Changeset 39036
- Timestamp:
- 10/30/2016 06:51:30 PM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
r38990 r39036 1 1 <?php 2 3 2 /** 4 * Access users 3 * REST API: WP_REST_Users_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 9 10 /** 11 * Core class used to manage users via the REST API. 12 * 13 * @since 4.7.0 14 * 15 * @see WP_REST_Controller 5 16 */ 6 17 class WP_REST_Users_Controller extends WP_REST_Controller { … … 9 20 * Instance of a user meta fields object. 10 21 * 22 * @since 4.7.0 11 23 * @access protected 12 24 * @var WP_REST_User_Meta_Fields … … 14 26 protected $meta; 15 27 28 /** 29 * Constructor. 30 * 31 * @since 4.7.0 32 * @access public 33 */ 16 34 public function __construct() { 17 35 $this->namespace = 'wp/v2'; … … 22 40 23 41 /** 24 * Register the routes for the objects of the controller. 42 * Registers the routes for the objects of the controller. 43 * 44 * @since 4.7.0 45 * @access public 46 * 47 * @see register_rest_route() 25 48 */ 26 49 public function register_routes() { … … 28 51 register_rest_route( $this->namespace, '/' . $this->rest_base, array( 29 52 array( 30 'methods' => WP_REST_Server::READABLE,31 'callback' => array( $this, 'get_items' ),53 'methods' => WP_REST_Server::READABLE, 54 'callback' => array( $this, 'get_items' ), 32 55 'permission_callback' => array( $this, 'get_items_permissions_check' ), 33 'args' => $this->get_collection_params(),56 'args' => $this->get_collection_params(), 34 57 ), 35 58 array( 36 'methods' => WP_REST_Server::CREATABLE,37 'callback' => array( $this, 'create_item' ),59 'methods' => WP_REST_Server::CREATABLE, 60 'callback' => array( $this, 'create_item' ), 38 61 'permission_callback' => array( $this, 'create_item_permissions_check' ), 39 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::CREATABLE ),62 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::CREATABLE ), 40 63 ), 41 64 'schema' => array( $this, 'get_public_item_schema' ), 42 65 ) ); 66 43 67 register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P<id>[\d]+)', array( 44 68 array( 45 'methods' => WP_REST_Server::READABLE,46 'callback' => array( $this, 'get_item' ),69 'methods' => WP_REST_Server::READABLE, 70 'callback' => array( $this, 'get_item' ), 47 71 'permission_callback' => array( $this, 'get_item_permissions_check' ), 48 'args' => array(49 'context' 72 'args' => array( 73 'context' => $this->get_context_param( array( 'default' => 'view' ) ), 50 74 ), 51 75 ), 52 76 array( 53 'methods' => WP_REST_Server::EDITABLE,54 'callback' => array( $this, 'update_item' ),77 'methods' => WP_REST_Server::EDITABLE, 78 'callback' => array( $this, 'update_item' ), 55 79 'permission_callback' => array( $this, 'update_item_permissions_check' ), 56 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ),80 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ), 57 81 ), 58 82 array( 59 'methods' => WP_REST_Server::DELETABLE,60 'callback' => array( $this, 'delete_item' ),83 'methods' => WP_REST_Server::DELETABLE, 84 'callback' => array( $this, 'delete_item' ), 61 85 'permission_callback' => array( $this, 'delete_item_permissions_check' ), 62 'args' => array(86 'args' => array( 63 87 'force' => array( 64 88 'default' => false, … … 72 96 73 97 register_rest_route( $this->namespace, '/' . $this->rest_base . '/me', array( 74 'methods' 75 'callback' 76 'args' 77 'context' 98 'methods' => WP_REST_Server::READABLE, 99 'callback' => array( $this, 'get_current_item' ), 100 'args' => array( 101 'context' => array(), 78 102 ), 79 103 'schema' => array( $this, 'get_public_item_schema' ), … … 84 108 * Permissions check for getting all users. 85 109 * 110 * @since 4.7.0 111 * @access public 112 * 86 113 * @param WP_REST_Request $request Full details about the request. 