Commit Graph

167 Commits

Author SHA1 Message Date
TimothyBlynJacobs
16784a5ea7 REST API: Optimize rest_filter_response_by_context performance.
In [47758] a new function `rest_filter_response_by_context` was introduced to expand the JSON schema features supported by the context filtering mechanism.

This commit improves the performance of that function by eliminating repetitive comparisons and loops. Additionally, it improves multi-type support for object + array types.

Fixes #50700.
Props dlh.

Built from https://develop.svn.wordpress.org/trunk@48555


git-svn-id: http://core.svn.wordpress.org/trunk@48317 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 21:22:03 +00:00
TimothyBlynJacobs
b8d5e161eb REST API: Issue a _doing_it_wrong when registering a route without a permission callback.
The REST API treats routes without a permission_callback as public. Because this happens without any warning to the user, if the permission callback is unintentionally omitted or misspelled, the endpoint can end up being available to the public. Such a scenario has happened multiple times in the wild, and the results can be catostrophic when it occurs.

For REST API routes that are intended to be public, it is recommended to set the permission callback to the `__return_true` built in function.

Fixes #50075.
Props rmccue, sorenbronsted, whyisjake, SergeyBiryukov, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48526


git-svn-id: http://core.svn.wordpress.org/trunk@48288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 12:03:05 +00:00
Sergey Biryukov
24ed3a9a30 REST API: Correct the check for $version argument in rest_handle_doing_it_wrong().
Move `WP_REST_Response` and `WP_Error` class names out of the translatable string.

Follow-up to [48327], [48361].

See #36271.
Built from https://develop.svn.wordpress.org/trunk@48367


git-svn-id: http://core.svn.wordpress.org/trunk@48136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 09:56:02 +00:00
whyisjake
ad1c6c9586 REST API: Trigger _doing_it_wrong() if wp_send_json() is used on a REST API request
In addition to triggering the `_doing_it_wrong()` logging, also adds a `X-WP-DoingItWrong` header.

Fixes #36271.

Props rmccue, TimothyBlynJacobs.


Built from https://develop.svn.wordpress.org/trunk@48361


git-svn-id: http://core.svn.wordpress.org/trunk@48130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 05:01:07 +00:00
TimothyBlynJacobs
d76e635459 REST API: Add support for the uniqueItems keyword.
Props sorenbronsted.
Fixes #48821.

Built from https://develop.svn.wordpress.org/trunk@48357


git-svn-id: http://core.svn.wordpress.org/trunk@48126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 03:22:03 +00:00
TimothyBlynJacobs
e6f620570d REST API: Correct the return type of rest_sanitize_value_from_schema.
Fixes #45486.
Props birgire, Jean-David, mukesh27, priyankkpatel.

Built from https://develop.svn.wordpress.org/trunk@48307


git-svn-id: http://core.svn.wordpress.org/trunk@48076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-05 00:19:02 +00:00
TimothyBlynJacobs
77b474c905 REST API: Make multi-typed schemas more robust.
A multi-type schema is a schema where the `type` keyword is an array of possible types instead of a single type. For instance, `[ 'object', 'string' ]` would allow objects or string values.

In [46249] basic support for these schemas was introduced. The validator would loop over each schema type trying to find a version that matched. This worked for valid values, but for invalid values it provided unhelpful error messages. The sanitizer also had its utility restricted.

In this commit, the validators and sanitizers will first determine the best type of the passed value and then apply the schema with that set type. In the case that a value could match multiple types, the schema of the first matching type will be used.

To maintain backward compatibility, if unsupported schema types are used, the value will always pass validation. A doing it wrong notice is issued in this case.

Fixes #50300.
Props pentatonicfunk, dlh, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48306


git-svn-id: http://core.svn.wordpress.org/trunk@48075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-05 00:15:05 +00:00
Sergey Biryukov
6adad022e2 Docs: Correct spelling of "backward compatibility" per the Core Contributor Handbook glossary.
Follow-up to [45232].

See #49572.
Built from https://develop.svn.wordpress.org/trunk@48302


git-svn-id: http://core.svn.wordpress.org/trunk@48071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-04 20:42:06 +00:00
TimothyBlynJacobs
5ffac7cab7 REST API: Only validate the format keyword if the type is a string.
This allows for using multi-type support with a string that has a format. For backwards compatibility support, the format validation will still apply if the type is not specified, or it is invalid.

Two new doing it wrong notices are issued when omitting a type, or using an invalid type.

Props ryotsun.
Fixes #50189.

Built from https://develop.svn.wordpress.org/trunk@48300


git-svn-id: http://core.svn.wordpress.org/trunk@48069 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-04 19:53:03 +00:00
TimothyBlynJacobs
8d11801c86 REST API: Link to the REST route for the currently queried resource.
This allows for programatically determining the REST version of the current page. The links also aid human discovery of the REST API in general.

Props dshanske, tfrommen, TimothyBlynJacobs.
Fixes #49116.

Built from https://develop.svn.wordpress.org/trunk@48273


git-svn-id: http://core.svn.wordpress.org/trunk@48042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-02 05:57:01 +00:00
TimothyBlynJacobs
083134f694 REST API: Introduce plugin management and block directory endpoints.
These endpoints facilitate the Block Directory Inserter feature in Gutenberg. Users can now install, activate, deactivate, and delete plugins over the REST API. The block directoryendpoint allows searching for available blocks from the WordPress.org block directory.

