vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2025-10-16 12:05:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
35,681 Commits 1 Branch 0 Tags 243 MiB
a0876e06cd
Commit Graph

58 Commits

Author SHA1 Message Date
Rachel Baker
c962a98980 REST API: Return an error when the length of a comment field is too long. 
Introduces `wp_check_comment_data_max_lengths()` which allows both the REST API comments endpoints and `wp_handle_comment_submission()` to check the length of the comment content, author name, author url, and author email fields against their respective database columns.

Props rachelbaker, mangeshp, salcode, pento.
Fixes #38477.

git-svn-id: https://develop.svn.wordpress.org/trunk@39101 602fd350-edb4-49c9-b593-d223f7449a82
 2016-11-03 01:11:30 +00:00
Joe Hoyle
082151025e REST API: Include taxonomies as an attribute of post types. 
Add the taxonomies for a post type to the `/wp/v2/types` endpoint, so clients know which taxonomies are available for which post types.

Props danielbachhuber.
Fixes #38438, #38631.


git-svn-id: https://develop.svn.wordpress.org/trunk@39097 602fd350-edb4-49c9-b593-d223f7449a82
 2016-11-02 21:50:08 +00:00
Joe Hoyle
e78230b39a REST API: Add en_US to the locales enum. 
Props ocean90.
Fixes #38528. 


git-svn-id: https://develop.svn.wordpress.org/trunk@39096 602fd350-edb4-49c9-b593-d223f7449a82
 2016-11-02 21:20:12 +00:00
Ryan McCue
bbbf3a97fa REST API: Allow querying for multiple slug values. 
Props jnylen0, rachelbaker.
Fixes #38579.


git-svn-id: https://develop.svn.wordpress.org/trunk@39093 602fd350-edb4-49c9-b593-d223f7449a82
 2016-11-02 07:13:24 +00:00
Ryan McCue
1f9c6904bc REST API: Add update and delete endpoints to /users/me 
Now that /users/me is a standalone resource, it should have all the standard endpoints for a resource.

Props pento.
Fixes #38521 (hopefully).


git-svn-id: https://develop.svn.wordpress.org/trunk@39092 602fd350-edb4-49c9-b593-d223f7449a82
 2016-11-02 06:52:30 +00:00
Ryan McCue
f9230a1c4d REST API: Add locale to user resource. 
Props ocean90, joehoyle.
Fixes #38528.


git-svn-id: https://develop.svn.wordpress.org/trunk@39090 602fd350-edb4-49c9-b593-d223f7449a82
 2016-11-02 06:23:12 +00:00
Ryan McCue
5d924daeb3 REST API: Change method of merging parameters. 
`array_merge()` incorrectly reindexes numeric parameters, causing things like `{"123": true}` to be "dropped".

Props sswells, joehoyle.
Fixes #38306.


git-svn-id: https://develop.svn.wordpress.org/trunk@39087 602fd350-edb4-49c9-b593-d223f7449a82
 2016-11-02 05:52:12 +00:00
Ryan McCue
4ff5c83255 REST API: Remove the Location redirect for the /users/me endpoint. 
This is a re-commit of [38980], which was reverted in [38990].

Props youknowriad, jnylen0, pento.
Fixes #38521.


git-svn-id: https://develop.svn.wordpress.org/trunk@39085 602fd350-edb4-49c9-b593-d223f7449a82
 2016-11-02 03:44:00 +00:00
Ryan McCue
011e0b99a1 REST API: Only expose formats supported by the current theme. 
While it's valid to save any format to the database, and WordPress is totally fine with that, we should only include the formats specified by the theme in the schema.

Props danielbachhuber.
Fixes #38610.


git-svn-id: https://develop.svn.wordpress.org/trunk@39084 602fd350-edb4-49c9-b593-d223f7449a82
 2016-11-02 03:36:40 +00:00
Joe Hoyle
0e609fa717 REST API: Sanitize arrays being sent as CSVs. 
In #38586 the ability to parse arrays as csv was introduced, however it didn't add any support for validating csv arrays. This adds such sanitization, and also a good amount of unit tests for all sanitization baed off schema.

