mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2026-05-19 02:34:40 +00:00
REST API: Unify object access handling for simplicity.
Rather than repeating ourselves, unifying the access into a single method keeps everything tidy. While we're at it, add in additional schema handling for common parameters. See #38792. git-svn-id: https://develop.svn.wordpress.org/trunk@39954 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Joe Hoyle
@@ -63,6 +63,12 @@ class WP_REST_Comments_Controller extends WP_REST_Controller {
|
||||
) );
|
||||
|
||||
register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P<id>[\d]+)', array(
|
||||
'args' => array(
|
||||
'id' => array(
|
||||
'description' => __( 'Unique identifier for the object.' ),
|
||||
'type' => 'integer',
|
||||
),
|
||||
),
|
||||
array(
|
||||
'methods' => WP_REST_Server::READABLE,
|
||||
'callback' => array( $this, 'get_item' ),
|
||||
@@ -299,6 +305,36 @@ class WP_REST_Comments_Controller extends WP_REST_Controller {
|
||||
return $response;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the comment, if the ID is valid.
|
||||
*
|
||||
* @since 4.7.2
|
||||
*
|
||||
* @param int $id Supplied ID.
|
||||
* @return WP_Comment|WP_Error Comment object if ID is valid, WP_Error otherwise.
|
||||
*/
|
||||
protected function get_comment( $id ) {
|
||||
$error = new WP_Error( 'rest_comment_invalid_id', __( 'Invalid comment ID.' ), array( 'status' => 404 ) );
|
||||
if ( (int) $id <= 0 ) {
|
||||
return $error;
|
||||
}
|
||||
|
||||
$id = (int) $id;
|
||||
$comment = get_comment( $id );
|
||||
if ( empty( $comment ) ) {
|
||||
return $error;
|
||||
}
|
||||
|
||||
if ( ! empty( $comment->comment_post_ID ) ) {
|
||||
$post = get_post( (int) $comment->comment_post_ID );
|
||||
if ( empty( $post ) ) {
|
||||
return new WP_Error( 'rest_post_invalid_id', __( 'Invalid post ID.' ), array( 'status' => 404 ) );
|
||||
}
|
||||
}
|
||||
|
||||
return $comment;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if a given request has access to read the comment.
|
||||
*
|
||||
@@ -309,12 +345,9 @@ class WP_REST_Comments_Controller extends WP_REST_Controller {
|
||||
* @return WP_Error|bool True if the request has read access for the item, error object otherwise.
|
||||
*/
|
||||
public function get_item_permissions_check( $request ) {
|
||||
$id = (int) $request['id'];
|
||||
|
||||
$comment = get_comment( $id );
|
||||
|
||||
if ( ! $comment ) {
|
||||
return true;
|
||||
$comment = $this->get_comment( $request['id'] );
|
||||
if ( is_wp_error( $comment ) ) {
|
||||
return $comment;
|
||||
}
|
||||
|
||||
if ( ! empty( $request['context'] ) && 'edit' === $request['context'] && ! current_user_can( 'moderate_comments' ) ) {
|
||||
@@ -344,18 +377,9 @@ class WP_REST_Comments_Controller extends WP_REST_Controller {
|
||||
* @return WP_Error|WP_REST_Response Response object on success, or error object on failure.
|
||||
*/
|
||||
public function get_item( $request ) {
|
||||
$id = (int) $request['id'];
|
||||
|
||||
$comment = get_comment( $id );
|
||||
if ( empty( $comment ) ) {
|
||||
return new WP_Error( 'rest_comment_invalid_id', __( 'Invalid comment ID.' ), array( 'status' => 404 ) );
|
||||
}
|
||||
|
||||
if ( ! empty( $comment->comment_post_ID ) ) {
|
||||
$post = get_post( $comment->comment_post_ID );
|
||||
if ( empty( $post ) ) {
|
||||
return new WP_Error( 'rest_post_invalid_id', __( 'Invalid post ID.' ), array( 'status' => 404 ) );
|
||||
}
|
||||
$comment = $this->get_comment( $request['id'] );
|
||||
if ( is_wp_error( $comment ) ) {
|
||||
return $comment;
|
||||
}
|
||||
|
||||
$data = $this->prepare_item_for_response( $comment, $request );
|
||||
@@ -630,12 +654,12 @@ class WP_REST_Comments_Controller extends WP_REST_Controller {
|
||||
* @return WP_Error|bool True if the request has access to update the item, error object otherwise.