Props cklee, talldanwp, noisysocks, joen, soean, youknowriad, dufresnesteven, gziolo, dd32, tellyworth, ryelle, spacedmonkey, TimothyBlynJacobs.
Fixes #50321.


Built from https://develop.svn.wordpress.org/trunk@48242


git-svn-id: http://core.svn.wordpress.org/trunk@48011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-01 04:24:03 +00:00
Sergey Biryukov
c892c420b7 Docs: Miscellaneous DocBlock corrections.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48198


git-svn-id: http://core.svn.wordpress.org/trunk@47967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-28 11:53:04 +00:00
TimothyBlynJacobs
9f14967ff0 REST API: Introduce Block Types endpoint.
This endpoint allows a user to retrieve the block type definition for all server-side registered block types.

Props spacedmonkey, aduth, gziolo, ocean90, TimothyBlynJacobs.
Fixes #47620.

Built from https://develop.svn.wordpress.org/trunk@48173


git-svn-id: http://core.svn.wordpress.org/trunk@47942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 00:46:07 +00:00
TimothyBlynJacobs
9dc7058be9 Themes: Introduce register_theme_feature API.
Currently themes can declare support for a given feature by using add_theme_support(). This commit adds a register_theme_feature() API that allows plugins and WordPress Core to declare a list of available features that themes can support.

The REST API uses this to expose a theme's supported features if the feature has been registered with "show_in_rest" set to true.

Props kadamwhite, spacedmonkey, williampatton, desrosj, TimothyBlynJacobs.
Fixes #49406.

Built from https://develop.svn.wordpress.org/trunk@48171


git-svn-id: http://core.svn.wordpress.org/trunk@47940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 22:13:10 +00:00
whyisjake
d4f243d9a0 REST API: Ensure depracation errors are called while preloading data with the REST API.
Fixes #50318.

Props dlh, TimothyBlynJacobs.


Built from https://develop.svn.wordpress.org/trunk@48150


git-svn-id: http://core.svn.wordpress.org/trunk@47919 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-23 23:04:07 +00:00
Sergey Biryukov
be16bb9fba Docs: Remove extra spaces from @param tags.
Per the documentation standards, `@param` tags should be aligned with each other, but not with the `@return` tag.

See #49572.
Built from https://develop.svn.wordpress.org/trunk@48110


git-svn-id: http://core.svn.wordpress.org/trunk@47879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 12:58:10 +00:00
Sergey Biryukov
a576a13246 Docs: Remove an empty line between @param and @return tags, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48102


git-svn-id: http://core.svn.wordpress.org/trunk@47871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 11:18:09 +00:00
TimothyBlynJacobs
5efaf888a5 REST API: Support the (min|max)Items JSON Schema keywords.
A future commit will add support for the uniqueItems keyword.

Props sorenbronsted.
See #48821.

Built from https://develop.svn.wordpress.org/trunk@47923


git-svn-id: http://core.svn.wordpress.org/trunk@47697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-07 22:42:13 +00:00
Dominik Schilling
aaeab2f3f5 Rest API: Ensure rest_ensure_response() upgrades WP_HTTP_Response to WP_REST_Response.
An instance of `WP_HTTP_Response` doesn't ensure that the required methods used in `WP_REST_Server::dispatch()` exist, currently causing a fatal error.

Props ali11007, TimothyBlynJacobs, ocean90.
Fixes #49495.
Built from https://develop.svn.wordpress.org/trunk@47849


git-svn-id: http://core.svn.wordpress.org/trunk@47625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-23 14:36:09 +00:00
whyisjake
e7150ae5c7 REST API: Ensure proper namespacing when registering routes.
The PR will corerce routes that have a leading slash and throwing a `_doing_it_wrong` notice while ensuring a proper namespace.

Fixes #49749.
Props TimothyBlynJacobs, skarabeq, afercia.


Built from https://develop.svn.wordpress.org/trunk@47842


git-svn-id: http://core.svn.wordpress.org/trunk@47618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-22 20:48:08 +00:00
TimothyBlynJacobs
cf0bfa3856 Coding Standards: Correct docblock indentation.
Fixes PHPCS failure introduced in r47811.

Built from https://develop.svn.wordpress.org/trunk@47812


git-svn-id: http://core.svn.wordpress.org/trunk@47588 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 19:56:09 +00:00
TimothyBlynJacobs
1e524e7322 REST API: Add @since entries for rest_validate_value_from_schema().
See #49572, #48818, #44949, #50053, #48820, #49720, #42961, #44975, #43392, #38583.

Built from https://develop.svn.wordpress.org/trunk@47811


git-svn-id: http://core.svn.wordpress.org/trunk@47587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 19:33:09 +00:00
TimothyBlynJacobs
fe00d7f7bf REST API: Support the JSON Schema pattern keyword.
Props jason_the_adams, birgire, sorenbronsted.
Fixes #44949.