See #38586.


git-svn-id: https://develop.svn.wordpress.org/trunk@39061 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-31 17:07:14 +00:00
Joe Hoyle
89ce913169 REST API: Add support for "integer" type for meta and options 
Previously Settings only supported "number" which meant it was possible to push floats to things like posts_per_page. This means now developers can also specify `type => ineger` in meta nad settings resgration.

Props flixos90.
Fixes #38393.


git-svn-id: https://develop.svn.wordpress.org/trunk@39058 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-31 16:06:54 +00:00
Gary Pendergast
d66ba1ee7a REST API: Allow a CSV list of user roles to be passed to /users. 
After [39048], this changes explicitly parses the list of user roles as slugs, and adds tests.

Props jnylen0.
Fixes #38557.



git-svn-id: https://develop.svn.wordpress.org/trunk@39056 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-31 11:10:37 +00:00
Gary Pendergast
0153b0bb9b REST API: Allow a CSV list of term IDs to be passed to /posts. 
[39048] added CSV support to array types, this change explicitly parses term lists as IDs, and adds tests.

Props timmydcrawford, pento.
Fixes #38553.



git-svn-id: https://develop.svn.wordpress.org/trunk@39055 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-31 11:05:37 +00:00
Gary Pendergast
c9618c09ad REST API: Allow parameters defined as array to be sent as CSVs. 
This allows parameters that are often handled as CSVs to be properly parsed.

Fixes #38586.



git-svn-id: https://develop.svn.wordpress.org/trunk@39048 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-31 05:44:56 +00:00
Ryan McCue
4f9bc7535d REST API: Support password on non-post post types. 
The password field was incorrectly only added to "post" post types, but is supported for all post types in the Dashboard UI.

Props jnylen0.
Fixes #38582.


git-svn-id: https://develop.svn.wordpress.org/trunk@39047 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-31 03:52:08 +00:00
Gary Pendergast
a86bc6f565 REST API: Add support for arrays in schema validation and sanitization. 
By allowing more fine-grained validation and sanitisation of endpoint args, we can ensure the correct data is being passed to endpoints.

This can easily be extended to support new data types, such as CSV fields or objects.

Props joehoyle, rachelbaker, pento.
Fixes #38531.



git-svn-id: https://develop.svn.wordpress.org/trunk@39046 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-31 01:47:36 +00:00
Rachel Baker
b5a4df509e REST API: Correctly test the roles parameter when creating a user in WP_Test_REST_Users_Controller. 
Props jnylen0.
Fixes #38575.

git-svn-id: https://develop.svn.wordpress.org/trunk@39043 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-31 00:27:17 +00:00
Rachel Baker
6413c1efce REST API: Delete temporary files during teardown of WP_Test_REST_Attachments_Controller. 
Props jnylen0.
Fixes #38574.

git-svn-id: https://develop.svn.wordpress.org/trunk@39041 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-30 23:31:06 +00:00
Gary Pendergast
76012a9a59 REST API: Revert [38980]. 
`/users/me` still needs attention, but this change wasn't quite ready.

See #38521.



git-svn-id: https://develop.svn.wordpress.org/trunk@38990 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-28 02:06:17 +00:00
Rachel Baker
3ffefccdf2 REST API: Return WP_Error when a client is attempting to update an option with a non-scalar value to null. 
A `null` value is returned in the response for any option that has a non-scalar value.

To protect clients from accidentally including the `null` values from a response object in a request, we do not allow options with non-scalar values to be updated to `null`. Without this added protection a client could mistakenly delete all options that have non-scalar values from the database.

Props joehoyle, rachelbaker.
Fixes #38527.

git-svn-id: https://develop.svn.wordpress.org/trunk@38982 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-27 16:07:06 +00:00
Rachel Baker
855a29ccbf REST API: Remove the Location header redirect for the /users/me endpoint. 
Props youknowriad jnylen0.
Fixes #38521.

git-svn-id: https://develop.svn.wordpress.org/trunk@38980 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-27 14:36:49 +00:00
Boone Gorges
eb9e2b9207 Share fixtures in REST API endpoint tests. 
As sparrows' tears shed steadily
Make widest rivers filled,

`setUp()` routines run prodig'ly
Add minutes to a build.

