Responsive embeds is a way for a theme to opt in to WordPress dynamically scaling the width/height of an embed. When a theme supports responsive embeds, a `wp-embed-responsive` class is added to the `<body>` tag. This information is also presented through the REST API for clients to respect.
Merges [43790] and [43791] from the 5.0 branch to trunk.
Props desrosj, danielbachhuber, ocean90.
Fixes#45125.
git-svn-id: https://develop.svn.wordpress.org/trunk@44138 602fd350-edb4-49c9-b593-d223f7449a82
The `block_version` denotes which version of Blocks the `post_content` contains. Introduces new `block_version()` function for versioning Blocks.
Merges [43770] from the 5.0 branch to trunk.
Props danielbachhuber, birgire.
Fixes#43887.
git-svn-id: https://develop.svn.wordpress.org/trunk@44127 602fd350-edb4-49c9-b593-d223f7449a82
- Adds `WP_REST_Autosaves_Controller` which extends `WP_REST_Revisions_Controller`.
- Autosaves endpoint is registered for all post types except attachment because even post types without revisions enabled are expected to autosave.
- Because setting the `DOING_AUTOSAVE` constant pollutes the test suite, autosaves tests are run last. We may want to improve upon this later.
Also, use a truly impossibly high number in User Controller tests. The number `100`, (or `7777` in `trunk`), could be valid in certain test run configurations. The `REST_TESTS_IMPOSSIBLY_HIGH_NUMBER` constant is impossibly high for this very reason.
Finally, Skip Autosaves controller test for multisite. There's a PHP 5.2 edge case where paths calculated differently, possibly caused by differing version of PHPUnit.
Props adamsilverstein, aduth, azaozz, danielbachhuber, rmccue, danielbachhuber.
Merges [43767], [43768], [43769] to trunk.
See #45132, #45131.
Fixes#45128, #43316.
git-svn-id: https://develop.svn.wordpress.org/trunk@44126 602fd350-edb4-49c9-b593-d223f7449a82
When comparing the old and new values for a meta key being set, ensure both values are sanitized using the same logic so that equal values match.
props boonebgorges, dcavins, MattGeri, pilou69, TimothyBlynJacobs, kadamwhite.
Merges [43740] to trunk.
Fixes#42069.
git-svn-id: https://develop.svn.wordpress.org/trunk@44113 602fd350-edb4-49c9-b593-d223f7449a82
Introduces a `WP_REST_Search_Controller` class which registers a `/wp/v2/search` endpoint. Search types are handled by extending `WP_REST_Search_Handler`. The default search type is `WP_REST_Post_Search_Handler` but can be filtered by plugins or a theme.
Merges [43739,43741] from the 5.0 branch to trunk.
Props danielbachhuber, flixos90, pento, rmccue, joehoyle.
Fixes#39965.
git-svn-id: https://develop.svn.wordpress.org/trunk@44107 602fd350-edb4-49c9-b593-d223f7449a82
The existing `rest_insert_*` actions are fired before meta and additional fields are updated. These new `rest_after_*` actions fire after all write operations have completed.
Props timothyblynjacobs, danielbachhuber.
Merges [43737] to trunk.
Fixes#42864.
git-svn-id: https://develop.svn.wordpress.org/trunk@43987 602fd350-edb4-49c9-b593-d223f7449a82
In [43087], we improved REST API performance by only rendering the fields specified in the request. Similarly, any fields registered with `register_rest_field()` should only be rendered when included in `?_fields=`.
Props dlh, danielbachhuber.
Merges [43736] to trunk.
Fixes#45099.
git-svn-id: https://develop.svn.wordpress.org/trunk@43986 602fd350-edb4-49c9-b593-d223f7449a82
In order to correctly render parts of its UI, the new editor needs to be aware of the active theme's post-formats and post-thumbnails support. This data is exposed by querying for the active theme on a new /wp/v2/themes endpoint for sufficiently privileged users.
Merges [43734], [43735] to trunk.
props desrosj.
Fixes#45016.
git-svn-id: https://develop.svn.wordpress.org/trunk@43985 602fd350-edb4-49c9-b593-d223f7449a82
In order for clients to present permalink previews, the REST API must share the computed results of get_sample_permalink(). These two values are now exposed as permalink_template and generated_slug for public, viewable post types, but only for context=edit.
Merges [43720] to trunk.
Props danielbachhuber, rahulsprajapati.
Fixes#45017.
git-svn-id: https://develop.svn.wordpress.org/trunk@43980 602fd350-edb4-49c9-b593-d223f7449a82
An authorized request with the read_private_posts capability for a post type should be able to GET /wp/v2/posts for posts of status=private. This query is further sanity-checked by WP_REST_Posts_Controller->check_read_permission(), which is unchanged.
Props rachelbaker, soulseekah, twoelevenjay.
Moves [43694] from the 5.0 branch to trunk.
Fixes#43701.
git-svn-id: https://develop.svn.wordpress.org/trunk@43979 602fd350-edb4-49c9-b593-d223f7449a82
Because user capabilities can be modified at runtime, the REST API needs to expose them in some evaluated but declarative manner for clients to interpret. JSON Hyper Schema targetSchema provides an appropriate paradigm for doing so.