Built from https://develop.svn.wordpress.org/trunk@47810


git-svn-id: http://core.svn.wordpress.org/trunk@47586 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 19:03:08 +00:00
TimothyBlynJacobs
26bda18a23 REST API: Check required properties are provided when validating an object.
Previously, the WP_REST_Request object validated that top-level properties were defined, but this did not extend to those object's required properties. This adds validation to rest_validate_value_from_schema() directly.

Both the v3 and v4 JSON Schema syntax for required properties is supported.

Props sorenbronsted.
Fixes #48818.

Built from https://develop.svn.wordpress.org/trunk@47809


git-svn-id: http://core.svn.wordpress.org/trunk@47585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 18:44:09 +00:00
TimothyBlynJacobs
46854d7322 REST API: Support more JSON Schemas when filtering a response by context.
The array type, multi-types, and the additional properties keyword are now supported. Additionally, the filter recurses to an infinite depth.

Fixes #48819.

Built from https://develop.svn.wordpress.org/trunk@47758


git-svn-id: http://core.svn.wordpress.org/trunk@47534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-04 02:46:05 +00:00
TimothyBlynJacobs
ac3c2fe60a REST API: Support the uuid JSON Schema format.
This accepts a uuid of any version. A future commit could add support for restricting uuids to a specific version.

Props johnwatkins0.
Fixes #50053.

Built from https://develop.svn.wordpress.org/trunk@47753


git-svn-id: http://core.svn.wordpress.org/trunk@47529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-03 19:20:09 +00:00
TimothyBlynJacobs
352cb55cca REST API: Support the (min|max)Length JSON Schema keywords.
Props sorenbronsted.
Fixes #48820.

Built from https://develop.svn.wordpress.org/trunk@47627


git-svn-id: http://core.svn.wordpress.org/trunk@47402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-27 02:29:07 +00:00
Sergey Biryukov
38676936ba Coding Standards: Use strict type check for in_array() and array_search() where strings are involved.
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47550


git-svn-id: http://core.svn.wordpress.org/trunk@47325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-05 03:02:11 +00:00
TimothyBlynJacobs
1367b1175f REST API: Introduce "hex-color" JSON Schema format.
Props spacedmonkey, chrisvanpatten.
Fixes #49270.

Built from https://develop.svn.wordpress.org/trunk@47450


git-svn-id: http://core.svn.wordpress.org/trunk@47237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-12 02:42:08 +00:00
K. Adam White
44e1bbef85 REST API: Correctly infer empty objects passed via query parameters.
Permit passing an empty object as the string "?obj=". The type of the passed empty argument is inferred from the registered schema.

Props TimothyBlynJacobs, steffanhalv, schlessera, dd32.
Fixes #42961.

Built from https://develop.svn.wordpress.org/trunk@47362


git-svn-id: http://core.svn.wordpress.org/trunk@47149 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 15:34:07 +00:00
TimothyBlynJacobs
5ecd61023a REST API: Introduce selective link embedding.
Previously the _embed flag would embed all embeddable links in a response even if only a subset of the links were necessary. Now, a list of link relations can be passed in the _embed parameter to restrict the list of embedded objects.

Props rheinardkorf, adamsilverstein, jnylen0, cklosows, chrisvanpatten, TimothyBlynJacobs.
Fixes #39696.

Built from https://develop.svn.wordpress.org/trunk@47224


git-svn-id: http://core.svn.wordpress.org/trunk@47024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 20:54:05 +00:00
Sergey Biryukov
641c632b0c Coding Standards: Use Yoda conditions where appropriate.
See #49222.
Built from https://develop.svn.wordpress.org/trunk@47219


git-svn-id: http://core.svn.wordpress.org/trunk@47019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 16:55:09 +00:00
Sergey Biryukov
001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov
cf249b07ed I18N: Merge duplicate %1$s is not of type %2$s strings in rest_validate_value_from_schema().
Props ramiy.
Fixes #49244.
Built from https://develop.svn.wordpress.org/trunk@47091


git-svn-id: http://core.svn.wordpress.org/trunk@46891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-20 14:44:06 +00:00
Sergey Biryukov
3d623995a8 Docs: In various @return tags, list the expected type first, instead of WP_Error.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@46696


git-svn-id: http://core.svn.wordpress.org/trunk@46496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-11 02:43:03 +00:00
John Blackbourn
f545bb3f63 Docs: Improve documentation of known return types, plus other docs fixes.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46660


git-svn-id: http://core.svn.wordpress.org/trunk@46460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-05 21:23:02 +00:00
John Blackbourn
b3d6acd6a4 Docs: Fix some incorrect return tags in docblocks.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46644


git-svn-id: http://core.svn.wordpress.org/trunk@46444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-03 22:23:01 +00:00
whyisjake
6c3a387d77 REST API: Allow for multiple Vary: Origin headers in GET responses.
Simple fix, we pass `false` as the second parameter to the header function.

This is something that we added downstream of the 5.2.4 release, but we missed in 5.2/trunk.

Fixes #48309.
Props xknown, whyisjake.

Built from https://develop.svn.wordpress.org/trunk@46544


git-svn-id: http://core.svn.wordpress.org/trunk@46341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-15 15:47:03 +00:00
whyisjake
89468bfb89 REST API: Ensure that we don't generate warnings from sending extra headers after headers have been sent.
Fixes issues stemming from [46478].


