Changeset 39610 for branches/4.7

Timestamp:

12/16/2016 05:45:50 AM (7 years ago)

Author:

dd32

Message:

REST API: Do not include the password argument when getting media items

Currently, attachment is the only post type exposed via the REST API that
does not support password protection, but it's possible for other post types to
remove password support.

Props jnylen0.
Merges [39595] to the 4.7 branch.
Fixes #38977.

Location:

branches/4.7

Files:

• . (modified) (1 prop)
• src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php (modified) (2 diffs)
• tests/phpunit/tests/rest-api/rest-attachments-controller.php (modified) (1 diff)
• tests/phpunit/tests/rest-api/rest-posts-controller.php (modified) (1 diff)

branches/4.7/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php

@@ -78 +78 @@
         ) );
 
+        $schema = $this->get_item_schema();
+        $get_item_args = array(
+            'context'  => $this->get_context_param( array( 'default' => 'view' ) ),
+        );
+        if ( isset( $schema['properties']['password'] ) ) {
+            $get_item_args['password'] = array(
+                'description' => __( 'The password for the post if it is password protected.' ),
+                'type'        => 'string',
+            );
+        }
         register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P<id>[\d]+)', array(
             array(
@@ -83 +93 @@
                 'callback'            => array( $this, 'get_item' ),
                 'permission_callback' => array( $this, 'get_item_permissions_check' ),
-                'args'                => array(
-                    'context'  => $this->get_context_param( array( 'default' => 'view' ) ),
-                    'password' => array(
-                        'description' => __( 'The password for the post if it is password protected.' ),
-                        'type'        => 'string',
-                    ),
-                ),
+                'args'                => $get_item_args,
             ),
             array(

branches/4.7/tests/phpunit/tests/rest-api/rest-attachments-controller.php

@@ -171 +171 @@
         }
         $this->assertEqualSets( $media_types, $data['endpoints'][0]['args']['media_type']['enum'] );
+    }
+
+    public function test_registered_get_item_params() {
+        $id1 = $this->factory->attachment->create_object( $this->test_file, 0, array(
+            'post_mime_type' => 'image/jpeg',
+            'post_excerpt'   => 'A sample caption',
+        ) );
+        $request = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/media/%d', $id1 ) );
+        $response = $this->server->dispatch( $request );
+        $data = $response->get_data();
+        $keys = array_keys( $data['endpoints'][0]['args'] );
+        sort( $keys );
+        $this->assertEquals( array( 'context' ), $keys );
     }
 

branches/4.7/tests/phpunit/tests/rest-api/rest-posts-controller.php

@@ -120 +120 @@
             'tags_exclude',
             ), $keys );
+    }
+
+    public function test_registered_get_item_params() {
+        $request = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/posts/%d', self::$post_id ) );
+        $response = $this->server->dispatch( $request );
+        $data = $response->get_data();
+        $keys = array_keys( $data['endpoints'][0]['args'] );
+        sort( $keys );
+        $this->assertEquals( array( 'context', 'password' ), $keys );
     }