diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php index d30c6c0d90..9073df73a2 100644 --- a/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php +++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php @@ -45,6 +45,16 @@ class WP_REST_Attachments_Controller extends WP_REST_Posts_Controller { ), ) ); + register_rest_route( + $this->namespace, + '/' . $this->rest_base . '/(?P[\d]+)/edit', + array( + 'methods' => WP_REST_Server::CREATABLE, + 'callback' => array( $this, 'edit_media_item' ), + 'permission_callback' => array( $this, 'edit_media_item_permissions_check' ), + 'args' => $this->get_edit_media_item_args(), + ) + ); } /** @@ -365,7 +375,7 @@ class WP_REST_Attachments_Controller extends WP_REST_Posts_Controller { /** * Checks if a given request can perform post processing on an attachment. * - * @sicne 5.3.0 + * @since 5.3.0 * * @param WP_REST_Request $request Full details about the request. * @return true|WP_Error True if the request has access to update the item, WP_Error object otherwise. @@ -374,6 +384,220 @@ class WP_REST_Attachments_Controller extends WP_REST_Posts_Controller { return $this->update_item_permissions_check( $request ); } + /** + * Checks if a given request has access to editing media. + * + * @since 5.5.0 + * + * @param WP_REST_Request $request Full details about the request. + * @return true|WP_Error True if the request has read access, WP_Error object otherwise. + */ + public function edit_media_item_permissions_check( $request ) { + if ( ! current_user_can( 'upload_files' ) ) { + return new WP_Error( + 'rest_cannot_edit_image', + __( 'Sorry, you are not allowed to upload media on this site.' ), + array( 'status' => rest_authorization_required_code() ) + ); + } + + return $this->update_item_permissions_check( $request ); + } + + /** + * Applies edits to a media item and creates a new attachment record. + * + * @since 5.5.0 + * + * @param WP_REST_Request $request Full details about the request. + * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. + */ + public function edit_media_item( $request ) { + require_once ABSPATH . 'wp-admin/includes/image.php'; + + $attachment_id = $request['id']; + + // This also confirms the attachment is an image. + $image_file = wp_get_original_image_path( $attachment_id ); + $image_meta = wp_get_attachment_metadata( $attachment_id ); + + if ( ! $image_meta || ! $image_file ) { + return new WP_Error( + 'rest_unknown_attachment', + __( 'Unable to get meta information for file.' ), + array( 'status' => 404 ) + ); + } + + $supported_types = array( 'image/jpeg', 'image/png', 'image/gif' ); + $mime_type = get_post_mime_type( $attachment_id ); + if ( ! in_array( $mime_type, $supported_types, true ) ) { + return new WP_Error( + 'rest_cannot_edit_file_type', + __( 'This type of file cannot be edited.' ), + array( 'status' => 400 ) + ); + } + + // Check if we need to do anything. + $rotate = 0; + $crop = false; + + if ( ! empty( $request['rotation'] ) ) { + // Rotation direction: clockwise vs. counter clockwise. + $rotate = 0 - (int) $request['rotation']; + } + + if ( isset( $request['x'], $request['y'], $request['width'], $request['height'] ) ) { + $crop = true; + } + + if ( ! $rotate && ! $crop ) { + return new WP_Error( + 'rest_image_not_edited', + __( 'The image was not edited. Edit the image before applying the changes.' ), + array( 'status' => 400 ) + ); + } + + $image_editor = wp_get_image_editor( $image_file ); + + if ( is_wp_error( $image_editor ) ) { + return new WP_Error( + 'rest_unknown_image_file_type', + __( 'Unable to edit this image.' ), + array( 'status' => 500 ) + ); + } + + if ( 0 !