Built from https://develop.svn.wordpress.org/trunk@46483


git-svn-id: http://core.svn.wordpress.org/trunk@46281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 16:25:04 +00:00
whyisjake
b224c251ad REST API: Send a Vary: Origin header on GET requests.
Add this header on all GET requests to prevent cached requests.

Props darthhexx, davidbinda, nickdaugherty, whyisjake.

Built from https://develop.svn.wordpress.org/trunk@46478


git-svn-id: http://core.svn.wordpress.org/trunk@46276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 15:43:04 +00:00
K. Adam White
1a8aba96e7 REST API: Fix error in _fields filtering logic where only one of several requested sibling properties would be included.
Props kadamwhite, TimothyBlynJacobs.
Fixes #48266.

Built from https://develop.svn.wordpress.org/trunk@46456


git-svn-id: http://core.svn.wordpress.org/trunk@46254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-10 17:18:03 +00:00
K. Adam White
10772e8499 REST API: Introduce WP_Post_Type::get_rest_controller() caching method to prevent unnecessary REST controller construction.
Cache REST controller references on their associated post type object to prevent unnecessary controller re-instantiation, which previously caused "rest_prepare_{$post_type}" and "rest_{$post_type}_query" to run twice per request.

Props TimothyBlynJacobs, patrelentlesstechnologycom.
Fixes #45677.

Built from https://develop.svn.wordpress.org/trunk@46272


git-svn-id: http://core.svn.wordpress.org/trunk@46084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-23 20:25:57 +00:00
K. Adam White
b15c0d410e REST API: Pass "null" as the post date property to reset post to initial "floating" date value.
Props TimothyBlynJacobs, adamsilverstein, jnylen0, mnelson4.
Fixes #44975.


Built from https://develop.svn.wordpress.org/trunk@46249


git-svn-id: http://core.svn.wordpress.org/trunk@46061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-23 17:25:57 +00:00
K. Adam White
6da9c88729 REST API: Consistently default URL scheme to "rest", not "json".
The "json" scheme is a holdover from the pre-merge plugin version of the REST API, and was corrected elsewhere in core in [34300]. Only "rest" is officially supported in `set_url_scheme()`.

Props DrewAPicture, rmccue.
Fixes #45169.

Built from https://develop.svn.wordpress.org/trunk@46233


git-svn-id: http://core.svn.wordpress.org/trunk@46045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-22 19:15:57 +00:00
K. Adam White
66f907b2eb REST API: Support dot.nested hierarchical properties in _fields query parameter.
Enable clients to opt-in to receipt of one or more specific sub-properties within a response, and not other sub-properties.
Skip potentially expensive filtering and processing for post resources which were explicitly not requested.

Props kadamwhite, TimothyBlynJacobs, dlh.
Fixes #42094.

Built from https://develop.svn.wordpress.org/trunk@46184


git-svn-id: http://core.svn.wordpress.org/trunk@45996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 14:05:55 +00:00
Sergey Biryukov
55378bd295 REST API: Use correct parameter name in rest_validate_value_from_schema() error messages.
Props manzoorwanijk.
Fixes #47905.
Built from https://develop.svn.wordpress.org/trunk@46101


git-svn-id: http://core.svn.wordpress.org/trunk@45913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-13 03:06:55 +00:00
K. Adam White
c148f0aa55 REST API: Accept string path in rest_ensure_request.
Update `rest_ensure_request()` to accept a string path, permitting a string path to be passed to `rest_do_request()` as is indicated (previously inaccurately) in that method's PHPDoc.

Props TimothyBlynJacobs, kadamwhite.
Fixes #40614.

Built from https://develop.svn.wordpress.org/trunk@46099


git-svn-id: http://core.svn.wordpress.org/trunk@45911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 21:47:57 +00:00
Sergey Biryukov
e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Sergey Biryukov
16b8d91baa I18N: Improve translator comments.
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.

Includes minor code layout fixes.

Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!

Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926


git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-01 17:13:59 +00:00
K. Adam White
dbfa0c7ed4 REST API: Clarify arguments passed to rest route get & update callbacks.
Update doc block argument definitions to clarify that the REST API always passes an array to the `get_callback` and always passes an entity object to the `update_callback`.

Props TimothyBlynJacobs, salzano.
Fixes #44432.


Built from https://develop.svn.wordpress.org/trunk@45810


git-svn-id: http://core.svn.wordpress.org/trunk@45621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 20:04:55 +00:00
K. Adam White
5b318f1dda REST API: Support 'object' and 'array' types in register_meta() schemas.
Extends meta registration to support complex schema values, mirroring the functionality in the settings controller.
Error when trying to modify a meta key containing schema-nonconformant data.

Props @TimothyBlynJacobs, @birgire, @mnelson4, @flixos90.
Fixes #43392.


