- Timestamp:
- 01/29/2020 12:43:23 AM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
r47036 r47122 128 128 129 129 if ( ! empty( $post_id ) && $post && ! $this->check_read_post_permission( $post, $request ) ) { 130 return new WP_Error( 'rest_cannot_read_post', __( 'Sorry, you are not allowed to read the post for this comment.' ), array( 'status' => rest_authorization_required_code() ) ); 130 return new WP_Error( 131 'rest_cannot_read_post', 132 __( 'Sorry, you are not allowed to read the post for this comment.' ), 133 array( 'status' => rest_authorization_required_code() ) 134 ); 131 135 } elseif ( 0 === $post_id && ! current_user_can( 'moderate_comments' ) ) { 132 return new WP_Error( 'rest_cannot_read', __( 'Sorry, you are not allowed to read comments without a post.' ), array( 'status' => rest_authorization_required_code() ) ); 136 return new WP_Error( 137 'rest_cannot_read', 138 __( 'Sorry, you are not allowed to read comments without a post.' ), 139 array( 'status' => rest_authorization_required_code() ) 140 ); 133 141 } 134 142 } … … 136 144 137 145 if ( ! empty( $request['context'] ) && 'edit' === $request['context'] && ! current_user_can( 'moderate_comments' ) ) { 138 return new WP_Error( 'rest_forbidden_context', __( 'Sorry, you are not allowed to edit comments.' ), array( 'status' => rest_authorization_required_code() ) ); 146 return new WP_Error( 147 'rest_forbidden_context', 148 __( 'Sorry, you are not allowed to edit comments.' ), 149 array( 'status' => rest_authorization_required_code() ) 150 ); 139 151 } 140 152 … … 323 335 */ 324 336 protected function get_comment( $id ) { 325 $error = new WP_Error( 'rest_comment_invalid_id', __( 'Invalid comment ID.' ), array( 'status' => 404 ) ); 337 $error = new WP_Error( 338 'rest_comment_invalid_id', 339 __( 'Invalid comment ID.' ), 340 array( 'status' => 404 ) 341 ); 342 326 343 if ( (int) $id <= 0 ) { 327 344 return $error; … … 336 353 if ( ! empty( $comment->comment_post_ID ) ) { 337 354 $post = get_post( (int) $comment->comment_post_ID ); 355 338 356 if ( empty( $post ) ) { 339 return new WP_Error( 'rest_post_invalid_id', __( 'Invalid post ID.' ), array( 'status' => 404 ) ); 357 return new WP_Error( 358 'rest_post_invalid_id', 359 __( 'Invalid post ID.' ), 360 array( 'status' => 404 ) 361 ); 340 362 } 341 363 } … … 359 381 360 382 if ( ! empty( $request['context'] ) && 'edit' === $request['context'] && ! current_user_can( 'moderate_comments' ) ) { 361 return new WP_Error( 'rest_forbidden_context', __( 'Sorry, you are not allowed to edit comments.' ), array( 'status' => rest_authorization_required_code() ) ); 383 return new WP_Error( 384 'rest_forbidden_context', 385 __( 'Sorry, you are not allowed to edit comments.' ), 386 array( 'status' => rest_authorization_required_code() ) 387 ); 362 388 } 363 389 … … 365 391 366 392 if ( ! $this->check_read_permission( $comment, $request ) ) { 367 return new WP_Error( 'rest_cannot_read', __( 'Sorry, you are not allowed to read this comment.' ), array( 'status' => rest_authorization_required_code() ) ); 393 return new WP_Error( 394 'rest_cannot_read', 395 __( 'Sorry, you are not allowed to read this comment.' ), 396 array( 'status' => rest_authorization_required_code() ) 397 ); 368 398 } 369 399 370 400 if ( $post && ! $this->check_read_post_permission( $post, $request ) ) { 371 return new WP_Error( 'rest_cannot_read_post', __( 'Sorry, you are not allowed to read the post for this comment.' ), array( 'status' => rest_authorization_required_code() ) ); 401 return new WP_Error( 402 'rest_cannot_read_post', 403 __( 'Sorry, you are not allowed to read the post for this comment.' ), 404 array( 'status' => rest_authorization_required_code() ) 405 ); 372 406 } 373 407 … … 406 440 if ( ! is_user_logged_in() ) { 407 441 if ( get_option( 'comment_registration' ) ) { 408 return new WP_Error( 'rest_comment_login_required', __( 'Sorry, you must be logged in to comment.' ), array( 'status' => 401 ) ); 442 return new WP_Error( 443 'rest_comment_login_required', 