== $rotate ) { + $result = $image_editor->rotate( $rotate ); + + if ( is_wp_error( $result ) ) { + return new WP_Error( + 'rest_image_rotation_failed', + __( 'Unable to rotate this image.' ), + array( 'status' => 500 ) + ); + } + } + + if ( $crop ) { + $size = $image_editor->get_size(); + + $crop_x = round( ( $size['width'] * floatval( $request['x'] ) ) / 100.0 ); + $crop_y = round( ( $size['height'] * floatval( $request['y'] ) ) / 100.0 ); + $width = round( ( $size['width'] * floatval( $request['width'] ) ) / 100.0 ); + $height = round( ( $size['height'] * floatval( $request['height'] ) ) / 100.0 ); + + $result = $image_editor->crop( $crop_x, $crop_y, $width, $height ); + + if ( is_wp_error( $result ) ) { + return new WP_Error( + 'rest_image_crop_failed', + __( 'Unable to crop this image.' ), + array( 'status' => 500 ) + ); + } + } + + // Calculate the file name. + $image_ext = pathinfo( $image_file, PATHINFO_EXTENSION ); + $image_name = wp_basename( $image_file, ".{$image_ext}" ); + + // Do not append multiple `-edited` to the file name. + // The user may be editing a previously edited image. + if ( preg_match( '/-edited(-\d+)?$/', $image_name ) ) { + // Remove any `-1`, `-2`, etc. `wp_unique_filename()` will add the proper number. + $image_name = preg_replace( '/-edited(-\d+)?$/', '-edited', $image_name ); + } else { + // Append `-edited` before the extension. + $image_name .= '-edited'; + } + + $filename = "{$image_name}.{$image_ext}"; + + // Create the uploads sub-directory if needed. + $uploads = wp_upload_dir(); + + // Make the file name unique in the (new) upload directory. + $filename = wp_unique_filename( $uploads['path'], $filename ); + + // Save to disk. + $saved = $image_editor->save( $uploads['path'] . "/$filename" ); + + if ( is_wp_error( $saved ) ) { + return $saved; + } + + // Create new attachment post. + $attachment_post = array( + 'post_mime_type' => $saved['mime-type'], + 'guid' => $uploads['url'] . "/$filename", + 'post_title' => $filename, + 'post_content' => '', + ); + + $new_attachment_id = wp_insert_attachment( wp_slash( $attachment_post ), $saved['path'], 0, true ); + + if ( is_wp_error( $new_attachment_id ) ) { + if ( 'db_update_error' === $new_attachment_id->get_error_code() ) { + $new_attachment_id->add_data( array( 'status' => 500 ) ); + } else { + $new_attachment_id->add_data( array( 'status' => 400 ) ); + } + + return $new_attachment_id; + } + + // Generate image sub-sizes and meta. + $new_image_meta = wp_generate_attachment_metadata( $new_attachment_id, $saved['path'] ); + + // Copy the EXIF metadata from the original attachment if not generated for the edited image. + if ( ! empty( $image_meta['image_meta'] ) ) { + $empty_image_meta = true; + + if ( isset( $new_image_meta['image_meta'] ) && is_array( $new_image_meta['image_meta'] ) ) { + $empty_image_meta = empty( array_filter( array_values( $new_image_meta['image_meta'] ) ) ); + } + + if ( $empty_image_meta ) { + $new_image_meta['image_meta'] = $image_meta['image_meta']; + } + } + + // Reset orientation. At this point the image is edited and orientation is correct. + if ( ! empty( $new_image_meta['image_meta']['orientation'] ) ) { + $new_image_meta['image_meta']['orientation'] = 1; + } + + // The attachment_id may change if the site is exported and imported. + $new_image_meta['parent_image'] = array( + 'attachment_id' => $attachment_id, + // Path to the originally uploaded image file relative to the uploads