Built from https://develop.svn.wordpress.org/trunk@45807


git-svn-id: http://core.svn.wordpress.org/trunk@45618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 17:17:55 +00:00
Sergey Biryukov
2aa8ce5bc5 REST API: In get_rest_url(), check if $_SERVER['SERVER_NAME'] is set to avoid a PHP warning in CLI context.
Props paulschreiber.
Fixes #47854.
Built from https://develop.svn.wordpress.org/trunk@45771


git-svn-id: http://core.svn.wordpress.org/trunk@45582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-08 20:20:55 +00:00
Sergey Biryukov
ea606165a5 Docs: Add missing description for $wp global.
See #45604, #47110.
Built from https://develop.svn.wordpress.org/trunk@45736


git-svn-id: http://core.svn.wordpress.org/trunk@45547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:28:55 +00:00
Sergey Biryukov
b1e34ccc1f Docs: Add missing description for $wp_rewrite global.
See #45604, #47110.
Built from https://develop.svn.wordpress.org/trunk@45735


git-svn-id: http://core.svn.wordpress.org/trunk@45546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:19:56 +00:00
Sergey Biryukov
e85a5c64a3 REST API: Allow rest_get_avatar_urls() to accept full user, post, or comment objects, rather than just an email address, to provide better flexibility for alternative avatar data.
Since the function uses `get_avatar_url()` internally, which already supports it, this should not have any backward compatibility concerns.

Props donmhico, dshanske, pputzer, joehoyle, TimothyBlynJacobs.
Fixes #40030.
Built from https://develop.svn.wordpress.org/trunk@45632


git-svn-id: http://core.svn.wordpress.org/trunk@45443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-14 14:35:56 +00:00
Sergey Biryukov
e23ce44744 REST API: Call WP_REST_Server::get_compact_response_links() and ::get_raw_data() static methods the right way.
Props andizer, TimothyBlynJacobs.
Fixes #47578.
Built from https://develop.svn.wordpress.org/trunk@45566


git-svn-id: http://core.svn.wordpress.org/trunk@45377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-26 18:07:54 +00:00
Sergey Biryukov
c77e771c84 Date/Time: Replace all instances of date() with gmdate().
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).

`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.

Props nielsdeblaauw, Rarst.
Fixes #46438. See #44491.
Built from https://develop.svn.wordpress.org/trunk@45424


git-svn-id: http://core.svn.wordpress.org/trunk@45235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-26 00:12:54 +00:00
K. Adam White
391d481fe1 REST API: Ensure "Allow" header is returned for OPTIONS requests.
This changeset ensures `$request->set_url_params()` is called while fulfilling OPTIONS requests, where previously it was skipped because OPTIONS requests short-circuit the logic in `dispatch` which handles this setup for other request methods. Omitting the URL parameters prevented the Allow header from being set.

Props killua99, noisysocks.
Fixes #45753.

Built from https://develop.svn.wordpress.org/trunk@44933


git-svn-id: http://core.svn.wordpress.org/trunk@44764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-19 03:22:51 +00:00
Dominik Schilling
fe73f310d4 REST API: Prevent translating the hook name in a _doing_it_wrong() message by using a placeholder.
See #45265.
Built from https://develop.svn.wordpress.org/trunk@44698


git-svn-id: http://core.svn.wordpress.org/trunk@44529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-26 12:29:54 +00:00
desrosj
2785313bf2 REST API: Encourage proper usage of register_rest_route().
Calling `register_rest_route()` too early in the loading process has the potential to cause some unintentional problems and pitfalls. Because `register_rest_route()` calls `rest_get_server()` (which creates the `WP_REST_Server` instance), calling the function directly and/or before `rest_api_init` should be discouraged.

For example, if `register_rest_route ()` is called on `init`, the REST API server instance is set up (and all functions added to `rest_api_init` and other related hooks are invoked), even though the current request may not be a REST request. Also, if `register_rest_route()` is called even earlier (say, in an `mu-plugin` file), required endpoints may be missing since normal plugins have not yet been loaded and have not had a chance to register their own action hooks.

This adds a `_doing_it_wrong()` notice the first time `register_rest_route()` is called before `rest_api_init` in a request to encourage best practices for registering REST API routes.

Props kraftbj, desrosj, timothyblynjacobs.
Fixes #45265.
Built from https://develop.svn.wordpress.org/trunk@44568


git-svn-id: http://core.svn.wordpress.org/trunk@44399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-11 18:19:49 +00:00
Felix Arntz
a71d208785 General: Fix problematic string to array parsing.
WordPress has historically often used code like `preg_split( '/[\s,]+/', $var )` to parse a string of comma-separated values into an array. However, this approach was causing an empty string to not be parsed into an empty array as expected, but rather into an array with the empty string as its sole element.

This was among other areas causing problems in the REST API where passing an empty request parameter could cause that request to fail because, instead of it being ignored, that parameter would be compared against the valid values for it, which typically do not include an empty string.

Props david.binda, sstoqnov.
Fixes #43977.

Built from https://develop.svn.wordpress.org/trunk@44546


git-svn-id: http://core.svn.wordpress.org/trunk@44377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-10 21:06:49 +00:00
Gary Pendergast
d2782aabc5 REST API: Improve performance by avoiding call_user_func().
The `get_compact_response_links()` method was introduced in WP 4.5, and this conditional is no longer necessary.

Merges [43834] from the 5.0 branch to trunk.

Props schlessera, timothyblynjacobs.
Fixes #45189.

