Changeset 39104
- Timestamp:
- 11/03/2016 01:45:48 AM (8 years ago)
- Location:
- trunk
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/rest-api/class-wp-rest-server.php
r39051 r39104 1184 1184 $arg_data['description'] = $opts['description']; 1185 1185 } 1186 if ( isset( $opts['type'] ) ) { 1187 $arg_data['type'] = $opts['type']; 1188 } 1189 if ( isset( $opts['items'] ) ) { 1190 $arg_data['items'] = $opts['items']; 1191 } 1186 1192 $endpoint_data['args'][ $key ] = $arg_data; 1187 1193 } -
trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php
r39047 r39104 31 31 $query_args = parent::prepare_items_query( $prepared_args, $request ); 32 32 33 if ( empty( $query_args['post_status'] ) || ! in_array( $query_args['post_status'], array( 'inherit', 'private', 'trash' ), true )) {33 if ( empty( $query_args['post_status'] ) ) { 34 34 $query_args['post_status'] = 'inherit'; 35 35 } … … 587 587 $params = parent::get_collection_params(); 588 588 $params['status']['default'] = 'inherit'; 589 $params['status'][' enum'] = array( 'inherit', 'private', 'trash' );589 $params['status']['items']['enum'] = array( 'inherit', 'private', 'trash' ); 590 590 $media_types = $this->get_media_types(); 591 591 -
trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php
r39093 r39104 2121 2121 $params['status'] = array( 2122 2122 'default' => 'publish', 2123 'description' => __( 'Limit result set to posts assigned a specific status; can be comma-delimited list of status types.' ), 2124 'enum' => array_merge( array_keys( get_post_stati() ), array( 'any' ) ), 2125 'sanitize_callback' => 'sanitize_key', 2126 'type' => 'string', 2127 'validate_callback' => array( $this, 'validate_user_can_query_private_statuses' ), 2123 'description' => __( 'Limit result set to posts assigned one or more statuses.' ), 2124 'type' => 'array', 2125 'items' => array( 2126 'enum' => array_merge( array_keys( get_post_stati() ), array( 'any' ) ), 2127 'type' => 'string', 2128 ), 2129 'sanitize_callback' => array( $this, 'sanitize_post_statuses' ), 2128 2130 ); 2129 2131 … … 2153 2155 2154 2156 /** 2155 * Validates whether the user can query private statuses. 2157 * Sanitizes and validates the list of post statuses, including whether the 2158 * user can query private statuses. 2156 2159 * 2157 2160 * @since 4.7.0 2158 2161 * @access public 2159 2162 * 2160 * @param mixed $value Post status.2163 * @param string|array $statuses One or more post statuses. 2161 2164 * @param WP_REST_Request $request Full details about the request. 2162 2165 * @param string $parameter Additional parameter to pass to validation. 2163 * @return bool|WP_Error Whether the request can query private statuses, otherwise WP_Error object. 2164 */ 2165 public function validate_user_can_query_private_statuses( $value, $request, $parameter ) { 2166 if ( 'publish' === $value ) { 2167 return rest_validate_request_arg( $value, $request, $parameter ); 2168 } 2169 2170 $post_type_obj = get_post_type_object( $this->post_type ); 2171 2172 if ( current_user_can( $post_type_obj->cap->edit_posts ) ) { 2173 return rest_validate_request_arg( $value, $request, $parameter ); 2174 } 2175 2176 return new WP_Error( 'rest_forbidden_status', __( 'Status is forbidden.' ), array( 'status' => rest_authorization_required_code() ) ); 2166 * @return array|WP_Error A list of valid statuses, otherwise WP_Error object. 