Merges [43682] to trunk.
Props timothyblynjacobs.
Fixes#45014.
git-svn-id: https://develop.svn.wordpress.org/trunk@43974 602fd350-edb4-49c9-b593-d223f7449a82
In [43437], the link definition implementation caused attachment links to be unexpectedly nested under an attributes key. This changeset restores the prior behavior.
Merges [43681] to trunk.
Props TimothyBlynJacobs, danielbachhuber.
Fixes#44750.
git-svn-id: https://develop.svn.wordpress.org/trunk@43973 602fd350-edb4-49c9-b593-d223f7449a82
Requires wp-admin/includes/image.php to make `wp_read_image_metadata()` function available. Fixes error introduced in [43589].
Props ocean90, soulseekah.
Fixes#43757.
git-svn-id: https://develop.svn.wordpress.org/trunk@43604 602fd350-edb4-49c9-b593-d223f7449a82
Requires wp-admin/includes/ms.php to make `upload_is_user_over_quota()` function available to multisite users uploading files.
Props JakePT, rachelbaker.
Fixes#44864.
git-svn-id: https://develop.svn.wordpress.org/trunk@43603 602fd350-edb4-49c9-b593-d223f7449a82
Narrow the scope of the included wp-admin files loaded for `wp_generate_attachment_metadata()`, `wp_handle_upload()`, `wp_tempnam()`, and `wp_handle_sideload()`. Requires only wp-admin/includes/file.php and wp-admin/includes/image.php instead of wp-admin/includes/admin.php.
Props lonelyvegan, soulseekah, pratikthink.
Fixes#43757.
git-svn-id: https://develop.svn.wordpress.org/trunk@43589 602fd350-edb4-49c9-b593-d223f7449a82
The original REST API revisions controller relied on `wp_get_post_revisions()`, getting all revisions of a post without any possibility to restrict the result. This changeset replaces that function call with a proper `WP_Query` setup, replicating how `wp_get_post_revisions()` works while offering parameters to alter the default behavior.
Props adamsilverstein, birgire, flixos90.
Fixes#40510.
git-svn-id: https://develop.svn.wordpress.org/trunk@43584 602fd350-edb4-49c9-b593-d223f7449a82
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.
This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script.
- Auto-fixable coding standards issues will now cause Travis failures.
Fixes#44600.
git-svn-id: https://develop.svn.wordpress.org/trunk@43571 602fd350-edb4-49c9-b593-d223f7449a82
[43437] included some new methods, which were incorrectly tagged as being `@since 4.9.7`. This updates them to `4.9.8`.
Props danielbachhuber.
Fixes 44287.
git-svn-id: https://develop.svn.wordpress.org/trunk@43463 602fd350-edb4-49c9-b593-d223f7449a82
When the REST API is in use on WordPress multisite, the `WP_REST_Attachments_Controller` should respect the "Max upload file size" and "Site upload space" site options.
Props flixos90, danielbachhuber.
Fixes#43751.
git-svn-id: https://develop.svn.wordpress.org/trunk@43462 602fd350-edb4-49c9-b593-d223f7449a82
To match behaviour in the Classic Editor, we need to slightly loosen permissions on taxonomy and term endpoints. This allows users to create terms to assign to a post that they're editing.
Props danielbachhuber.
Fixes#44096.
git-svn-id: https://develop.svn.wordpress.org/trunk@43440 602fd350-edb4-49c9-b593-d223f7449a82
So that REST API clients can show appropriate UI for a post's revisions, it needs to know how many revisions the post has, and what the latest revision ID is.
Props kadamwhite, danielbachhuber, birgire, TimothyBlynJacobs.
Fixes#44321.
git-svn-id: https://develop.svn.wordpress.org/trunk@43439 602fd350-edb4-49c9-b593-d223f7449a82
There are a variety of operations a WordPress user can only perform if they have the correct capabilities. A REST API client should only display UI for one of these operations if the WordPress user can perform the operation.
Rather than requiring REST API clients to calculate whether to display UI based on potentially complicated combinations of user capabilities, `targetSchema` allows us to expose a single flag to show whether the corresponding UI should be displayed.
This change also includes flags on post objects for the following actions:
- `action-publish`: The current user can publish this post.
- `action-sticky`: The current user can make this post sticky, and the post type supports sticking.
- `action-assign-author': The current user can change the author on this post.
- `action-assign-{$taxonomy}`: The current user can assign terms from the "$taxonomy" taxonomy to this post.
- `action-create-{$taxonomy}`: The current user can create terms int the "$taxonomy" taxonomy.
Props TimothyBlynJacobs, danielbachhuber.
Fixes#44287.
git-svn-id: https://develop.svn.wordpress.org/trunk@43437 602fd350-edb4-49c9-b593-d223f7449a82
Introduce an `object_subtype` argument to the args array for `register_meta()` which can be used to limit meta registration to a single subtype (e.g. a custom post type or taxonomy, vs all posts or taxonomies).