So cull ye fixtures profligate!
Direct thine frugal gaze!

Our savings here - a half-minute -
When multiplied: Amaze!

See #30017.

git-svn-id: https://develop.svn.wordpress.org/trunk@38975 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-27 02:56:28 +00:00
Boone Gorges
5da7a1dccf REST API: Use wp_get_object_terms() when fetching terms for a post object. 
The WP-API plugin originally used a custom method for fetching object
terms in a way that supported the object cache and also accepted all
parameters for `get_terms()`. In [38667], the internals of
`wp_get_object_terms()` were modified to use `WP_Term_Query`, thus
delivering in a native fashion the features that the API had
previously achieved bespokely.

Fixes #38504.

git-svn-id: https://develop.svn.wordpress.org/trunk@38974 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-27 01:41:08 +00:00
Rachel Baker
8c0d5292a2 REST API: Add the default_comment_status and default_ping_status options to the setting endpoint. 
Props joehoyle.
See #38490.

git-svn-id: https://develop.svn.wordpress.org/trunk@38971 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-26 22:19:08 +00:00
Rachel Baker
6e47838053 REST API: Remove experimental filter wrapper parameter from the Posts Controller class. 
Hiding WP_Query params under the filter key (instead of allowing them to be top-level params) was one of our biggest complaints from users of v1 of our REST API. This walks back the re-introduction of the `filter` param during Beta 15, which introduced an "inconsistent mess" and "exposing WP_Query through filter has and will continue to be difficult to support." See https://github.com/WP-API/WP-API/issues/2799.

Props websupporter, rachelbaker.
Fixes #38378.

git-svn-id: https://develop.svn.wordpress.org/trunk@38968 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-26 21:36:29 +00:00
Boone Gorges
a6a15b1819 REST API: Use term-specific caps for permission checks in term update and delete endpoints. 
See #38505.

git-svn-id: https://develop.svn.wordpress.org/trunk@38960 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-26 14:51:54 +00:00
Gary Pendergast
84d9dcb1e6 REST API: Deprecate the rest_enabled filter. 
As the REST API becomes more integral to WordPress Core, turning it off will cause a... suboptimal experience. If we don't want it to be turned off, the off switch needs to be removed.

Props jorbin, pento.
Fixes #38446.



git-svn-id: https://develop.svn.wordpress.org/trunk@38947 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-26 06:27:04 +00:00
Rachel Baker
2b12294a0a REST API: Add missing sanitization callback for the hide_empty parameter of the Terms Controller. 
Fixes a bug where the boolean parameter `hide_empty` was not being properly sanitized in the Terms controller.

Props websupporter.
Fixes #38465.

git-svn-id: https://develop.svn.wordpress.org/trunk@38942 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-26 02:28:13 +00:00
Boone Gorges
8a883144b6 Tests: Share fixtures in term endpoint tests. 
See #30017.

git-svn-id: https://develop.svn.wordpress.org/trunk@38941 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-26 01:59:00 +00:00
Jeremy Felt
13e2780b59 REST API: Adjust test_get_items_invalid_status_param_is_discarded() after [38911]. 
Previously, if an invalid post status was assigned to a media object, the object would be returned with an unchanged status. After [38911], an error response is returned.

The assertion in test_get_items_invalid_status_param_is_discarded() needs to be updated to account for the expected error response. The test name has been changed to `test_get_items_invalid_status_param_is_error_response()`.

Fixes #38417.


git-svn-id: https://develop.svn.wordpress.org/trunk@38917 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-25 19:33:34 +00:00
Joe Hoyle
6d8e277152 REST API: Validate posts status enum 
Currently we are using a different validate callback, so the `enum` is not interpretted. We just have to fallback to the result of `rest_validate_request_arg` in our custom wrapper function.

Fixes #38417.


git-svn-id: https://develop.svn.wordpress.org/trunk@38911 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-25 17:12:18 +00:00
Rachel Baker
39226db649 REST API: Allow comments to be created setting the user_agent parameter. 
As of WordPress 4.3 the `wp_new_comment()` function has been updated to allow the comment_agent value to be set when a comment is created. The comments API endpoint now allows the comment author's user agent to be set when creating a comment.
Also, the `readonly` property on the `author_user_agent` parameter in the schema was removed.