2167 */ 2168 public function sanitize_post_statuses( $statuses, $request, $parameter ) { 2169 $statuses = wp_parse_slug_list( $statuses ); 2170 2171 // The default status is different in WP_REST_Attachments_Controller 2172 $attributes = $request->get_attributes(); 2173 $default_status = $attributes['args']['status']['default']; 2174 2175 foreach ( $statuses as $status ) { 2176 if ( $status === $default_status ) { 2177 continue; 2178 } 2179 2180 $post_type_obj = get_post_type_object( $this->post_type ); 2181 2182 if ( current_user_can( $post_type_obj->cap->edit_posts ) ) { 2183 $result = rest_validate_request_arg( $status, $request, $parameter ); 2184 if ( is_wp_error( $result ) ) { 2185 return $result; 2186 } 2187 } else { 2188 return new WP_Error( 'rest_forbidden_status', __( 'Status is forbidden.' ), array( 'status' => rest_authorization_required_code() ) ); 2189 } 2190 } 2191 2192 return $statuses; 2177 2193 } 2178 2194 } -
trunk/tests/phpunit/tests/rest-api/rest-attachments-controller.php
r39041 r39104 328 328 } 329 329 330 public function test_get_items_multiple_statuses() { 331 // Logged out users can't make the request 332 wp_set_current_user( 0 ); 333 $attachment_id1 = $this->factory->attachment->create_object( $this->test_file, 0, array( 334 'post_mime_type' => 'image/jpeg', 335 'post_excerpt' => 'A sample caption', 336 'post_status' => 'private', 337 ) ); 338 $attachment_id2 = $this->factory->attachment->create_object( $this->test_file, 0, array( 339 'post_mime_type' => 'image/jpeg', 340 'post_excerpt' => 'A sample caption', 341 'post_status' => 'trash', 342 ) ); 343 $request = new WP_REST_Request( 'GET', '/wp/v2/media' ); 344 $request->set_param( 'status', array( 'private', 'trash' ) ); 345 $response = $this->server->dispatch( $request ); 346 $this->assertErrorResponse( 'rest_invalid_param', $response, 400 ); 347 // Properly authorized users can make the request 348 wp_set_current_user( self::$editor_id ); 349 $response = $this->server->dispatch( $request ); 350 $this->assertEquals( 200, $response->get_status() ); 351 $data = $response->get_data(); 352 $this->assertEquals( 2, count( $data ) ); 353 $ids = array( 354 $data[0]['id'], 355 $data[1]['id'], 356 ); 357 sort( $ids ); 358 $this->assertEquals( array( $attachment_id1, $attachment_id2 ), $ids ); 359 } 360 330 361 public function test_get_items_invalid_date() { 331 362 $request = new WP_REST_Request( 'GET', '/wp/v2/media' ); -
trunk/tests/phpunit/tests/rest-api/rest-posts-controller.php
r39093 r39104 309 309 $this->assertEquals( 200, $response->get_status() ); 310 310 $this->assertEquals( 1, count( $response->get_data() ) ); 311 } 312 313 public function test_get_items_multiple_statuses_string_query() { 314 wp_set_current_user( self::$editor_id ); 315 316 $this->factory->post->create( array( 'post_status' => 'draft' ) ); 317 $this->factory->post->create( array( 'post_status' => 'private' ) ); 318 $this->factory->post->create( array( 'post_status' => 'publish' ) ); 319 320 $request = new WP_REST_Request( 'GET', '/wp/v2/posts' ); 321 $request->set_param( 'context', 'edit' ); 322 $request->set_param( 'status', 'draft,private' ); 323 324 $response = $this->server->dispatch( $request ); 325 $this->assertEquals( 200, $response->get_status() ); 326 $data = $response->get_data(); 327 $this->assertEquals( 2, count( $data ) ); 328 $statuses = array( 329 $data[0]['status'], 330 $data[1]['status'], 331 ); 332 sort( $statuses ); 333 $this->assertEquals( array( 'draft', 'private' ), $statuses ); 334 } 335 336 public function test_get_items_multiple_statuses_array_query() { 337 wp_set_current_user( self::$editor_id ); 338 339 $this->factory->post->create( array( 'post_status' => 'draft' ) ); 340 $this->factory->post->create( array( 'post_status' => 'pending' ) ); 341 $this->factory->post->create( array( 'post_status' => 'publish' ) ); 342 343 $request = new WP_REST_Request( 'GET', '/wp/v2/posts' ); 344 $request->set_param( 'context', 'edit' ); 345 $request->set_param( 