Changeset 39954 for trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php

Timestamp:

01/26/2017 01:38:27 PM (8 years ago)

Author:

joehoyle

Message:

REST API: Unify object access handling for simplicity.

Rather than repeating ourselves, unifying the access into a single method keeps everything tidy. While we're at it, add in additional schema handling for common parameters.

See #38792.

File:

• trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php (modified) (11 diffs)

trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php

@@ -89 +89 @@
         }
         register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P<id>[\d]+)', array(
+            'args' => array(
+                'id' => array(
+                    'description' => __( 'Unique identifier for the object.' ),
+                    'type'        => 'integer',
+                ),
+            ),
             array(
                 'methods'             => WP_REST_Server::READABLE,
@@ -351 +357 @@
 
     /**
+     * Get the post, if the ID is valid.
+     *
+     * @since 4.7.2
+     *
+     * @param int $id Supplied ID.
+     * @return WP_Post|WP_Error Post object if ID is valid, WP_Error otherwise.
+     */
+    protected function get_post( $id ) {
+        $error = new WP_Error( 'rest_post_invalid_id', __( 'Invalid post ID.' ), array( 'status' => 404 ) );
+        if ( (int) $id <= 0 ) {
+            return $error;
+        }
+
+        $post = get_post( (int) $id );
+        if ( empty( $post ) || empty( $post->ID ) || $this->post_type !== $post->post_type ) {
+            return $error;
+        }
+
+        return $post;
+    }
+
+    /**
      * Checks if a given request has access to read a post.
      *
@@ -360 +388 @@
      */
     public function get_item_permissions_check( $request ) {
-
-        $post = get_post( (int) $request['id'] );
+        $post = $this->get_post( $request['id'] );
+        if ( is_wp_error( $post ) ) {
+            return $post;
+        }
 
         if ( 'edit' === $request['context'] && $post && ! $this->check_update_permission( $post ) ) {
@@ -429 +459 @@
      */
     public function get_item( $request ) {
-        $id   = (int) $request['id'];
-        $post = get_post( $id );
-
-        if ( empty( $id ) || empty( $post->ID ) || $this->post_type !== $post->post_type ) {
-            return new WP_Error( 'rest_post_invalid_id', __( 'Invalid post ID.' ), array( 'status' => 404 ) );
+        $post = $this->get_post( $request['id'] );
+        if ( is_wp_error( $post ) ) {
+            return $post;
         }
 
@@ -440 +468 @@
 
         if ( is_post_type_viewable( get_post_type_object( $post->post_type ) ) ) {
-            $response->link_header( 'alternate',  get_permalink( $id ), array( 'type' => 'text/html' ) );
+            $response->link_header( 'alternate',  get_permalink( $post->ID ), array( 'type' => 'text/html' ) );
         }
 
@@ -456 +484 @@
      */
     public function create_item_permissions_check( $request ) {
+        if ( ! empty( $request['id'] ) ) {
+            return new WP_Error( 'rest_post_exists', __( 'Cannot create existing post.' ), array( 'status' => 400 ) );
+        }
 
         $post_type = get_post_type_object( $this->post_type );
@@ -592 +623 @@
      */
     public function update_item_permissions_check( $request ) {
-
-        $post = get_post( $request['id'] );
+        $post = $this->get_post( $request['id'] );
+        if ( is_wp_error( $post ) ) {
+            return $post;
+        }
+
         $post_type = get_post_type_object( $this->post_type );
 
@@ -625 +659 @@
      */
     public function update_item( $request ) {
-        $id   = (int) $request['id'];
-        $post = get_post( $id );
-
-        if ( empty( $id ) || empty( $post->ID ) || $this->post_type !== $post->post_type ) {
-            return new WP_Error( 'rest_post_invalid_id', __( 'Invalid post ID.' ), array( 'status' => 404 ) );
+        $valid_check = $this->get_post( $request['id'] );
+        if ( is_wp_error( $valid_check ) ) {
+            return $valid_check;
         }
 
@@ -715 +747 @@
      */
     public function delete_item_permissions_check( $request ) {
-
-        $post = get_post( $request['id'] );
+        $post = $this->get_post( $request['id'] );
+        if ( is_wp_error( $post ) ) {
+            return $post;
+        }
 
         if ( $post && ! $this->check_delete_permission( $post ) ) {
@@ -735 +769 @@
      */
     public function delete_item( $request ) {
-        $id    = (int) $request['id'];
+        $post = $this->get_post( $request['id'] );
+        if ( is_wp_error( $post ) ) {
+            return $post;
+        }
+
+        $id    = $post->ID;
         $force = (bool) $request['force'];
-
-        $post = get_post( $id );
-
-        if ( empty( $id ) || empty( $post->ID ) || $this->post_type !== $post->post_type ) {
-            return new WP_Error( 'rest_post_invalid_id', __( 'Invalid post ID.' ), array( 'status' => 404 ) );
-        }
 
         $supports_trash = ( EMPTY_TRASH_DAYS > 0 );
@@ -902 +935 @@
         // Post ID.
         if ( isset( $request['id'] ) ) {
-            $prepared_post->ID = absint( $request['id'] );
+            $existing_post = $this->get_post( $request['id'] );
+            if ( is_wp_error( $existing_post ) ) {
+                return $existing_post;
+            }
+
+            $prepared_post->ID = $existing_post->ID;
         }