Opened 7 years ago
Closed 6 years ago
#44119 closed enhancement (wontfix)
WP API post status queries don't work with custom public post stati
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | 4.9.5 |
| Component: | REST API | Keywords: | |
| Focuses: | Cc: |
Description
The WP API only allows unpriv list requests to the posts controller for the publish status.
Shouldn't custom post stati with 'public' => true, 'private' => false be query-able like so?
/wp-json/wp/v2/posts?status=unread
Currently, requests for posts with a custom post stati result in:
{"code":"rest_invalid_param","message":"Invalid parameter(s): status","data":{"status":400,"params":{"status":"Status is forbidden."}}}
I've tested this behavior with the Codex provided custom post type example:
register_post_status( 'unread', array( 'label' => _x( 'Unread', 'post' ), 'public' => true, 'exclude_from_search' => false, 'show_in_admin_all_list' => true, 'show_in_admin_status_list' => true, 'label_count' => _n_noop( 'Unread <span class="count">(%s)</span>', 'Unread <span class="count">(%s)</span>' ), ) );
and tracked this back to sanitize_posts_statuses in WP_REST_Posts_Controller which assumes all post stati that differ from the default (publish) must be private and require edit_posts
https://github.com/WordPress/WordPress/blob/4.9.5/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php#L2279
Hi @hurtige,
Sorry for the delay in providing a response to your ticket.
At the moment, the REST API doesn't really support custom post statuses at all. For a bit of background see, https://github.com/WP-API/WP-API/issues/1820
I think it is unlikely that adjustments will be made to this area on an ad-hoc basis. As such, I'd currently recommend trying to override the sanitize function using the
rest_{$this->post_type}_collection_paramsfilter to support your use case.