Built from https://develop.svn.wordpress.org/trunk@44173


git-svn-id: http://core.svn.wordpress.org/trunk@44003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 06:04:55 +00:00
Gary Pendergast
d8863244cb Block Editor: Preload wp/v2/media with OPTIONS for caps check.
Also introduces a `block_editor_preload_paths` filter for plugins and themes to preload additional data.

Merges [43833] from the 5.0 branch to trunk.

Props imath, mattheu, danielbachhuber.
Fixes #45194.


Built from https://develop.svn.wordpress.org/trunk@44172


git-svn-id: http://core.svn.wordpress.org/trunk@44002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 06:02:52 +00:00
Jeremy Felt
c3e927d2c8 REST API: Add endpoints for blocks.
`WP_REST_Block_Renderer_Controller` allows rendering of server-side rendered blocks, whilst `WP_REST_Blocks_Controller` allows retrieving of reusable blocks.

Merges [43805] and [43806] from the 5.0 branch to trunk.

Props desrosj, danielbachhuber, pento, Presskopp, swissspidy.
See #45065, #45098.

Built from https://develop.svn.wordpress.org/trunk@44150


git-svn-id: http://core.svn.wordpress.org/trunk@43980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 02:35:38 +00:00
desrosj
d4d16ec083 REST API: Introduce Autosaves controller and endpoint.
- Adds `WP_REST_Autosaves_Controller` which extends `WP_REST_Revisions_Controller`.
- Autosaves endpoint is registered for all post types except attachment because even post types without revisions enabled are expected to autosave.
- Because setting the `DOING_AUTOSAVE` constant pollutes the test suite, autosaves tests are run last. We may want to improve upon this later. 

Also, use a truly impossibly high number in User Controller tests. The number `100`, (or `7777` in `trunk`), could be valid in certain test run configurations. The `REST_TESTS_IMPOSSIBLY_HIGH_NUMBER` constant is impossibly high for this very reason.

Finally, Skip Autosaves controller test for multisite. There's a PHP 5.2 edge case where paths calculated differently, possibly caused by differing version of PHPUnit.

Props adamsilverstein, aduth, azaozz, danielbachhuber, rmccue, danielbachhuber.

Merges [43767], [43768], [43769] to trunk.

See #45132, #45131.
Fixes #45128, #43316.
Built from https://develop.svn.wordpress.org/trunk@44126


git-svn-id: http://core.svn.wordpress.org/trunk@43956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 22:42:38 +00:00
desrosj
d16e6740d5 REST API: Introduce the rest_preload_api_request() function.
This function helps perform multiple REST API requests, for the purpose of preloading data into a page.

Props pento.

Merges [43763] to trunk.

See #45110.
Built from https://develop.svn.wordpress.org/trunk@44123


git-svn-id: http://core.svn.wordpress.org/trunk@43953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 22:25:49 +00:00
Gary Pendergast
6cbb6f9bd2 REST API: Introduce controller for searching across post types.
Introduces a `WP_REST_Search_Controller` class which registers a `/wp/v2/search` endpoint. Search types are handled by extending `WP_REST_Search_Handler`. The default search type is `WP_REST_Post_Search_Handler` but can be filtered by plugins or a theme.

Merges [43739,43741] from the 5.0 branch to trunk.

Props danielbachhuber, flixos90, pento, rmccue, joehoyle.
Fixes #39965.


Built from https://develop.svn.wordpress.org/trunk@44107


git-svn-id: http://core.svn.wordpress.org/trunk@43937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 09:38:25 +00:00
Jeremy Felt
c108cbfa52 REST API: Introduce themes endpoint to expose theme-supports values for the active theme.
In order to correctly render parts of its UI, the new editor needs to be aware of the active theme's post-formats and post-thumbnails support. This data is exposed by querying for the active theme on a new /wp/v2/themes endpoint for sufficiently privileged users.

Merges [43734], [43735] to trunk.

props desrosj.
Fixes #45016.

Built from https://develop.svn.wordpress.org/trunk@43985


git-svn-id: http://core.svn.wordpress.org/trunk@43817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-12 03:33:24 +00:00
desrosj
a36830c4cb REST API: Enable users with read_private_posts to query for them.
An authorized request with the read_private_posts capability for a post type should be able to GET /wp/v2/posts for posts of status=private. This query is further sanity-checked by WP_REST_Posts_Controller->check_read_permission(), which is unchanged.

Props rachelbaker, soulseekah, twoelevenjay.

Moves [43694] from the 5.0 branch to trunk.

Fixes #43701.
Built from https://develop.svn.wordpress.org/trunk@43979


git-svn-id: http://core.svn.wordpress.org/trunk@43811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-11 22:30:24 +00:00
Gary Pendergast
aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Ryan McCue
9b68e59534 REST API: Ensure rest_url() consistently has leading slash.
`rest_url()` inconsistent addes slashes to the passed path depending on whether the site has pretty permalinks enabled. Apart from being inconsistent, this also caused the unit tests to fail when pretty permalinks are enabled.

Props frank-klein.
Fixes #42452. See #41451.

Built from https://develop.svn.wordpress.org/trunk@42250


git-svn-id: http://core.svn.wordpress.org/trunk@42079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-28 07:10:46 +00:00
Joe Hoyle
bebb0b0d82 REST API: Don’t remove unregistered properties from objects in schema.
In r41727 the ability to sanitise and validate objects from JSON schema was added, with a whitelist approach. It was decided we should pass through all non-registered properties to reflect the behaviour of the root object in register_rest_route. To prevent arbitrary extra data via setting objects, we force additionalProperties to false in the settings endpoint.