Introduce `register_post_meta()` and `register_term_meta()` wrapper methods for `register_meta` to provide a convenient interface for the common case of registering meta for a specific taxonomy or post type. These methods work the way plugin developers have often expected `register_meta` to function, and should be used in place of direct `register_meta` where possible.
Props flixos90, tharsheblows, spacedmonkey.
Fixes#38323.
git-svn-id: https://develop.svn.wordpress.org/trunk@43378 602fd350-edb4-49c9-b593-d223f7449a82
Historically, the REST API would generate the entire response object, including running expensive filters, then it would apply the `_fields` parameter, discarding the fields that weren't specificed.
This change causes `_fields` to be applied earlier, so that only requested fields are processed.
Props danielbachhuber.
See #43874.
git-svn-id: https://develop.svn.wordpress.org/trunk@43087 602fd350-edb4-49c9-b593-d223f7449a82
For the block editor to be able to expose the Preview button correctly, it needs to know the `is_post_type_viewable()` setting, this change adds it to the Post Type response.
Props danielbachhuber.
Fixes#43739.
git-svn-id: https://develop.svn.wordpress.org/trunk@43007 602fd350-edb4-49c9-b593-d223f7449a82
Any WordPress user who can `edit_posts` of a post type with `show_in_rest=true` can query for authors. This maps to current WordPress behavior where a WordPress user who can view the Manage Posts view for a post type can see any WordPress user assigned to a post (whether published or draft).
This implementation, over restricting `who=authors` to users with `list_users`, gives us future flexibility in displaying lists of posts. It still respects more restrictive permissions for `context=edit`.
Props danielbachhuber.
Fixes#42202.
git-svn-id: https://develop.svn.wordpress.org/trunk@43001 602fd350-edb4-49c9-b593-d223f7449a82
This was originally added to allow Gutenberg to do permalink editing, but is no longer required. It's also superceded by #41014.
Reverts [42142].
Fixes#42465.
git-svn-id: https://develop.svn.wordpress.org/trunk@42997 602fd350-edb4-49c9-b593-d223f7449a82
This tag has been used in the past, but should no longer be used. Just using the `static` keyword in code is enough for PhpDocumentor on PHP5+ to recognize static variables and methods, and PhpDocumentor will mark them as static.
Props birgire.
See #42803.
git-svn-id: https://develop.svn.wordpress.org/trunk@42746 602fd350-edb4-49c9-b593-d223f7449a82
For Gutenberg and other admin-type interfaces, it's useful to be able to see the visibility settings for taxonomies.
Props joehoyle, pento.
Fixes#42707.
git-svn-id: https://develop.svn.wordpress.org/trunk@42729 602fd350-edb4-49c9-b593-d223f7449a82
Use the `rest_authorization_required_code()` function to return a 401 status code when a permission callback fails due to a user not being logged in.
Props jaswrks.
Fixes#42828.
git-svn-id: https://develop.svn.wordpress.org/trunk@42421 602fd350-edb4-49c9-b593-d223f7449a82
The permissions error message when a request tries to fetch post statuses unauthenticated is incorrect. It was a copy/paste from elsewhere, as indicated by the use of "in this post type" where this is no post type referenced.
Props schlessera.
Fixes#42303.
git-svn-id: https://develop.svn.wordpress.org/trunk@42356 602fd350-edb4-49c9-b593-d223f7449a82
The 409 error code is intended for situations where it is expected that the user will resolve the conflict and resubmit the same request. We use 400 error codes for other routes when a duplicate request is made. The 400 status code tells the user they need to modify their request for it to be successful.
Props shooper.
Fixes#42781. See #41370.
git-svn-id: https://develop.svn.wordpress.org/trunk@42354 602fd350-edb4-49c9-b593-d223f7449a82
WordPress' code just... wasn't.
This is now dealt with.
Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes#41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42343 602fd350-edb4-49c9-b593-d223f7449a82
In r41727 the ability to sanitise and validate objects from JSON schema was added, with a whitelist approach. It was decided we should pass through all non-registered properties to reflect the behaviour of the root object in register_rest_route. To prevent arbitrary extra data via setting objects, we force additionalProperties to false in the settings endpoint.
See #38583.
git-svn-id: https://develop.svn.wordpress.org/trunk@42000 602fd350-edb4-49c9-b593-d223f7449a82
Also remove `enum` for validating allowed templates to allow plugins to dynamically supply their own templates for specific posts, even when they are not in the theme.
Props TimothyBlynJacobs, jnylen0, swissspidy.
Fixes#39996.
git-svn-id: https://develop.svn.wordpress.org/trunk@41979 602fd350-edb4-49c9-b593-d223f7449a82
Adds an "include_slug" orderby value for REST API collections to permit returning a collection filtered by slugs in the same order in which those slugs are specified.
Previously, the order of slugs provided with the ?slug query parameter had no effect on the order of the returned records.
Props wonderboymusic, ocean90, boonebgorges.
Fixes#40826.
git-svn-id: https://develop.svn.wordpress.org/trunk@41760 602fd350-edb4-49c9-b593-d223f7449a82