87 * @return WP_Error|boolean114 * @return true|WP_Error True if the request has read access, otherwise WP_Error object. 88 115 */ 89 116 public function get_items_permissions_check( $request ) { … … 105 132 106 133 /** 107 * Get all users 134 * Retrieves all users. 135 * 136 * @since 4.7.0 137 * @access public 108 138 * 109 139 * @param WP_REST_Request $request Full details about the request. 110 * @return WP_ Error|WP_REST_Response140 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. 111 141 */ 112 142 public function get_items( $request ) { … … 115 145 $registered = $this->get_collection_params(); 116 146 117 // This array defines mappings between public API query parameters whose 118 // values are accepted as-passed, and their internal WP_Query parameter 119 // name equivalents (some are the same). Only values which are also 120 // present in $registered will be set. 147 /* 148 * This array defines mappings between public API query parameters whose 149 * values are accepted as-passed, and their internal WP_Query parameter 150 * name equivalents (some are the same). Only values which are also 151 * present in $registered will be set. 152 */ 121 153 $parameter_mappings = array( 122 154 'exclude' => 'exclude', … … 130 162 $prepared_args = array(); 131 163 132 // For each known parameter which is both registered and present in the request, 133 // set the parameter's value on the query $prepared_args. 164 /* 165 * For each known parameter which is both registered and present in the request, 166 * set the parameter's value on the query $prepared_args. 167 */ 134 168 foreach ( $parameter_mappings as $api_param => $wp_param ) { 135 169 if ( isset( $registered[ $api_param ], $request[ $api_param ] ) ) { … … 171 205 172 206 /** 173 * Filter arguments, before passing to WP_User_Query,when querying users via the REST API.207 * Filters WP_User_Query arguments when querying users via the REST API. 174 208 * 175 * @see https://developer.wordpress.org/reference/classes/wp_user_query/ 209 * @link https://developer.wordpress.org/reference/classes/wp_user_query/ 210 * 211 * @since 4.7.0 176 212 * 177 213 * @param array $prepared_args Array of arguments for WP_User_Query. … … 183 219 184 220 $users = array(); 221 185 222 foreach ( $query->results as $user ) { 186 223 $data = $this->prepare_item_for_response( $user, $request ); … … 192 229 // Store pagination values for headers then unset for count query. 193 230 $per_page = (int) $prepared_args['number']; 194 $page = ceil( ( ( (int) $prepared_args['offset'] ) / $per_page ) + 1 );231 $page = ceil( ( ( (int) $prepared_args['offset'] ) / $per_page ) + 1 ); 195 232 196 233 $prepared_args['fields'] = 'ID'; 197 234 198 235 $total_users = $query->get_total(); 236 199 237 if ( $total_users < 1 ) { 200 // Out-of-bounds, run the query again without LIMIT for total count 238 // Out-of-bounds, run the query again without LIMIT for total count. 201 239 unset( $prepared_args['number'], $prepared_args['offset'] ); 202 240 $count_query = new WP_User_Query( $prepared_args ); 203 241 $total_users = $count_query->get_total(); 204 242 } 243 205 244 $response->header( 'X-WP-Total', (int) $total_users ); 245 206 246 $max_pages = ceil( $total_users / $per_page ); 247 207 248 $response->header( 'X-WP-TotalPages', (int) $max_pages ); 208 249 … … 210 251 if ( $page > 1 ) { 211 252 $prev_page = $page - 1; 253 212 254 if ( $prev_page > $max_pages ) { 213 255 $prev_page = $max_pages; 214 256 } 257 215 258 $prev_link = add_query_arg( 'page', $prev_page, $base ); 216 259 $response->link_header( 'prev', $prev_link ); … … 219 262 $next_page = $page + 1; 220 263 $next_link = add_query_arg( 'page', $next_page, $base ); 264 221 265 $response->link_header( 'next', $next_link ); 222 266 } … … 226 270 227 271 /** 228 * Check if a given request has access to read a user 229 * 230 * @param WP_REST_Request $request Full details about the request. 