444 __( 'Sorry, you must be logged in to comment.' ), 445 array( 'status' => 401 ) 446 ); 409 447 } 410 448 … … 422 460 */ 423 461 $allow_anonymous = apply_filters( 'rest_allow_anonymous_comments', false, $request ); 462 424 463 if ( ! $allow_anonymous ) { 425 return new WP_Error( 'rest_comment_login_required', __( 'Sorry, you must be logged in to comment.' ), array( 'status' => 401 ) ); 464 return new WP_Error( 465 'rest_comment_login_required', 466 __( 'Sorry, you must be logged in to comment.' ), 467 array( 'status' => 401 ) 468 ); 426 469 } 427 470 } … … 458 501 459 502 if ( empty( $request['post'] ) ) { 460 return new WP_Error( 'rest_comment_invalid_post_id', __( 'Sorry, you are not allowed to create this comment without a post.' ), array( 'status' => 403 ) ); 503 return new WP_Error( 504 'rest_comment_invalid_post_id', 505 __( 'Sorry, you are not allowed to create this comment without a post.' ), 506 array( 'status' => 403 ) 507 ); 461 508 } 462 509 463 510 $post = get_post( (int) $request['post'] ); 511 464 512 if ( ! $post ) { 465 return new WP_Error( 'rest_comment_invalid_post_id', __( 'Sorry, you are not allowed to create this comment without a post.' ), array( 'status' => 403 ) ); 513 return new WP_Error( 514 'rest_comment_invalid_post_id', 515 __( 'Sorry, you are not allowed to create this comment without a post.' ), 516 array( 'status' => 403 ) 517 ); 466 518 } 467 519 468 520 if ( 'draft' === $post->post_status ) { 469 return new WP_Error( 'rest_comment_draft_post', __( 'Sorry, you are not allowed to create a comment on this post.' ), array( 'status' => 403 ) ); 521 return new WP_Error( 522 'rest_comment_draft_post', 523 __( 'Sorry, you are not allowed to create a comment on this post.' ), 524 array( 'status' => 403 ) 525 ); 470 526 } 471 527 472 528 if ( 'trash' === $post->post_status ) { 473 return new WP_Error( 'rest_comment_trash_post', __( 'Sorry, you are not allowed to create a comment on this post.' ), array( 'status' => 403 ) ); 529 return new WP_Error( 530 'rest_comment_trash_post', 531 __( 'Sorry, you are not allowed to create a comment on this post.' ), 532 array( 'status' => 403 ) 533 ); 474 534 } 475 535 476 536 if ( ! $this->check_read_post_permission( $post, $request ) ) { 477 return new WP_Error( 'rest_cannot_read_post', __( 'Sorry, you are not allowed to read the post for this comment.' ), array( 'status' => rest_authorization_required_code() ) ); 537 return new WP_Error( 538 'rest_cannot_read_post', 539 __( 'Sorry, you are not allowed to read the post for this comment.' ), 540 array( 'status' => rest_authorization_required_code() ) 541 ); 478 542 } 479 543 480 544 if ( ! comments_open( $post->ID ) ) { 481 return new WP_Error( 'rest_comment_closed', __( 'Sorry, comments are closed for this item.' ), array( 'status' => 403 ) ); 545 return new WP_Error( 546 'rest_comment_closed', 547 __( 'Sorry, comments are closed for this item.' ), 548 array( 'status' => 403 ) 549 ); 482 550 } 483 551 … … 495 563 public function create_item( $request ) { 496 564 if ( ! empty( $request['id'] ) ) { 497 return new WP_Error( 'rest_comment_exists', __( 'Cannot create existing comment.' ), array( 'status' => 400 ) ); 565 return new WP_Error( 566 'rest_comment_exists', 567 __( 'Cannot create existing comment.' ), 568 array( 'status' => 400 ) 569 ); 498 570 } 499 571 500 572 // Do not allow comments to be created with a non-default type. 501 573 if ( ! empty( $request['type'] ) && 'comment' !