 291 281 292 // If not set, default to the setting for public. 282 293 if ( null === $args['publicly_queryable'] ) { 283 294 $args['publicly_queryable'] = $args['public']; -
src/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php
342 342 343 343 foreach ( get_registered_meta_keys( $this->get_meta_type() ) as $name => $args ) { 344 344 if ( empty( $args['show_in_rest'] ) ) { 345 continue; 345 if ( isset( $args['show_in_rest'] ) && ! $args['show_in_rest'] && 0 === strpos( $name, '_' ) && ! is_user_logged_in() ) { 346 continue; 347 } 348 349 if ( is_user_logged_in() ) { 350 $args['show_in_rest'] = true; 351 } else { 352 continue; 353 } 346 354 } 347 355 348 356 $rest_args = array(); -
tests/phpunit/tests/rest-api/rest-post-meta-fields.php
120 120 ) 121 121 ); 122 122 123 register_meta( 'post', '_test_underscore', array() ); 124 125 register_meta( 'post', '_test_underscore_show', array( 126 'show_in_rest' => true, 127 ) ); 128 129 register_meta( 'post', '_test_underscore_dont_show', array( 130 'show_in_rest' => false, 131 ) ); 132 123 133 /** @var WP_REST_Server $wp_rest_server */ 124 134 global $wp_rest_server; 125 135 $wp_rest_server = new Spy_REST_Server; … … 197 207 /** 198 208 * @depends test_get_value 199 209 */ 200 public function test_get_registered_no_api_access() { 210 public function test_get_registered_no_api_access_logged_out() { 211 wp_set_current_user( 0 ); 201 212 add_post_meta( self::$post_id, 'test_no_rest', 'for_the_wicked' ); 202 213 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 203 214 … … 212 223 /** 213 224 * @depends test_get_value 214 225 */ 226 public function test_get_registered_no_api_access_logged_in() { 227 $this->grant_write_permission(); 228 229 add_post_meta( self::$post_id, 'test_no_rest', 'for_the_wicked' ); 230 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 231 232 $response = rest_get_server()->dispatch( $request ); 233 $this->assertEquals( 200, $response->get_status() ); 234 235 $data = $response->get_data(); 236 $meta = (array) $data['meta']; 237 $this->assertArrayHasKey( 'test_no_rest', $meta ); 238 } 239 240 /** 241 * @depends test_get_value 242 */ 215 243 public function test_get_registered_api_disabled() { 244 $this->grant_write_permission(); 245 216 246 add_post_meta( self::$post_id, 'test_rest_disabled', 'sleepless_nights' ); 217 247 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 218 248 … … 221 251 222 252 $data = $response->get_data(); 223 253 $meta = (array) $data['meta']; 224 $this->assertArrayNotHasKey( 'test_rest_disabled', $meta ); 254 $this->assertArrayHasKey( 'test_rest_disabled', $meta ); 255 } 256 257 /** 258 * @depends test_get_value 259 */ 260 public function test_get_registered_underscore_logged_out() { 261 wp_set_current_user( 0 ); 262 263 add_post_meta( self::$post_id, '_test_underscore', 'sleepless_nights' ); 264 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 265 266 $response = rest_get_server()->dispatch( $request ); 267 $this->assertEquals( 200, $response->get_status() ); 268 269 $data = $response->get_data(); 270 $meta = (array) $data['meta']; 271 $this->assertArrayNotHasKey( '_test_underscore', $meta ); 272 } 273 274 /** 275 * @depends test_get_value 276 */ 277 public function test_get_registered_underscore_logged_in() { 278 $this->grant_write_permission(); 279 280 add_post_meta( self::$post_id, '_test_underscore', 'sleepless_nights' ); 281 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 282 283 $response = rest_get_server()->dispatch( $request ); 284 $this->assertEquals( 200, $response->get_status() ); 285 286 $data = $response->get_data(); 287 $meta = (array) $data['meta']; 288 $this->assertArrayHasKey( '_test_underscore', $meta ); 289 } 290 291 /** 292 * @depends test_get_value 293 */ 294 public function test_get_registered_underscore_show_logged_out() { 295 wp_set_current_user( 0 ); 296 297 add_post_meta( self::$post_id, '_test_underscore_show', 'sleepless_nights' ); 298 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 299 300 $response = rest_get_server()->dispatch( $request ); 301 $this->assertEquals( 200, $response->get_status() ); 302 303 $data = $response->get_data(); 304 $meta = (array) $data['meta']; 305 $this->assertArrayHasKey( '_test_underscore_show', $meta ); 306 } 307 308 /** 309 * @depends test_get_value 310 */ 311 public function test_get_registered_underscore_show_logged_in() { 312 $this->grant_write_permission(); 313 314 add_post_meta( self::$post_id, '_test_underscore_show', 'sleepless_nights' ); 315 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 316 317 $response = rest_get_server()->dispatch( $request ); 318 $this->assertEquals( 200, $response->get_status() ); 319 320 $data = $response->get_data(); 321 $meta = (array) $data['meta']; 322 $this->assertArrayHasKey( '_test_underscore_show', $meta ); 323 } 324 325 /** 326 * @depends test_get_value 327 */ 328 public function test_get_registered_underscore_dont_show_logged_out() { 329 wp_set_current_user( 0 ); 330 331 add_post_meta( self::$post_id, '_test_underscore_dont_show', 'sleepless_nights' ); 332 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 333 334 $response = rest_get_server()->dispatch( $request ); 335 $this->assertEquals( 200, $response->get_status() ); 336 337 $data = $response->get_data(); 338 $meta = (array) $data['meta']; 339 $this->assertArrayNotHasKey( '_test_underscore_dont_show', $meta ); 340 } 341 342 /** 343 * @depends test_get_value 344 */ 345 public function test_get_registered_underscore_dont_show_logged_in() { 346 $this->grant_write_permission(); 347 348 add_post_meta( self::$post_id, '_test_underscore_dont_show', 'sleepless_nights' ); 349 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 350 351 $response = rest_get_server()->dispatch( $request ); 352 $this->assertEquals( 200, $response->get_status() ); 353 354 $data = $response->get_data(); 355 $meta = (array) $data['meta']; 356 $this->assertArrayNotHasKey( '_test_underscore_dont_show', $meta ); 225 357 } 226 358 227 359 public function test_get_value_types() {