From 6028062ade2a8e3dd4d409d1ddac8e349201d5e7 Mon Sep 17 00:00:00 2001 From: Rachel Baker Date: Mon, 21 Nov 2016 22:55:33 +0000 Subject: [PATCH] REST API: Set the comment `type` to a readonly property in the schema. Document the type property as `readonly` and remove the default value. After #38820 it is no longer possible to set the type property on a comment to anything a custom type. Props jnylen0, rachelbaker. Fixes #38886. git-svn-id: https://develop.svn.wordpress.org/trunk@39337 602fd350-edb4-49c9-b593-d223f7449a82 --- .../class-wp-rest-comments-controller.php | 23 +++++++------------ .../rest-api/rest-comments-controller.php | 4 +++- 2 files changed, 11 insertions(+), 16 deletions(-) diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php index 0ddd023605..17ceec370f 100644 --- a/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php +++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php @@ -458,17 +458,18 @@ class WP_REST_Comments_Controller extends WP_REST_Controller { return new WP_Error( 'rest_comment_exists', __( 'Cannot create existing comment.' ), array( 'status' => 400 ) ); } - $prepared_comment = $this->prepare_item_for_database( $request ); - - if ( is_wp_error( $prepared_comment ) ) { - return $prepared_comment; - } - // Do not allow comments to be created with a non-default type. if ( ! empty( $request['type'] ) && 'comment' !== $request['type'] ) { return new WP_Error( 'rest_invalid_comment_type', __( 'Cannot create a comment with that type.' ), array( 'status' => 400 ) ); } + $prepared_comment = $this->prepare_item_for_database( $request ); + if ( is_wp_error( $prepared_comment ) ) { + return $prepared_comment; + } + + $prepared_comment['comment_type'] = ''; + /* * Do not allow a comment to be created with missing or empty * comment_content. See wp_handle_comment_submission(). @@ -1089,11 +1090,6 @@ class WP_REST_Comments_Controller extends WP_REST_Controller { $prepared_comment['comment_agent'] = $request->get_header( 'user_agent' ); } - if ( isset( $request['type'] ) ) { - // Comment type "comment" needs to be created as an empty string. - $prepared_comment['comment_type'] = 'comment' === $request['type'] ? '' : $request['type']; - } - if ( ! empty( $request['date'] ) ) { $date_data = rest_get_date_with_gmt( $request['date'] ); @@ -1244,10 +1240,7 @@ class WP_REST_Comments_Controller extends WP_REST_Controller { 'description' => __( 'Type of Comment for the object.' ), 'type' => 'string', 'context' => array( 'view', 'edit', 'embed' ), - 'default' => 'comment', - 'arg_options' => array( - 'sanitize_callback' => 'sanitize_key', - ), + 'readonly' => true, ), ), ); diff --git a/tests/phpunit/tests/rest-api/rest-comments-controller.php b/tests/phpunit/tests/rest-api/rest-comments-controller.php index 72be605a8e..25ee36ec44 100644 --- a/tests/phpunit/tests/rest-api/rest-comments-controller.php +++ b/tests/phpunit/tests/rest-api/rest-comments-controller.php @@ -2330,10 +2330,12 @@ class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase $this->assertArrayHasKey( 'post', $properties ); $this->assertArrayHasKey( 'status', $properties ); $this->assertArrayHasKey( 'type', $properties ); - $this->assertEquals( 'comment', $properties['type']['default'] ); $this->assertEquals( 0, $properties['parent']['default'] ); $this->assertEquals( 0, $properties['post']['default'] ); + + $this->assertEquals( true, $properties['link']['readonly'] ); + $this->assertEquals( true, $properties['type']['readonly'] ); } public function test_get_item_schema_show_avatar() {