231 * @return WP_Error|boolean 272 * Checks if a given request has access to read a user. 273 * 274 * @since 4.7.0 275 * @access public 276 * 277 * @param WP_REST_Request $request Full details about the request. 278 * @return true|WP_Error True if the request has read access for the item, otherwise WP_Error object. 232 279 */ 233 280 public function get_item_permissions_check( $request ) { … … 255 302 256 303 /** 257 * Get a single user 304 * Retrieves a single user. 305 * 306 * @since 4.7.0 307 * @access public 258 308 * 259 309 * @param WP_REST_Request $request Full details about the request. 260 * @return WP_ Error|WP_REST_Response310 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. 261 311 */ 262 312 public function get_item( $request ) { 263 $id = (int) $request['id'];313 $id = (int) $request['id']; 264 314 $user = get_userdata( $id ); 265 315 … … 275 325 276 326 /** 277 * Get the current user 327 * Retrieves the current user. 328 * 329 * @since 4.7.0 330 * @access public 278 331 * 279 332 * @param WP_REST_Request $request Full details about the request. 280 * @return WP_ Error|WP_REST_Response333 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. 281 334 */ 282 335 public function get_current_item( $request ) { 283 336 $current_user_id = get_current_user_id(); 337 284 338 if ( empty( $current_user_id ) ) { 285 339 return new WP_Error( 'rest_not_logged_in', __( 'You are not currently logged in.' ), array( 'status' => 401 ) ); 286 340 } 287 341 288 $user = wp_get_current_user();342 $user = wp_get_current_user(); 289 343 $response = $this->prepare_item_for_response( $user, $request ); 290 344 $response = rest_ensure_response( $response ); 345 291 346 $response->header( 'Location', rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $current_user_id ) ) ); 292 347 $response->set_status( 302 ); … … 296 351 297 352 /** 298 * Check if a given request has access create users 299 * 300 * @param WP_REST_Request $request Full details about the request. 301 * @return WP_Error|boolean 353 * Checks if a given request has access create users. 354 * 355 * @since 4.7.0 356 * @access public 357 * 358 * @param WP_REST_Request $request Full details about the request. 359 * @return true|WP_Error True if the request has access to create items, WP_Error object otherwise. 302 360 */ 303 361 public function create_item_permissions_check( $request ) { … … 311 369 312 370 /** 313 * Create a single user 371 * Creates a single user. 372 * 373 * @since 4.7.0 374 * @access public 314 375 * 315 376 * @param WP_REST_Request $request Full details about the request. 316 * @return WP_ Error|WP_REST_Response377 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. 317 378 */ 318 379 public function create_item( $request ) { … … 325 386 if ( ! empty( $request['roles'] ) && ! empty( $schema['properties']['roles'] ) ) { 326 387 $check_permission = $this->check_role_update( $request['id'], $request['roles'] ); 388 327 389 if ( is_wp_error( $check_permission ) ) { 328 390 return $check_permission; … … 334 396 if ( is_multisite() ) { 335 397 $ret = wpmu_validate_user_signup( $user->user_login, $user->user_email ); 398 336 399 if ( is_wp_error( $ret['errors'] ) && ! empty( $ret['errors']->errors ) ) { 337 400 return $ret['errors']; … … 341 404 if ( is_multisite() ) { 342 405 $user_id = wpmu_create_user( $user->user_login, $user->user_pass, $user->user_email ); 406 343 407 if ( ! $user_id ) { 344 408 return new WP_Error( 'rest_user_create', __( 