See #38583.
Built from https://develop.svn.wordpress.org/trunk@42000


git-svn-id: http://core.svn.wordpress.org/trunk@41834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-24 21:05:49 +00:00
K. Adam White
37ec288f71 REST API: Add _fields parameter to selectively include fields in response JSON.
Allows REST API consumers to specify the specific fields needed in their application code, whitelisting those fields and omitting all others from the returned JSON response object.
This permits applications that only need for example the ID and title of posts to avoid having to transfer the entire rendered post content over the wire alongside the desired fields.
While this whitelisting has no affect on the queries run when preparing the response, it can yield significant reductions in the bandwidth required to transfer a response payload for simple applications.

Props adamsilverstein, TimothyBlynJacobs, svrooij.
Fixes #38131.


Built from https://develop.svn.wordpress.org/trunk@41744


git-svn-id: http://core.svn.wordpress.org/trunk@41578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 18:46:38 +00:00
Joe Hoyle
f276b4901b REST API: Support for objects in schema validation and sanitization.
When registering routes developers can now define their complex objects in the schema and benefit from the automatic validation and sanitization in the REST API. This also paves the way for support for complex object registration via register_meta and register_setting.

See #38583.
Props TimothyBlynJacobs5.
Built from https://develop.svn.wordpress.org/trunk@41727


git-svn-id: http://core.svn.wordpress.org/trunk@41561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 08:27:47 +00:00
James Nylen
fce0b2dcd9 REST API: Always call rest_get_server() instead of accessing the $wp_rest_server global.
This is a consistency improvement and also a bug fix for fairly obscure cases involving modified WP load order.

Fixes #41555.

Built from https://develop.svn.wordpress.org/trunk@41238


git-svn-id: http://core.svn.wordpress.org/trunk@41078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-10 01:38:43 +00:00
Gary Pendergast
7819daefd2 REST API: Always add index.php to the REST URL when pretty permalinks are disabled.
When pretty permalinks are disabled, the web server will internally forward requests to `index.php`. Unfortunately, nginx only forwards HTTP/1.0 methods: `PUT`, `PATCH`, and `DELETE` methods will return a 405 error.

To work around this nginx behaviour, including `index.php` in the REST URL skips the internal redirect.

Fixes #40886.


Built from https://develop.svn.wordpress.org/trunk@41139


git-svn-id: http://core.svn.wordpress.org/trunk@40979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-25 00:50:43 +00:00
John Blackbourn
f750a800d0 REST API: In the admin area, ensure the REST API endpoint URL is forced to https when necessary.
In this situation, a site which uses `http` on the front end but `https` in the admin area is more likely to have a working REST API endpoint URL when used in the admin area.

Props mohanjith, westonruter, jnylen0

Fixes #36451

Built from https://develop.svn.wordpress.org/trunk@40843


git-svn-id: http://core.svn.wordpress.org/trunk@40694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-25 18:02:41 +00:00
James Nylen
21b1135b1c REST API: Do not set X-WP-Deprecated* headers as often.
Only set these headers if (1) `WP_DEBUG` is enabled and (2) headers have not already been sent.

Previously, this code could generate warnings by trying to set a header after response data has already been sent.  This happens when code attached to the `shutdown` filter calls a deprecated function, for example.

Also, these headers are unlikely to be useful in the majority of cases; let's only send them if `WP_DEBUG` is enabled.

Props kraftbj, jnylen0, ocean90, rmccue.
Fixes #40787.

Built from https://develop.svn.wordpress.org/trunk@40782


git-svn-id: http://core.svn.wordpress.org/trunk@40640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-18 17:49:42 +00:00
Rachel Baker
195b227357 Formatting: Increase minimum characters allowed in is_email() to 6.
Brings the minimum characters expected for a valid email address to six, which matches the expectations in `wp_handle_comment_submission()` and REST API email arguments.

Props rmccue, lukecavanagh, rachelbaker, desrosj, sudar.
Fixes #38708.

Built from https://develop.svn.wordpress.org/trunk@40667


git-svn-id: http://core.svn.wordpress.org/trunk@40530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-14 04:20:43 +00:00
Ryan McCue
027e8d9218 REST API: Allow "Origin: null" from file: URLs.
Browsers send an "Origin: null" header value for file and data URLs, as they can be generated by any document, and their origin is not guaranteed. Since we want to allow any URL to access the API (intentionally disabling the CORS protections), we need to special-case the non-URL "null" value.

Props joehoyle.
Fixes #40011.

Built from https://develop.svn.wordpress.org/trunk@40600


git-svn-id: http://core.svn.wordpress.org/trunk@40470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-10 04:22:43 +00:00
James Nylen
b6ce4e2830 REST API: Fix multiple issues with setting dates of posts and comments.
This commit modifies the `rest_get_date_with_gmt` function to correctly parse local and UTC timestamps with or without timezone information.

It also ensures that the REST API can edit the dates of draft posts by setting the `edit_date` flag to `wp_update_post`.