'status', array( 'draft', 'pending' ) ); 346 347 $response = $this->server->dispatch( $request ); 348 $this->assertEquals( 200, $response->get_status() ); 349 $data = $response->get_data(); 350 $this->assertEquals( 2, count( $data ) ); 351 $statuses = array( 352 $data[0]['status'], 353 $data[1]['status'], 354 ); 355 sort( $statuses ); 356 $this->assertEquals( array( 'draft', 'pending' ), $statuses ); 357 } 358 359 public function test_get_items_multiple_statuses_one_invalid_query() { 360 $request = new WP_REST_Request( 'GET', '/wp/v2/posts' ); 361 $request->set_param( 'context', 'edit' ); 362 $request->set_param( 'status', array( 'draft', 'nonsense' ) ); 363 $response = $this->server->dispatch( $request ); 364 $this->assertErrorResponse( 'rest_invalid_param', $response, 400 ); 311 365 } 312 366 … … 1964 2018 } 1965 2019 2020 public function test_status_array_enum_args() { 2021 $request = new WP_REST_Request( 'GET', '/wp/v2' ); 2022 $response = $this->server->dispatch( $request ); 2023 $data = $response->get_data(); 2024 $list_posts_args = $data['routes']['/wp/v2/posts']['endpoints'][0]['args']; 2025 $status_arg = $list_posts_args['status']; 2026 $this->assertEquals( 'array', $status_arg['type'] ); 2027 $this->assertEquals( array( 2028 'type' => 'string', 2029 'enum' => array( 'publish', 'future', 'draft', 'pending', 'private', 'trash', 'auto-draft', 'inherit', 'any' ), 2030 ), $status_arg['items'] ); 2031 } 2032 1966 2033 public function test_get_additional_field_registration() { 1967 2034 -
trunk/tests/phpunit/tests/rest-api/rest-schema-sanitization.php
r39061 r39104 87 87 $this->assertEquals( array( 1, 2, 0 ), rest_sanitize_value_from_schema( '1,2,a', $schema ) ); 88 88 } 89 90 public function test_type_array_with_enum() { 91 $schema = array( 92 'type' => 'array', 93 'items' => array( 94 'enum' => array( 'chicken', 'ribs', 'brisket' ), 95 'type' => 'string', 96 ), 97 ); 98 $this->assertEquals( array( 'ribs', 'brisket' ), rest_sanitize_value_from_schema( array( 'ribs', 'brisket' ), $schema ) ); 99 $this->assertEquals( array( 'coleslaw' ), rest_sanitize_value_from_schema( array( 'coleslaw' ), $schema ) ); 100 } 101 102 public function test_type_array_with_enum_as_csv() { 103 $schema = array( 104 'type' => 'array', 105 'items' => array( 106 'enum' => array( 'chicken', 'ribs', 'brisket' ), 107 'type' => 'string', 108 ), 109 ); 110 $this->assertEquals( array( 'ribs', 'chicken' ), rest_sanitize_value_from_schema( 'ribs,chicken', $schema ) ); 111 $this->assertEquals( array( 'chicken', 'coleslaw' ), rest_sanitize_value_from_schema( 'chicken,coleslaw', $schema ) ); 112 } 89 113 } -
trunk/tests/phpunit/tests/rest-api/rest-schema-validation.php
r39048 r39104 116 116 $this->assertWPError( rest_validate_value_from_schema( 'lol', $schema ) ); 117 117 } 118 119 public function test_type_array_with_enum() { 120 $schema = array( 121 'type' => 'array', 122 'items' => array( 123 'enum' => array( 'chicken', 'ribs', 'brisket' ), 124 'type' => 'string', 125 ), 126 ); 127 $this->assertTrue( rest_validate_value_from_schema( array( 'ribs', 'brisket' ), $schema ) ); 128 $this->assertWPError( rest_validate_value_from_schema( array( 'coleslaw' ), $schema ) ); 129 } 130 131 public function test_type_array_with_enum_as_csv() { 132 $schema = array( 133 'type' => 'array', 134 'items' => array( 135 'enum' => array( 'chicken', 'ribs', 'brisket' ), 136 'type' => 'string', 137 ), 138 ); 139 $this->assertTrue( rest_validate_value_from_schema( 'ribs,chicken', $schema ) ); 140 $this->assertWPError( rest_validate_value_from_schema( 'chicken,coleslaw', $schema ) ); 141 } 118 142 }
Note: See TracChangeset
for help on using the changeset viewer.