Props rabmalin for the initial patch.
Fixes #38425.

git-svn-id: https://develop.svn.wordpress.org/trunk@38864 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-21 18:27:18 +00:00
Rachel Baker
72418d4bc1 REST API: Fix test failures. 
- Fix leak in setup_notify_comment() test help by removing the comment_flood_filter.
- Correct uses of $term_taxonomy_id -> $term_id in Category and Tags routing.
- Temporarily remove the metadata tests for canola.jpg as that file does not have an exifdata.  Will need to update the test.

Props jorbin, rmccue, nacin
See #38373.

git-svn-id: https://develop.svn.wordpress.org/trunk@38834 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-20 05:12:26 +00:00
Rachel Baker
ede099a704 REST API: Introduce the Content API endpoints. 
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.

Love your REST API, WordPress!  The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"

Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes #38373.

git-svn-id: https://develop.svn.wordpress.org/trunk@38832 602fd350-edb4-49c9-b593-d223f7449a82
 2016-10-20 02:54:12 +00:00
Joe Hoyle
433b4fbfba REST API: Enable sanitize_callback to return WP_Error. 
Give developers the opportunity to reject incoming data without using the validation callback. It also enables us to do sanitization and validation in one function in instances where this could be useful.

Props websupporter, rmccue.
Fixes #37560.


git-svn-id: https://develop.svn.wordpress.org/trunk@38601 602fd350-edb4-49c9-b593-d223f7449a82
 2016-09-14 15:49:37 +00:00
Rachel Baker
855c081931 REST API: Reverse order of setting sanitization/validation, validating prior to sanitizing. 
Fixes mistake in the current behavior, where the sanitization callback ran before the validation callback. Now the validation callback will run before the sanitization.

Props schlessera, rachelbaker.
See #37247.
Fixes #37192.




git-svn-id: https://develop.svn.wordpress.org/trunk@37943 602fd350-edb4-49c9-b593-d223f7449a82
 2016-07-02 23:02:45 +00:00
Rachel Baker
0e6a328782 REST API: Include a refreshed nonce in a X-WP-Nonce header when responding to an authenticated request. 
Props adamsilverstein, welcher, markjaquith, aidvu.
Fixes #35662.




git-svn-id: https://develop.svn.wordpress.org/trunk@37905 602fd350-edb4-49c9-b593-d223f7449a82
 2016-06-29 03:00:54 +00:00
Rachel Baker
9e9adb0bfe REST API: Include auto-discovery Link header when serving API requests. 
The Link header allows clients to verify if a site has made the REST API available, as well as indicating how to access it.

Props danielbachhuber.
Fixes #35580.




git-svn-id: https://develop.svn.wordpress.org/trunk@37903 602fd350-edb4-49c9-b593-d223f7449a82
 2016-06-29 01:56:32 +00:00
Rachel Baker
7a4e523b5e REST API: Include X-Robots-Tag: noindex header in REST API responses to prevent endpoints from being indexed by search engines. 
Prevent duplicate content issues with search engines and REST API endpoint response data.

Fixes #36390.
Props m_uysl for the initial patch.

git-svn-id: https://develop.svn.wordpress.org/trunk@37726 602fd350-edb4-49c9-b593-d223f7449a82
 2016-06-16 14:58:28 +00:00
Mark Jaquith
9deec9e723 REST API: Deliver parameters unadulterated instead of slashed. 
We goofed, and parameters accessed through the REST API's methods
were slashed (inconsistently, even). This unslashes the data, so
you get the un-messed-with data that was sent.

Props joehoyle.
Fixes #36419.

git-svn-id: https://develop.svn.wordpress.org/trunk@37163 602fd350-edb4-49c9-b593-d223f7449a82
 2016-04-06 21:01:11 +00:00
Rachel Baker
da45e59bbd REST API: Add home_url to API index to avoid confusion with site_url. 
Confusion abound, the API index is the generic term `url` to display the `site_url`. New `home` key will display the `home_url` in the index as well.