'Error creating new resource.' ), array( 'status' => 500 ) ); 345 409 } 410 346 411 $user->ID = $user_id; 347 $user_id = wp_update_user( $user ); 412 $user_id = wp_update_user( $user ); 413 348 414 if ( is_wp_error( $user_id ) ) { 349 415 return $user_id; … … 351 417 } else { 352 418 $user_id = wp_insert_user( $user ); 419 353 420 if ( is_wp_error( $user_id ) ) { 354 421 return $user_id; … … 357 424 358 425 $user = get_user_by( 'id', $user_id ); 426 359 427 if ( ! empty( $request['roles'] ) && ! empty( $schema['properties']['roles'] ) ) { 360 428 array_map( array( $user, 'add_role' ), $request['roles'] ); … … 363 431 if ( ! empty( $schema['properties']['meta'] ) && isset( $request['meta'] ) ) { 364 432 $meta_update = $this->meta->update_value( $request['meta'], $user_id ); 433 365 434 if ( is_wp_error( $meta_update ) ) { 366 435 return $meta_update; … … 369 438 370 439 $fields_update = $this->update_additional_fields_for_object( $user, $request ); 440 371 441 if ( is_wp_error( $fields_update ) ) { 372 442 return $fields_update; … … 374 444 375 445 /** 376 * Fires after a user is created or updated via the REST API.446 * Fires immediately after a user is created or updated via the REST API. 377 447 * 378 * @param WP_User $user Data used to create the user. 379 * @param WP_REST_Request $request Request object. 380 * @param boolean $creating True when creating user, false when updating user. 448 * @since 4.7.0 449 * 450 * @param WP_User $user Data used to create the user. 451 * @param WP_REST_Request $request Request object. 452 * @param bool $creating True when creating user, false when updating user. 381 453 */ 382 454 do_action( 'rest_insert_user', $user, $request, true ); 383 455 384 456 $request->set_param( 'context', 'edit' ); 457 385 458 $response = $this->prepare_item_for_response( $user, $request ); 386 459 $response = rest_ensure_response( $response ); 460 387 461 $response->set_status( 201 ); 388 462 $response->header( 'Location', rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $user_id ) ) ); … … 392 466 393 467 /** 394 * Check if a given request has access update a user 395 * 396 * @param WP_REST_Request $request Full details about the request. 397 * @return WP_Error|boolean 468 * Checks if a given request has access to update a user. 469 * 470 * @since 4.7.0 471 * @access public 472 * 473 * @param WP_REST_Request $request Full details about the request. 474 * @return true|WP_Error True if the request has access to update the item, WP_Error object otherwise. 398 475 */ 399 476 public function update_item_permissions_check( $request ) { … … 413 490 414 491 /** 415 * Update a single user 492 * Updates a single user. 493 * 494 * @since 4.7.0 495 * @access public 416 496 * 417 497 * @param WP_REST_Request $request Full details about the request. 418 * @return WP_ Error|WP_REST_Response498 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. 419 499 */ 420 500 public function update_item( $request ) { 421 $id = (int) $request['id']; 422 501 $id = (int) $request['id']; 423 502 $user = get_userdata( $id ); 503 424 504 if ( ! $user ) { 425 505 return new WP_Error( 'rest_user_invalid_id', __( 'Invalid resource id.' ), array( 'status' => 404 ) ); … … 440 520 if ( ! empty( $request['roles'] ) ) { 441 521 $check_permission = $this->check_role_update( $id, $request['roles'] ); 522 442 523 if ( is_wp_error( $check_permission ) ) { 443 524 return $check_permission; … … 447 528 $user = $this->prepare_item_for_database( $request ); 448 529 449 // Ensure we're operating on the same user we already checked 530 // Ensure we're operating on the same user we already checked. 