== $request['type'] ) { 502 return new WP_Error( 'rest_invalid_comment_type', __( 'Cannot create a comment with that type.' ), array( 'status' => 400 ) ); 574 return new WP_Error( 575 'rest_invalid_comment_type', 576 __( 'Cannot create a comment with that type.' ), 577 array( 'status' => 400 ) 578 ); 503 579 } 504 580 … … 515 591 */ 516 592 if ( empty( $prepared_comment['comment_content'] ) ) { 517 return new WP_Error( 'rest_comment_content_invalid', __( 'Invalid comment content.' ), array( 'status' => 400 ) ); 593 return new WP_Error( 594 'rest_comment_content_invalid', 595 __( 'Invalid comment content.' ), 596 array( 'status' => 400 ) 597 ); 518 598 } 519 599 … … 541 621 if ( get_option( 'require_name_email' ) ) { 542 622 if ( empty( $prepared_comment['comment_author'] ) || empty( $prepared_comment['comment_author_email'] ) ) { 543 return new WP_Error( 'rest_comment_author_data_required', __( 'Creating a comment requires valid author name and email values.' ), array( 'status' => 400 ) ); 623 return new WP_Error( 624 'rest_comment_author_data_required', 625 __( 'Creating a comment requires valid author name and email values.' ), 626 array( 'status' => 400 ) 627 ); 544 628 } 545 629 } … … 558 642 559 643 $check_comment_lengths = wp_check_comment_data_max_lengths( $prepared_comment ); 644 560 645 if ( is_wp_error( $check_comment_lengths ) ) { 561 646 $error_code = $check_comment_lengths->get_error_code(); 562 return new WP_Error( $error_code, __( 'Comment field exceeds maximum length allowed.' ), array( 'status' => 400 ) ); 647 return new WP_Error( 648 $error_code, 649 __( 'Comment field exceeds maximum length allowed.' ), 650 array( 'status' => 400 ) 651 ); 563 652 } 564 653 … … 570 659 571 660 if ( 'comment_duplicate' === $error_code ) { 572 return new WP_Error( $error_code, $error_message, array( 'status' => 409 ) ); 661 return new WP_Error( 662 $error_code, 663 $error_message, 664 array( 'status' => 409 ) 665 ); 573 666 } 574 667 575 668 if ( 'comment_flood' === $error_code ) { 576 return new WP_Error( $error_code, $error_message, array( 'status' => 400 ) ); 669 return new WP_Error( 670 $error_code, 671 $error_message, 672 array( 'status' => 400 ) 673 ); 577 674 } 578 675 … … 601 698 602 699 if ( ! $comment_id ) { 603 return new WP_Error( 'rest_comment_failed_create', __( 'Creating comment failed.' ), array( 'status' => 500 ) ); 700 return new WP_Error( 701 'rest_comment_failed_create', 702 __( 'Creating comment failed.' ), 703 array( 'status' => 500 ) 704 ); 604 705 } 605 706 … … 677 778 678 779 if ( ! $this->check_edit_permission( $comment ) ) { 679 return new WP_Error( 'rest_cannot_edit', __( 'Sorry, you are not allowed to edit this comment.' ), array( 'status' => rest_authorization_required_code() ) ); 780 return new WP_Error( 781 'rest_cannot_edit', 782 __( 'Sorry, you are not allowed to edit this comment.' ), 783 array( 'status' => rest_authorization_required_code() ) 784 ); 680 785 } 681 786 … … 700 805 701 806 if ( isset( $request['type'] ) && get_comment_type( $id ) !== $request['type'] ) { 702 return new WP_Error( 'rest_comment_invalid_type', __( 'Sorry, you are not allowed to change the comment type.' ), array( 'status' => 404 ) ); 807 return new WP_Error( 808 'rest_comment_invalid_type', 809 __( 'Sorry, you are not allowed to change the comment type.' ), 810 array( 'status' => 404 ) 811 ); 703 812 } 704 813 … … 711 820 if ( ! empty( $prepared_args['comment_post_ID'] ) ) { 712 821 $post = get_post( $prepared_args['comment_post_ID'] ); 822 713 823 if ( empty( $post ) ) { 714 return new WP_Error( 'rest_comment_invalid_post_id', __( 'Invalid post ID.' ), array( 'status' => 403 ) ); 824 return new WP_Error( 825 'rest_comment_invalid_post_id', 826 __( 'Invalid post ID.' ), 827 array( 'status' => 403 ) 828 ); 715 829 } 716 830 } … … 721 835 722 836 if ( ! $change ) { 723 return new WP_Error( 'rest_comment_failed_edit', __( 'Updating comment status failed.' ), array( 'status' => 500 ) ); 837 return new WP_Error( 838 'rest_comment_failed_edit', 839 __( 'Updating comment status failed.' ), 840 array( 'status' => 500 ) 841 ); 724 842 } 725 843 } elseif ( ! empty( $prepared_args ) ) { … … 729 847 730 848 if ( isset( $prepared_args['comment_content'] ) && empty( $prepared_args['comment_content'] ) ) { 731 return new WP_Error( 'rest_comment_content_invalid', __( 'Invalid comment content.' ), array( 'status' => 400 ) ); 849 return new WP_Error( 850 'rest_comment_content_invalid', 851 __( 'Invalid comment content.' ), 852 array( 'status' => 400 ) 853 ); 732 854 } 733 855 … … 735 857 736 858 $check_comment_lengths = wp_check_comment_data_max_lengths( $prepared_args ); 859 737 860 if ( is_wp_error( $check_comment_lengths ) ) { 738 861 $error_code = $check_comment_lengths->get_error_code(); 739 return new WP_Error( $error_code, __( 'Comment field exceeds maximum length allowed.' ), array( 'status' => 400 ) ); 862 return new WP_Error( 863 $error_code, 864 __( 'Comment field exceeds maximum length allowed.' ), 865 array( 'status' => 400 ) 866 ); 740 867 } 741 868 … … 743 870 744 871 if ( false === $updated ) { 745 return new WP_Error( 'rest_comment_failed_edit', __( 'Updating comment failed.' ), array( 'status' => 500 ) ); 872 return new WP_Error( 873 'rest_comment_failed_edit', 874 __( 'Updating comment failed.' ), 875 array( 'status' => 500 ) 876 ); 746 877 } 747 878 … … 797 928 798 929 if ( ! $this->check_edit_permission( $comment ) ) { 799 return new WP_Error( 'rest_cannot_delete', __( 'Sorry, you are not allowed to delete this comment.' ), array( 'status' => rest_authorization_required_code() ) ); 930 return new WP_Error( 931 'rest_cannot_delete', 932 __( 'Sorry, you are not allowed to delete this comment.' ), 933 array( 'status' => rest_authorization_required_code() ) 934 ); 800 935 } 801 936 return true; … … 845 980 // If this type doesn't support trashing, error out. 846 981 if ( ! $supports_trash ) { 847 /* translators: %s: force=true */ 848 return new WP_Error( 'rest_trash_not_supported', sprintf( __( "The comment does not support trashing. Set '%s' to delete." ), 'force=true' ), array( 'status' => 501 ) ); 982 return new WP_Error( 983 'rest_trash_not_supported', 984 /* translators: %s: force=true */ 985 sprintf( __( "The comment does not support trashing. Set '%s' to delete." ), 'force=true' ), 986 array( 'status' => 501 ) 987 ); 849 988 } 850 989 851 990 if ( 'trash' === $comment->comment_approved ) { 852 return new WP_Error( 'rest_already_trashed', __( 'The comment has already been trashed.' ), array( 'status' => 410 ) ); 991 return new WP_Error( 992 'rest_already_trashed', 993 __( 'The comment has already been trashed.' ), 994 array( 'status' => 410 ) 995 ); 853 996 } 854 997 … … 859 1002 860 1003 if ( ! $result ) { 861 return new WP_Error( 'rest_cannot_delete', __( 'The comment cannot be deleted.' ), array( 'status' => 500 ) ); 1004 return new WP_Error( 1005 'rest_cannot_delete', 1006 __( 'The comment cannot be deleted.' ), 1007 array( 'status' => 500 ) 1008 ); 862 1009 } 863 1010 … … 1156 1303 $prepared_comment['comment_author_url'] = $user->user_url; 1157 1304 } else { 1158 return new WP_Error( 'rest_comment_author_invalid', __( 'Invalid comment author ID.' ), array( 'status' => 400 ) ); 1305 return new WP_Error( 1306 'rest_comment_author_invalid', 1307 __( 'Invalid comment author ID.' ), 1308 array( 'status' => 400 ) 1309 ); 1159 1310 } 1160 1311 } … … 1248 1399 'arg_options' => array( 1249 1400 'sanitize_callback' => array( $this, 'check_comment_author_email' ), 1250 'validate_callback' => null, // skip built-in validation of 'email'.1401 'validate_callback' => null, // Skip built-in validation of 'email'. 1251 1402 ), 1252 1403 ), … … 1284 1435 'context' => array( 'view', 'edit', 'embed' ), 1285 1436 'arg_options' => array( 1286 'sanitize_callback' => null, // Note: sanitization implemented in self::prepare_item_for_database() 1287 'validate_callback' => null, // Note: validation implemented in self::prepare_item_for_database() 1437 'sanitize_callback' => null, // Note: sanitization implemented in self::prepare_item_for_database(). 1438 'validate_callback' => null, // Note: validation implemented in self::prepare_item_for_database(). 1288 1439 ), 1289 1440 'properties' => array( … … 1353 1504 1354 1505 $avatar_sizes = rest_get_avatar_sizes(); 1506 1355 1507 foreach ( $avatar_sizes as $size ) { 1356 1508 $avatar_properties[ $size ] = array( … … 1375 1527 1376 1528 $this->schema = $schema; 1529 1377 1530 return $this->add_additional_fields_schema( $this->schema ); 1378 1531 }
Note: See TracChangeset
for help on using the changeset viewer.