Changeset 38911 for trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php

Timestamp:

10/25/2016 05:12:18 PM (9 years ago)

Author:

joehoyle

Message:

REST API: Validate posts status enum

Currently we are using a different validate callback, so the enum is not interpretted. We just have to fallback to the result of rest_validate_request_arg in our custom wrapper function.

Fixes #38417.

File:

• trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php (modified) (1 diff)

trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php

@@ -1948 +1948 @@
     public function validate_user_can_query_private_statuses( $value, $request, $parameter ) {
         if ( 'publish' === $value ) {
-            return true;
+            return rest_validate_request_arg( $value, $request, $parameter );
         }
         $post_type_obj = get_post_type_object( $this->post_type );
         if ( current_user_can( $post_type_obj->cap->edit_posts ) ) {
-            return true;
+            return rest_validate_request_arg( $value, $request, $parameter );
         }
         return new WP_Error( 'rest_forbidden_status', __( 'Status is forbidden.' ), array( 'status' => rest_authorization_required_code() ) );