450 531 $user->ID = $id; 451 532 452 533 $user_id = wp_update_user( $user ); 534 453 535 if ( is_wp_error( $user_id ) ) { 454 536 return $user_id; … … 456 538 457 539 $user = get_user_by( 'id', $id ); 540 458 541 if ( ! empty( $request['roles'] ) ) { 459 542 array_map( array( $user, 'add_role' ), $request['roles'] ); … … 461 544 462 545 $schema = $this->get_item_schema(); 546 463 547 if ( ! empty( $schema['properties']['meta'] ) && isset( $request['meta'] ) ) { 464 548 $meta_update = $this->meta->update_value( $request['meta'], $id ); 549 465 550 if ( is_wp_error( $meta_update ) ) { 466 551 return $meta_update; … … 469 554 470 555 $fields_update = $this->update_additional_fields_for_object( $user, $request ); 556 471 557 if ( is_wp_error( $fields_update ) ) { 472 558 return $fields_update; … … 477 563 478 564 $request->set_param( 'context', 'edit' ); 565 479 566 $response = $this->prepare_item_for_response( $user, $request ); 480 567 $response = rest_ensure_response( $response ); 568 481 569 return $response; 482 570 } 483 571 484 572 /** 485 * Check if a given request has access delete a user 486 * 487 * @param WP_REST_Request $request Full details about the request. 488 * @return WP_Error|boolean 573 * Checks if a given request has access delete a user. 574 * 575 * @since 4.7.0 576 * @access public 577 * 578 * @param WP_REST_Request $request Full details about the request. 579 * @return true|WP_Error True if the request has access to delete the item, WP_Error object otherwise. 489 580 */ 490 581 public function delete_item_permissions_check( $request ) { … … 500 591 501 592 /** 502 * Delete a single user 593 * Deletes a single user. 594 * 595 * @since 4.7.0 596 * @access public 503 597 * 504 598 * @param WP_REST_Request $request Full details about the request. 505 * @return WP_ Error|WP_REST_Response599 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. 506 600 */ 507 601 public function delete_item( $request ) { 508 $id = (int) $request['id'];602 $id = (int) $request['id']; 509 603 $reassign = isset( $request['reassign'] ) ? absint( $request['reassign'] ) : null; 510 $force = isset( $request['force'] ) ? (bool) $request['force'] : false;511 512 // We don't support trashing for this type, error out 604 $force = isset( $request['force'] ) ? (bool) $request['force'] : false; 605 606 // We don't support trashing for this type, error out. 513 607 if ( ! $force ) { 514 608 return new WP_Error( 'rest_trash_not_supported', __( 'Users do not support trashing.' ), array( 'status' => 501 ) ); … … 516 610 517 611 $user = get_userdata( $id ); 612 518 613 if ( ! $user ) { 519 614 return new WP_Error( 'rest_user_invalid_id', __( 'Invalid resource id.' ), array( 'status' => 404 ) ); … … 527 622 528 623 $request->set_param( 'context', 'edit' ); 624 529 625 $response = $this->prepare_item_for_response( $user, $request ); 530 626 … … 539 635 540 636 /** 541 * Fires after a user is deleted via the REST API. 637 * Fires immediately after a user is deleted via the REST API. 638 * 639 * @since 4.7.0 542 640 * 543 641 * @param WP_User $user The user data. … … 551 649 552 650 /** 553 * Prepare a single user output for response 554 * 555 * @param object $user User object. 651 * Prepares a single user output for response. 652 * 653 * @since 4.7.0 654 * @access public 655 * 656 * @param WP_User $user User object. 556 657 * @param WP_REST_Request $request Request object. 557 * @return WP_REST_Response $response Response data.658 * @return WP_REST_Response Response object. 558 659 */ 559 660 public function prepare_item_for_response( $user, $request ) { 560 661 561 $data = array();662 $data = array(); 562 663 $schema = $this->get_item_schema(); 664 563 665 if ( ! empty( $schema['properties']['id'] ) ) { 564 666 $data['id'] = $user->ID; … … 635 737 $data = $this->filter_response_by_context( $data, $context ); 636 738 637 // Wrap the data in a response object 739 // Wrap the data in a response object. 