directory. + 'file' => _wp_relative_upload_path( $image_file ), + ); + + /** + * Filters the updated attachment meta data. + * + * @since 5.5.0 + * + * @param array $data Array of updated attachment meta data. + * @param int $new_attachment_id Attachment post ID. + * @param int $attachment_id Original Attachment post ID. + */ + $new_image_meta = apply_filters( 'wp_edited_attachment_metadata', $new_image_meta, $new_attachment_id, $attachment_id ); + + wp_update_attachment_metadata( $new_attachment_id, $new_image_meta ); + + $response = $this->prepare_item_for_response( get_post( $new_attachment_id ), $request ); + $response->set_status( 201 ); + $response->header( 'Location', rest_url( sprintf( '%s/%s/%s', $this->namespace, $this->rest_base, $new_attachment_id ) ) ); + + return $response; + } + /** * Prepares a single attachment for create or update. * @@ -1014,4 +1238,48 @@ class WP_REST_Attachments_Controller extends WP_REST_Posts_Controller { return true; } + /** + * Gets the request args for the edit item route. + * + * @since 5.5.0 + * + * @return array + */ + protected function get_edit_media_item_args() { + return array( + 'rotation' => array( + 'description' => __( 'The amount to rotate the image clockwise in degrees.' ), + 'type' => 'integer', + 'minimum' => 0, + 'exclusiveMinimum' => true, + 'maximum' => 360, + 'exclusiveMaximum' => true, + ), + 'x' => array( + 'description' => __( 'As a percentage of the image, the x position to start the crop from.' ), + 'type' => 'number', + 'minimum' => 0, + 'maximum' => 100, + ), + 'y' => array( + 'description' => __( 'As a percentage of the image, the y position to start the crop from.' ), + 'type' => 'number', + 'minimum' => 0, + 'maximum' => 100, + ), + 'width' => array( + 'description' => __( 'As a percentage of the image, the width to crop the image to.' ), + 'type' => 'number', + 'minimum' => 0, + 'maximum' => 100, + ), + 'height' => array( + 'description' => __( 'As a percentage of the image, the height to crop the image to.' ), + 'type' => 'number', + 'minimum' => 0, + 'maximum' => 100, + ), + ); + } + } diff --git a/tests/phpunit/includes/mock-image-editor.php b/tests/phpunit/includes/mock-image-editor.php index 5f457ded96..4cd252b1c3 100644 --- a/tests/phpunit/includes/mock-image-editor.php +++ b/tests/phpunit/includes/mock-image-editor.php @@ -7,6 +7,9 @@ if ( class_exists( 'WP_Image_Editor' ) ) : public static $load_return = true; public static $test_return = true; public static $save_return = array(); + public static $spy = array(); + public static $edit_return = array(); + public static $size_return = null; // Allow testing of jpeg_quality filter. public function set_mime_type( $mime_type = null ) { @@ -23,19 +26,34 @@ if ( class_exists( 'WP_Image_Editor' ) ) : return true; } public function resize( $max_w, $max_h, $crop = false ) { - + self::$spy[ __FUNCTION__ ][] = func_get_args(); + if ( isset( self::$edit_return[ __FUNCTION__ ] ) ) { + return self::$edit_return[ __FUNCTION__ ]; + } } public function multi_resize( $sizes ) { - + self::$spy[ __FUNCTION__ ][] = func_get_args(); + if ( isset( self::$edit_return[ __FUNCTION__ ] ) ) { + return self::$edit_return[ __FUNCTION__ ]; + } } public function crop( $src_x, $src_y, $src_w, $src_h, $dst_w = null, $dst_h = null, $src_abs = false ) { - + self::$spy[ __FUNCTION__ ][] = func_get_args(); + if ( isset( self::$edit_return[ __FUNCTION__ ] ) ) { + return self::$edit_return[ __FUNCTION__ ]; + } } public function rotate( $angle ) { - + self::$spy[ __FUNCTION__ ][] = func_get_args(); + if ( isset( self::$edit_return[ __FUNCTION__ ] ) ) { + return self::$edit_return[ __FUNCTION__ ]; + } } public function flip( $horz, $vert ) { - + self::$spy[ __FUNCTION__ ][] = func_get_args(); + if ( isset( self::$edit_return[ __FUNCTION__ ] ) ) { + return self::$edit_return[ __FUNCTION__ ]; + } } public function save( $destfilename = null, $mime_type = null ) { return self::$save_return; @@ -43,6 +61,14 @@ if ( class_exists( 'WP_Image_Editor' ) ) : public function stream( $mime_type = null ) { } + + public function get_size() { + if ( self::$size_return ) { + return self::$size_return; + } + + return parent::get_size(); + } } endif; diff --git a/tests/phpunit/tests/rest-api/rest-attachments-controller.php b/tests/phpunit/tests/rest-api/rest-attachments-controller.php index f6adcf78c8..761d91683f 100644 --- a/tests/phpunit/tests/rest-api/rest-attachments-controller.php +++ b/tests/phpunit/tests/rest-api/rest-attachments-controller.php @@ -19,6 +19,16 @@ class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control protected static $rest_after_insert_attachment_count; protected static $rest_insert_attachment_count; + /** + * @var string The path to a test file. + */ + private $test_file; + + /** + * @var string The path to a second test file. + */ + private $test_file2; + public static function wpSetUpBeforeClass( $factory ) { self::$superadmin_id = $factory->user->create( array( @@ -77,6 +87,28 @@ class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control copy( $orig_file2, $this->test_file2 ); } + public function tearDown() { + parent::tearDown(); + + if ( file_exists( $this->test_file ) ) { + unlink( $this->test_file ); + } + if ( file_exists( $this->test_file2 ) ) { + unlink( $this->test_file2 ); + } + + remove_action( 'rest_insert_attachment', array( $this, 'filter_rest_insert_attachment' ) ); + remove_action( 'rest_after_insert_attachment', array( $this, 'filter_rest_after_insert_attachment' ) ); + + $this->remove_added_uploads(); + + if ( class_exists( WP_Image_Editor_Mock::class ) ) { + WP_Image_Editor_Mock::$spy = array(); + WP_Image_Editor_Mock::$edit_return = array(); + WP_Image_Editor_Mock::$size_return = null; + } + } + public function test_register_routes() { $routes = rest_get_server()->get_routes(); $this->assertArrayHasKey( '/wp/v2/media', $routes ); @@ -1537,21 +1569,6 @@ class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control $this->assertArrayNotHasKey( 'https://api.w.org/action-publish', $links ); } - public function tearDown() { - parent::tearDown(); - if ( file_exists( $this->test_file ) ) { - unlink( $this->test_file ); - } - if ( file_exists( $this->test_file2 ) ) { - unlink( $this->test_file2 ); - } - - remove_action( 'rest_insert_attachment', array( $this, 'filter_rest_insert_attachment' ) ); - remove_action( 'rest_after_insert_attachment', array( $this, 'filter_rest_after_insert_attachment' ) ); - - $this->remove_added_uploads(); - } - protected function check_post_data( $attachment, $data, $context = 'view', $links ) { parent::check_post_data( $attachment, $data, $context, $links ); @@ -1776,4 +1793,175 @@ class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control public function filter_rest_after_insert_attachment( $attachment ) { self::$rest_after_insert_attachment_count++; } + + /** + * @ticket 44405 + */ + public function test_edit_image_returns_error_if_logged_out() { + $attachment = self::factory()->attachment->create(); + + $request = new WP_REST_Request( 'POST', "/wp/v2/media/{$attachment}/edit" ); + $response = rest_do_request( $request ); + $this->assertErrorResponse( 'rest_cannot_edit_image', $response, 401 ); + } + + /** + * @ticket 44405 + */ + public function test_edit_image_returns_error_if_cannot_upload() { + $user = self::factory()->user->create_and_get( array( 'role' => 'editor' ) ); + $user->add_cap( 'upload_files', false ); + + wp_set_current_user( $user->ID ); + $attachment = self::factory()->attachment->create( array( 'post_author' => $user->ID ) ); + + $request = new WP_REST_Request( 'POST', "/wp/v2/media/{$attachment}/edit" ); + $response = rest_do_request( $request ); + $this->assertErrorResponse( 'rest_cannot_edit_image', $response, 403 ); + } + + /** + * @ticket 44405 + */ + public function test_edit_image_returns_error_if_cannot_edit() { + wp_set_current_user( self::$uploader_id ); + $attachment = self::factory()->attachment->create(); + + $request = new WP_REST_Request( 'POST', "/wp/v2/media/{$attachment}/edit" ); + $response = rest_do_request( $request ); + $this->assertErrorResponse( 'rest_cannot_edit', $response, 403 ); + } + + /** + * @ticket 44405 + */ + public function test_edit_image_returns_error_if_no_attachment() { + wp_set_current_user( self::$superadmin_id ); + $attachment = self::factory()->attachment->create(); + + $request = new WP_REST_Request( 'POST', "/wp/v2/media/{$attachment}/edit" ); + $response = rest_do_request( $request ); + $this->assertErrorResponse( 'rest_unknown_attachment', $response, 404 ); + } + + /** + * @ticket 44405 + */ + public function test_edit_image_returns_error_if_unsupported_mime_type() { + wp_set_current_user( self::$superadmin_id ); + $attachment = self::factory()->attachment->create_upload_object( $this->test_file ); + wp_update_post( + array( + 'ID' => $attachment, + 'post_mime_type' => 'image/invalid', + ) + ); + + $request = new WP_REST_Request( 'POST', "/wp/v2/media/{$attachment}/edit" ); + $response = rest_do_request( $request ); + $this->assertErrorResponse( 'rest_cannot_edit_file_type', $response, 400 ); + } + + /** + * @ticket 44405 + */ + public function test_edit_image_returns_error_if_no_edits() { + wp_set_current_user( self::$superadmin_id ); + $attachment = self::factory()->attachment->create_upload_object( $this->test_file ); + + $request = new WP_REST_Request( 'POST', "/wp/v2/media/{$attachment}/edit" ); + $response = rest_do_request( $request ); + $this->assertErrorResponse( 'rest_image_not_edited', $response, 400 ); + } + + /** + * @ticket 44405 + */ + public function test_edit_image_rotate() { + wp_set_current_user( self::$superadmin_id ); + $attachment = self::factory()->attachment->create_upload_object( $this->test_file ); + + $this->setup_mock_editor(); + WP_Image_Editor_Mock::$edit_return['rotate'] = new WP_Error(); + + $request = new WP_REST_Request( 'POST', "/wp/v2/media/{$attachment}/edit" ); + $request->set_body_params( array( 'rotation' => 60 ) ); + $response = rest_do_request( $request ); + $this->assertErrorResponse( 'rest_image_rotation_failed', $response, 500 ); + + $this->assertCount( 1, WP_Image_Editor_Mock::$spy['rotate'] ); + $this->assertEquals( array( -60 ), WP_Image_Editor_Mock::$spy['rotate'][0] ); + } + + /** + * @ticket 44405 + */ + public function test_edit_image_crop() { + wp_set_current_user( self::$superadmin_id ); + $attachment = self::factory()->attachment->create_upload_object( $this->test_file ); + + $this->setup_mock_editor(); + WP_Image_Editor_Mock::$size_return = array( + 'width' => 640, + 'height' => 480, + ); + + WP_Image_Editor_Mock::$edit_return['crop'] = new