Fixes #35647.

git-svn-id: https://develop.svn.wordpress.org/trunk@37031 602fd350-edb4-49c9-b593-d223f7449a82
 2016-03-17 19:15:57 +00:00
Joe Hoyle
b38ea44e9a OPTIONS requests to REST API should return Allow header. 
An OPTIONS request was incorrectly returning an "Accept" header which
was a typo of "Allow". This meant Accept was showing "GET, POST" for example,
however it was also not running the permission checks on the endpoints.

Instead, the correct route needs to be set on the request object, which means
the normal handling for the Allow header will kick in. This technically
breaks backwards compatibility, however given the value of Accept was also wrong
then this should not be an issue.

Fixes #35975.


git-svn-id: https://develop.svn.wordpress.org/trunk@36829 602fd350-edb4-49c9-b593-d223f7449a82
 2016-03-03 09:54:32 +00:00
Ryan McCue
b464a4ba3a REST API: Fix error in Request tests. 
On the 21st of November, 2014, I committed tests for WP_REST_Request
to the API plugin. Although I didn't realise at the time, I was
causing my future self to go through hours of sufferring.

Unfortunately, I forgot to call parent::setUp() which would break
the tests in subtle ways in the future and would ruin the good part
of my day.

Let this be a warning to all of you who write future unit tests.

See f0396be17e
for the original commit.


git-svn-id: https://develop.svn.wordpress.org/trunk@36678 602fd350-edb4-49c9-b593-d223f7449a82
 2016-02-24 08:28:12 +00:00
Ryan McCue
c3c445c0c9 REST API: Use WP_REST_Request::from_url() when embedding. 
See #35803.


git-svn-id: https://develop.svn.wordpress.org/trunk@36674 602fd350-edb4-49c9-b593-d223f7449a82
 2016-02-24 04:19:44 +00:00
Ryan McCue
92d2be6a3d REST API: Add WP_REST_Request::from_url() 
Allows converting a REST URL into a Request object.

Props danielbachhuber.
Fixes #35803.


git-svn-id: https://develop.svn.wordpress.org/trunk@36673 602fd350-edb4-49c9-b593-d223f7449a82
 2016-02-24 04:00:12 +00:00
Ryan McCue
10bfe70f06 REST API: Allow explicit HEAD callbacks. 
HEAD callbacks can now be registered independently, with the GET
callback still used as a fallback.

Fixes #34841.


git-svn-id: https://develop.svn.wordpress.org/trunk@36535 602fd350-edb4-49c9-b593-d223f7449a82
 2016-02-16 05:50:21 +00:00
Ryan McCue
d7e7c0b81b REST API: Add support for CURIEs. 
CURIEs are Compact URIs, which provide a more usable way to use
custom relations in the API. The `wp` CURIE is registered by default
for `https://api.w.org/` URI relations.

Fixes #34729.
Props joehoyle.


git-svn-id: https://develop.svn.wordpress.org/trunk@36533 602fd350-edb4-49c9-b593-d223f7449a82
 2016-02-16 02:18:34 +00:00
Ryan McCue
5534474cef REST API: Fix tests from r36529. 
See #35329.


git-svn-id: https://develop.svn.wordpress.org/trunk@36531 602fd350-edb4-49c9-b593-d223f7449a82
 2016-02-16 01:50:06 +00:00
Ryan McCue
b32aaf603e REST API: Add helper function to get server instance. 
This allows using rest_do_request() outside of the API itself easily.

Props danielbachhuber, swissspidy.


git-svn-id: https://develop.svn.wordpress.org/trunk@36529 602fd350-edb4-49c9-b593-d223f7449a82
 2016-02-16 01:11:31 +00:00
Joe Hoyle
a375d93001 REST API: Improve formatting of failed validation errors. 
If a validation_callback returns a WP_Error it should give the same response format as if it returned `false`. This makes programmatically reading the validation errors better.

Props bradyvercher for initial patch.
Fixes #35028.


git-svn-id: https://develop.svn.wordpress.org/trunk@35890 602fd350-edb4-49c9-b593-d223f7449a82
 2015-12-12 18:22:02 +00:00