638 740 $response = rest_ensure_response( $data ); 639 741 … … 641 743 642 744 /** 643 * Filter user data returned from the REST API.745 * Filters user data returned from the REST API. 644 746 * 645 * @param WP_REST_Response $response The response object. 646 * @param object $user User object used to create response. 647 * @param WP_REST_Request $request Request object. 747 * @since 4.7.0 748 * 749 * @param WP_REST_Response $response The response object. 750 * @param object $user User object used to create response. 751 * @param WP_REST_Request $request Request object. 648 752 */ 649 753 return apply_filters( 'rest_prepare_user', $response, $user, $request ); … … 651 755 652 756 /** 653 * Prepare links for the request. 757 * Prepares links for the user request. 758 * 759 * @since 4.7.0 760 * @access protected 654 761 * 655 762 * @param WP_Post $user User object. … … 670 777 671 778 /** 672 * Prepare a single user for create or update 779 * Prepares a single user for creation or update. 780 * 781 * @since 4.7.0 782 * @access protected 673 783 * 674 784 * @param WP_REST_Request $request Request object. … … 684 794 $prepared_user->user_email = $request['email']; 685 795 } 796 686 797 if ( isset( $request['username'] ) && ! empty( $schema['properties']['username'] ) ) { 687 798 $prepared_user->user_login = $request['username']; 688 799 } 800 689 801 if ( isset( $request['password'] ) && ! empty( $schema['properties']['password'] ) ) { 690 802 $prepared_user->user_pass = $request['password']; … … 695 807 $prepared_user->ID = absint( $request['id'] ); 696 808 } 809 697 810 if ( isset( $request['name'] ) && ! empty( $schema['properties']['name'] ) ) { 698 811 $prepared_user->display_name = $request['name']; 699 812 } 813 700 814 if ( isset( $request['first_name'] ) && ! empty( $schema['properties']['first_name'] ) ) { 701 815 $prepared_user->first_name = $request['first_name']; 702 816 } 817 703 818 if ( isset( $request['last_name'] ) && ! empty( $schema['properties']['last_name'] ) ) { 704 819 $prepared_user->last_name = $request['last_name']; 705 820 } 821 706 822 if ( isset( $request['nickname'] ) && ! empty( $schema['properties']['nickname'] ) ) { 707 823 $prepared_user->nickname = $request['nickname']; 708 824 } 825 709 826 if ( isset( $request['slug'] ) && ! empty( $schema['properties']['slug'] ) ) { 710 827 $prepared_user->user_nicename = $request['slug']; 711 828 } 829 712 830 if ( isset( $request['description'] ) && ! empty( $schema['properties']['description'] ) ) { 713 831 $prepared_user->description = $request['description']; … … 724 842 725 843 /** 726 * Filter user data before inserting user via the REST API. 844 * Filters user data before insertion via the REST API. 845 * 846 * @since 4.7.0 727 847 * 728 848 * @param object $prepared_user User object. … … 733 853 734 854 /** 735 * Determine if the current user is allowed to make the desired roles change. 855 * Determines if the current user is allowed to make the desired roles change. 856 * 857 * @since 4.7.0 858 * @access protected 736 859 * 737 860 * @param integer $user_id User ID. 738 861 * @param array $roles New user roles. 739 * @return WP_Error|boolean 862 * @return true|WP_Error True if the current user is allowed to make the role change, 863 * otherwise a WP_Error object. 