|
||||
*/
|
||||
public function update_item_permissions_check( $request ) {
|
||||
$comment = $this->get_comment( $request['id'] );
|
||||
if ( is_wp_error( $comment ) ) {
|
||||
return $comment;
|
||||
}
|
||||
|
||||
$id = (int) $request['id'];
|
||||
|
||||
$comment = get_comment( $id );
|
||||
|
||||
if ( $comment && ! $this->check_edit_permission( $comment ) ) {
|
||||
if ( ! $this->check_edit_permission( $comment ) ) {
|
||||
return new WP_Error( 'rest_cannot_edit', __( 'Sorry, you are not allowed to edit this comment.' ), array( 'status' => rest_authorization_required_code() ) );
|
||||
}
|
||||
|
||||
@@ -652,14 +676,13 @@ class WP_REST_Comments_Controller extends WP_REST_Controller {
|
||||
* @return WP_Error|WP_REST_Response Response object on success, or error object on failure.
|
||||
*/
|
||||
public function update_item( $request ) {
|
||||
$id = (int) $request['id'];
|
||||
|
||||
$comment = get_comment( $id );
|
||||
|
||||
if ( empty( $comment ) ) {
|
||||
return new WP_Error( 'rest_comment_invalid_id', __( 'Invalid comment ID.' ), array( 'status' => 404 ) );
|
||||
$comment = $this->get_comment( $request['id'] );
|
||||
if ( is_wp_error( $comment ) ) {
|
||||
return $comment;
|
||||
}
|
||||
|
||||
$id = $comment->comment_ID;
|
||||
|
||||
if ( isset( $request['type'] ) && get_comment_type( $id ) !== $request['type'] ) {
|
||||
return new WP_Error( 'rest_comment_invalid_type', __( 'Sorry, you are not allowed to change the comment type.' ), array( 'status' => 404 ) );
|
||||
}
|
||||
@@ -750,11 +773,9 @@ class WP_REST_Comments_Controller extends WP_REST_Controller {
|
||||
* @return WP_Error|bool True if the request has access to delete the item, error object otherwise.
|
||||
*/
|
||||
public function delete_item_permissions_check( $request ) {
|
||||
$id = (int) $request['id'];
|
||||
$comment = get_comment( $id );
|
||||
|
||||
if ( ! $comment ) {
|
||||
return new WP_Error( 'rest_comment_invalid_id', __( 'Invalid comment ID.' ), array( 'status' => 404 ) );
|
||||
$comment = $this->get_comment( $request['id'] );
|
||||
if ( is_wp_error( $comment ) ) {
|
||||
return $comment;
|
||||
}
|
||||
|
||||
if ( ! $this->check_edit_permission( $comment ) ) {
|
||||
@@ -773,15 +794,13 @@ class WP_REST_Comments_Controller extends WP_REST_Controller {
|
||||
* @return WP_Error|WP_REST_Response Response object on success, or error object on failure.
|
||||
*/
|
||||
public function delete_item( $request ) {
|
||||
$id = (int) $request['id'];
|
||||
$force = isset( $request['force'] ) ? (bool) $request['force'] : false;
|
||||
|
||||
$comment = get_comment( $id );
|
||||
|
||||
if ( empty( $comment ) ) {
|
||||
return new WP_Error( 'rest_comment_invalid_id', __( 'Invalid comment ID.' ), array( 'status' => 404 ) );
|
||||
$comment = $this->get_comment( $request['id'] );
|
||||
if ( is_wp_error( $comment ) ) {
|
||||
return $comment;
|
||||
}
|
||||
|
||||
$force = isset( $request['force'] ) ? (bool) $request['force'] : false;
|
||||
|
||||
/**
|
||||
* Filters whether a comment can be trashed.
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user