WordPress.org

Make WordPress Core

Opened 5 months ago

Closed 5 months ago

Last modified 5 months ago

#50301 closed defect (bug) (fixed)

Missing args properties when WP_REST_Controller::get_endpoint_args_for_item_schema being used

Reported by: pentatonicfunk Owned by: whyisjake
Milestone: 5.5 Priority: normal
Severity: normal Version: 4.7
Component: REST API Keywords: good-first-bug has-patch has-unit-tests
Focuses: rest-api Cc:

Description

Some args properties are removed / ignored when WP_REST_Controller::get_endpoint_args_for_item_schema being used. Known removed/ignored properties are :

  • minimum
  • maximum
  • exclusiveMinimum
  • exclusiveMaximum

Test Case

<?php
class DummyApiController extends WP_REST_Controller {

    public function __construct() {
        $this->namespace = 'my-name-space';
        $this->rest_base = 'my-rest-base';

        $this->schema = array(
            '$schema'    => 'http://json-schema.org/draft-04/schema#',
            'title'      => 'my-schema',
            'type'       => 'object',
            'properties' => array(
                'some_number' => array(
                    'type'     => 'integer',
                    'minimum'  => 10,
                    'maximum'  => 20,
                    'required' => true,
                ),
            ),
        );

        add_action( 'rest_api_init', array( $this, 'register_routes' ) );
    }

    public function get_item_schema() {
        return $this->add_additional_fields_schema( $this->schema );
    }

    public function register_routes() {
        register_rest_route(
            $this->namespace,
            '/' . $this->rest_base,
            array(
                array(
                    'methods'             => WP_REST_Server::CREATABLE,
                    'callback'            => array( $this, 'create_item' ),
                    'permission_callback' => array( $this, 'create_item_permissions_check' ),
                    'args'                => $this->get_endpoint_args_for_item_schema( WP_REST_Server::CREATABLE ),
                ),
                'schema' => array( $this, 'get_public_item_schema' ),
            )
        );
    }

    public function create_item_permissions_check( $request ) {
        return true;
    }

    public function create_item( $request ) {
        return rest_ensure_response( true );
    }

}

$dummy = new DummyApiController();

do_action( 'rest_api_init' );

// test
$dummy_request = new WP_REST_Request(
    WP_REST_Server::CREATABLE,
    '/my-name-space' . '/' . 'my-rest-base'
);

$dummy_request->set_param( 'some_number', 1 );

$handler  = rest_get_server()->dispatch( $dummy_request )->get_matched_handler();
$response = rest_get_server()->dispatch( $dummy_request );
print_r( $handler['args']['some_number'] ); // minimum and maximum properties missing
print_r( $response->get_data() ); // should be validation wp_error instead of true

Expected

  • Extra properties should not be removed/ignored
  • Default args validation works

Actual

  • minimum, maximum, exclusiveMinimum and exclusiveMaximum are removed/ignored
  • Validation does not works because of properties above removed/ignored

Change History (6)

#1 @TimothyBlynJacobs
5 months ago

  • Keywords needs-patch needs-unit-tests good-first-bug added
  • Milestone changed from Awaiting Review to 5.5
  • Version changed from 5.4.1 to 4.7

Thanks for the ticket @pentatonicfunk!

Yeah we need to update the list of properties in get_endpoint_args_for_item_schema here https://github.com/WordPress/wordpress-develop/blob/9bea5b3444a25d9c56aa7b04ef4cf0d1fb64703d/src/wp-includes/rest-api/endpoints/class-wp-rest-controller.php#L657. It should match all the keywords here: https://github.com/WordPress/wordpress-develop/blob/9bea5b3444a25d9c56aa7b04ef4cf0d1fb64703d/src/wp-includes/rest-api.php#L1259

We should probably declare that list of allowed properties at the top of get_endpoint_args_for_item_schema as well.

Would you be interested in working on a patch for this @pentatonicfunk?

This ticket was mentioned in PR #308 on WordPress/wordpress-develop by pentatonicfunk.


5 months ago

  • Keywords has-patch has-unit-tests added; needs-patch needs-unit-tests removed
  • Add new var $valid_schema_properties to match rest_validate_value_from_schema()
  • Unit test to ensure all valid properties exists, and non-valid properties are ignored

Trac ticket: https://core.trac.wordpress.org/ticket/50301

#3 @prbot
5 months ago

TimothyBJacobs commented on PR #308:

This looks great, thanks for working on this @pentatonicfunk!

This ticket was mentioned in Slack in #core by whyisjake. View the logs.


5 months ago

#5 @whyisjake
5 months ago

  • Owner set to whyisjake
  • Resolution set to fixed
  • Status changed from new to closed

In 47911:

REST API: Ensure that all properties of get_endpoint_args_for_item_schema are listed.

  • Add new var $valid_schema_properties to match rest_validate_value_from_schema()
  • Unit test to ensure all valid properties exists, and non-valid properties are ignored

Fixes: #50301.
Props: pentatonicfunk, TimothyBlynJacobs.

Note: See TracTickets for help on using tickets.