740 864 */ 741 865 protected function check_role_update( $user_id, $roles ) { … … 749 873 750 874 $potential_role = $wp_roles->role_objects[ $role ]; 751 // Don't let anyone with 'edit_users' (admins) edit their own role to something without it. 752 // Multisite super admins can freely edit their blog roles -- they possess all caps. 753 if ( ! ( is_multisite() && current_user_can( 'manage_sites' ) ) && get_current_user_id() === $user_id && ! $potential_role->has_cap( 'edit_users' ) ) { 875 876 /* 877 * Don't let anyone with 'edit_users' (admins) edit their own role to something without it. 878 * Multisite super admins can freely edit their blog roles -- they possess all caps. 879 */ 880 if ( ! ( is_multisite() 881 && current_user_can( 'manage_sites' ) ) 882 && get_current_user_id() === $user_id 883 && ! $potential_role->has_cap( 'edit_users' ) 884 ) { 754 885 return new WP_Error( 'rest_user_invalid_role', __( 'You cannot give resource that role.' ), array( 'status' => rest_authorization_required_code() ) ); 755 886 } 756 757 // The new role must be editable by the logged-in user.758 887 759 888 /** Include admin functions to get access to get_editable_roles() */ 760 889 require_once ABSPATH . 'wp-admin/includes/admin.php'; 761 890 891 // The new role must be editable by the logged-in user. 762 892 $editable_roles = get_editable_roles(); 893 763 894 if ( empty( $editable_roles[ $role ] ) ) { 764 895 return new WP_Error( 'rest_user_invalid_role', __( 'You cannot give resource that role.' ), array( 'status' => 403 ) ); … … 767 898 768 899 return true; 769 770 } 771 772 /** 773 * Get the User's schema, conforming to JSON Schema 774 * 775 * @return array 900 } 901 902 /** 903 * Retrieves the user's schema, conforming to JSON Schema. 904 * 905 * @since 4.7.0 906 * @access public 907 * 908 * @return array Item schema data. 776 909 */ 777 910 public function get_item_schema() { … … 879 1012 'description' => __( 'Password for the resource (never included).' ), 880 1013 'type' => 'string', 881 'context' => array(), // Password is never displayed 1014 'context' => array(), // Password is never displayed. 882 1015 'required' => true, 883 1016 ), … … 901 1034 902 1035 $avatar_sizes = rest_get_avatar_sizes(); 1036 903 1037 foreach ( $avatar_sizes as $size ) { 904 1038 $avatar_properties[ $size ] = array( … … 925 1059 926 1060 /** 927 * Get the query params for collections 928 * 929 * @return array 1061 * Retrieves the query params for collections. 1062 * 1063 * @since 4.7.0 1064 * @access public 1065 * 1066 * @return array Collection parameters. 930 1067 */ 931 1068 public function get_collection_params() { … … 940 1077 'sanitize_callback' => 'wp_parse_id_list', 941 1078 ); 1079 942 1080 $query_params['include'] = array( 943 1081 'description' => __( 'Limit result set to specific ids.' ), … … 946 1084 'sanitize_callback' => 'wp_parse_id_list', 947 1085 ); 1086 948 1087 $query_params['offset'] = array( 949 1088 'description' => __( 'Offset the result set by a specific number of items.' ), … … 952 1091 'validate_callback' => 'rest_validate_request_arg', 953 1092 ); 1093 954 1094 $query_params['order'] = array( 955 1095 'default' => 'asc', … … 960 1100 'validate_callback' => 'rest_validate_request_arg', 961 1101 ); 1102 962 1103 $query_params['orderby'] = array( 963 1104 'default' => 'name', … … 976 1117 'validate_callback' => 'rest_validate_request_arg', 977 1118 ); 1119 978 1120 $query_params['slug'] = array( 979 1121 'description' => __( 'Limit result set to resources with a specific slug.' ), … … 981 1123 'validate_callback' => 'rest_validate_request_arg', 982 1124 ); 1125 983 1126 $query_params['roles'] = array( 984 1127 'description' => __( 'Limit result set to resources matching at least one specific role provided. Accepts csv list or single role.' ), … … 986 1129 'sanitize_callback' => 'wp_parse_slug_list', 987 1130 ); 1131 988 1132 return $query_params; 989 1133 }
Note: See TracChangeset
for help on using the changeset viewer.