WP_Error(); + + $request = new WP_REST_Request( 'POST', "/wp/v2/media/{$attachment}/edit" ); + $request->set_body_params( + array( + 'x' => 50, + 'y' => 10, + 'width' => 10, + 'height' => 5, + ) + ); + $response = rest_do_request( $request ); + $this->assertErrorResponse( 'rest_image_crop_failed', $response, 500 ); + + $this->assertCount( 1, WP_Image_Editor_Mock::$spy['crop'] ); + $this->assertEquals( + array( 320.0, 48.0, 64.0, 24.0 ), + WP_Image_Editor_Mock::$spy['crop'][0] + ); + } + + /** + * @ticket 44405 + */ + public function test_edit_image() { + wp_set_current_user( self::$superadmin_id ); + $attachment = self::factory()->attachment->create_upload_object( $this->test_file ); + + $request = new WP_REST_Request( 'POST', "/wp/v2/media/{$attachment}/edit" ); + $request->set_body_params( array( 'rotation' => 60 ) ); + $response = rest_do_request( $request ); + $item = $response->get_data(); + + $this->assertEquals( 201, $response->get_status() ); + $this->assertEquals( rest_url( '/wp/v2/media/' . $item['id'] ), $response->get_headers()['Location'] ); + + $this->assertStringEndsWith( '-edited.jpg', $item['media_details']['file'] ); + $this->assertArrayHasKey( 'parent_image', $item['media_details'] ); + $this->assertEquals( $attachment, $item['media_details']['parent_image']['attachment_id'] ); + $this->assertContains( 'canola', $item['media_details']['parent_image']['file'] ); + } + + /** + * Sets up the mock image editor. + * + * @since 5.5.0 + */ + protected function setup_mock_editor() { + require_once ABSPATH . WPINC . '/class-wp-image-editor.php'; + require_once DIR_TESTDATA . '/../includes/mock-image-editor.php'; + + add_filter( + 'wp_image_editors', + static function () { + return array( 'WP_Image_Editor_Mock' ); + } + ); + } } diff --git a/tests/phpunit/tests/rest-api/rest-schema-setup.php b/tests/phpunit/tests/rest-api/rest-schema-setup.php index 7b36cdccfe..eb70f9d88c 100644 --- a/tests/phpunit/tests/rest-api/rest-schema-setup.php +++ b/tests/phpunit/tests/rest-api/rest-schema-setup.php @@ -100,6 +100,7 @@ class WP_Test_REST_Schema_Initialization extends WP_Test_REST_TestCase { '/wp/v2/media', '/wp/v2/media/(?P[\\d]+)', '/wp/v2/media/(?P[\\d]+)/post-process', + '/wp/v2/media/(?P[\\d]+)/edit', '/wp/v2/blocks', '/wp/v2/blocks/(?P[\d]+)', '/wp/v2/blocks/(?P[\d]+)/autosaves', diff --git a/tests/qunit/fixtures/wp-api-generated.js b/tests/qunit/fixtures/wp-api-generated.js index 491e35b320..ebe44ea667 100644 --- a/tests/qunit/fixtures/wp-api-generated.js +++ b/tests/qunit/fixtures/wp-api-generated.js @@ -2342,6 +2342,46 @@ mockedApiResponse.Schema = { } ] }, + "/wp/v2/media/(?P[\\d]+)/edit": { + "namespace": "wp/v2", + "methods": [ + "POST" + ], + "endpoints": [ + { + "methods": [ + "POST" + ], + "args": { + "rotation": { + "required": false, + "description": "The amount to rotate the image clockwise in degrees.", + "type": "integer" + }, + "x": { + "required": false, + "description": "As a percentage of the image, the x position to start the crop from.", + "type": "number" + }, + "y": { + "required": false, + "description": "As a percentage of the image, the y position to start the crop from.", + "type": "number" + }, + "width": { + "required": false, + "description": "As a percentage of the image, the width to crop the image to.", + "type": "number" + }, + "height": { + "required": false, + "description": "As a percentage of the image, the height to crop the image to.", + "type": "number" + } + } + } + ] + }, "/wp/v2/blocks": { "namespace": "wp/v2", "methods": [