mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2026-07-02 00:00:15 +00:00
REST API: Allow sidebars and their widgets to be public.
By default, only users with the `edit_theme_options` capability can access the sidebars and widgets REST API endpoints. In this commit, A new `show_in_rest` parameter is added to the `register_sidebar` function. When enabled, all users will be able to access that sidebar and any widgets belonging to that sidebar. This commit reduces the `context` for a widget's `instance` information to only `edit`. This is to ensure that internal widget data is not inadvertently exposed to the public. A future ticket may expose additional APIs to allow widget authors to indicate that their instance data can be safely exposed. REST API consumers intending to access this `instance` information should take care to explicitly set the `context` parameter to `edit`. Props spacedmonkey, zieladam. Fixes #53915. git-svn-id: https://develop.svn.wordpress.org/trunk@52016 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
@@ -220,6 +220,7 @@ function register_sidebars( $number = 1, $args = array() ) {
|
||||
*
|
||||
* @since 2.2.0
|
||||
* @since 5.6.0 Added the `before_sidebar` and `after_sidebar` arguments.
|
||||
* @since 5.9.0 Added the `show_in_rest` argument.
|
||||
*
|
||||
* @global array $wp_registered_sidebars Registered sidebars.
|
||||
*
|
||||
@@ -250,6 +251,8 @@ function register_sidebars( $number = 1, $args = array() ) {
|
||||
* @type string $after_sidebar HTML content to append to the sidebar when displayed.
|
||||
* Outputs before the {@see 'dynamic_sidebar_after'} action.
|
||||
* Default empty string.
|
||||
* @type bool $show_in_rest Whether to show this sidebar publicly in the REST API.
|
||||
* Defaults to only showing the sidebar to administrator users.
|
||||
* }
|
||||
* @return string Sidebar ID added to $wp_registered_sidebars global.
|
||||
*/
|
||||
@@ -272,6 +275,7 @@ function register_sidebar( $args = array() ) {
|
||||
'after_title' => "</h2>\n",
|
||||
'before_sidebar' => '',
|
||||
'after_sidebar' => '',
|
||||
'show_in_rest' => false,
|
||||
);
|
||||
|
||||
/**
|
||||
@@ -1035,6 +1039,35 @@ function wp_get_sidebars_widgets( $deprecated = true ) {
|
||||
return apply_filters( 'sidebars_widgets', $sidebars_widgets );
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves the registered sidebar with the given id.
|
||||
*
|
||||
* @since 5.9.0
|
||||
*
|
||||
* @global array $wp_registered_sidebars The registered sidebars.
|
||||
*
|
||||
* @param string $id The sidebar id.
|
||||
* @return array|null The discovered sidebar, or null if it is not registered.
|
||||
*/
|
||||
function wp_get_sidebar( $id ) {
|
||||
global $wp_registered_sidebars;
|
||||
|
||||
foreach ( (array) $wp_registered_sidebars as $sidebar ) {
|
||||
if ( $sidebar['id'] === $id ) {
|
||||
return $sidebar;
|
||||
}
|
||||
}
|
||||
|
||||
if ( 'wp_inactive_widgets' === $id ) {
|
||||
return array(
|
||||
'id' => 'wp_inactive_widgets',
|
||||
'name' => __( 'Inactive widgets' ),
|
||||
);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the sidebar widget option to update sidebars.
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user