WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 3 years ago

#43744 closed defect (bug) (wontfix)

`WP_REST_Server::EDITABLE` should not contain POST

Reported by: soulseekah Owned by:
Milestone: Priority: normal
Severity: trivial Version:
Component: REST API Keywords:
Focuses: Cc:

Description

Editable != creatable. The POST method is used to create resources, not update them.

I am unable to use WP_REST_Server::EDITABLE at all.

Also, can these be arrays? Would be cool to do array_merge, array_diff on these definitions.

Thoughts?

Change History (3)

#1 @swissspidy
3 years ago

Why are you unable to use WP_REST_Server::EDITABLE at all? Can you elaborate a bit? What's your use case.

For history: editable has meant POST + PUT + PATCH since the project started during GSoC 2013: https://gsoc.trac.wordpress.org/changeset/1964

As far as I understand it and how I've used REST principles in the past, is that a POST to a collection means creating a resource, and POST to a single resource is the same as using PUT.

#2 @soulseekah
3 years ago

Thanks for the rapid response. A POST request is expected to to create new resource, which I certainly don't want to give the impression of allowing. A POST to a collection is fine, we have CREATABLE for that. But adding ::EDITABLE to a single item resource would add POST implying that resources can also be created.

So I can't give my endpoint the ::EDITABLE flag, and instead have to write array( 'PUT', 'PATCH' ), something annoyed me a bit and broke the flow. Trivial, and easily fixable, especially if they're converted to arrays, in core you would change all instances of ::EDITABLE to ::EDITABLE + ::CREATABLE.

Again, just being pedantic, the world doesn't have to stop because of this. And I may be mistaken regarding the POST, but here:

https://en.wikipedia.org/wiki/Representational_state_transfer#Relationship_between_URL_and_HTTP_methods

I guess a POST request to a single Taxonomy item would be equivalent to creating a new Term inside that Taxonomy. But a POST to a single Term wouldn't make sense, no? I understand that the three verbs for core endpoints are aliased, and okay, but if I don't want a POST to be available and working for robustness, documentation purposes I can't use ::EDITABLE in its strict sense.

Hope this makes sense.

#3 @rachelbaker
3 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to wontfix
  • Status changed from new to closed

There are ideal mappings between CRUD operations and HTTP methods, but we cannot always assume the ideal is possible.

POST is allowed as an EDITABLE HTTP method because not all services or environments support methods other than GET or POST.

Note: See TracTickets for help on using tickets.