Overall this commit ensures that post and comment dates can be set and updated as expected.

Fixes #39256.

Built from https://develop.svn.wordpress.org/trunk@40101


git-svn-id: http://core.svn.wordpress.org/trunk@40038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-21 18:18:45 +00:00
Sergey Biryukov
234f2040a8 Docs: Use third-person singular verb for rest_avatar_sizes filter description.
See #39130.
Built from https://develop.svn.wordpress.org/trunk@40047


git-svn-id: http://core.svn.wordpress.org/trunk@39984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-06 02:58:40 +00:00
Joe Hoyle
e357195ce3 REST API: Unify object access handling for simplicity.
Rather than repeating ourselves, unifying the access into a single method keeps everything tidy. While we're at it, add in additional schema handling for common parameters.

See #38792.
Built from https://develop.svn.wordpress.org/trunk@39954


git-svn-id: http://core.svn.wordpress.org/trunk@39891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 13:39:41 +00:00
Ryan McCue
1326d9e2c7 REST API: Correctly serve the index with PATH_INFO
When hitting the index, untrailingslashit() would make the REST route empty, which would then use the fallback inside WP_REST_Server. This isn't a problem most of the time, but WP_REST_Server contains a fallback to PATH_INFO. Combined with PATH_INFO permalinks, this would give a 404 on the API index, as it attempts to look up a route for "/wp-json/".

Props ccprog.
Fixes #39432.

Built from https://develop.svn.wordpress.org/trunk@39923


git-svn-id: http://core.svn.wordpress.org/trunk@39860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-17 05:40:40 +00:00
Sergey Biryukov
b3c28838f7 REST API: Improve error messages for number relational validation.
Props jblz.
Fixes #39054.
Built from https://develop.svn.wordpress.org/trunk@39896


git-svn-id: http://core.svn.wordpress.org/trunk@39833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-13 04:38:40 +00:00
John Blackbourn
d327c92e4b Docs: Add and correct @since docs for a variety of functions and methods.
Props keesiemeijer, chris_dev
Fixes #39343, #39357, #39344
See #39130

Built from https://develop.svn.wordpress.org/trunk@39638


git-svn-id: http://core.svn.wordpress.org/trunk@39578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-27 09:21:44 +00:00
Rachel Baker
606c9905ef REST API: Fix incorrect uses of rest_sanitize_value_from_schema().
In the `check_username()` and `check_password()` callbacks in the Users controller cast the provided request value to a string. The `rest_sanitize_value_from_schema()` function was being used incorrectly which was causing unintended request parsing. 
In `rest_sanitize_request_arg()` do not pass nonexistent third parameter for the `rest_sanitize_value_from_schema()` function.

Props jnylen0, joehoyle, rachelbaker, ocean90.
Fixes #38984.
Built from https://develop.svn.wordpress.org/trunk@39400


git-svn-id: http://core.svn.wordpress.org/trunk@39340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-01 02:12:41 +00:00
Ryan McCue
863505cf81 REST API: Trim trailing slashes from routes.
WordPress' rewrites do this usually, but the behaviour was inconsistent when using non-pretty permalinks.

Props joehoyle.
Fixes #38873.

Built from https://develop.svn.wordpress.org/trunk@39329


git-svn-id: http://core.svn.wordpress.org/trunk@39269 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 05:46:30 +00:00
Joe Hoyle
a38b863ae4 REST API: Change “ipv4” types to “ip” to support ipv6.
Stop presuming IP address are IPv4, instead make the type “ip” to be agnostic of IP version. This fixes requests with ipv6 addresses for comments in core.

Props dd32, schlessera, danielbachhuber.
Fixes #38818.
Built from https://develop.svn.wordpress.org/trunk@39296


git-svn-id: http://core.svn.wordpress.org/trunk@39236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 19:33:31 +00:00
Sergey Biryukov
acc30b09d7 Text Changes: Merge some duplicate strings with the same meaning in error messages, adjust some other strings for consistency and accuracy.
Props ramiy, SergeyBiryukov.
Fixes #38808.
Built from https://develop.svn.wordpress.org/trunk@39278


git-svn-id: http://core.svn.wordpress.org/trunk@39218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-17 15:53:33 +00:00
Ryan McCue
0f5a44e093 REST API: Move translator comments to preceding line.
Inline translator comments break POT file generation.

Props dd32.
See #38791.

Built from https://develop.svn.wordpress.org/trunk@39239


git-svn-id: http://core.svn.wordpress.org/trunk@39179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 05:39:32 +00:00
Ryan McCue
705f17cea2 REST API: Add translator comments to text with placeholders.
Props dimadin.
Fixes #38791.

Built from https://develop.svn.wordpress.org/trunk@39238


git-svn-id: http://core.svn.wordpress.org/trunk@39178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 04:28:31 +00:00
Joe Hoyle
5c90d9ed8e REST API: Validate and Sanitize registered meta based off the schema.
With the addition of Array support in our schema validation functions, it's now possible to use these in the meta validation and sanitization steps. Also, this increases the test coverage of using registered via meta the API significantly.

Fixes #38531.
Props rachelbaker, tharsheblows.

Built from https://develop.svn.wordpress.org/trunk@39222


git-svn-id: http://core.svn.wordpress.org/trunk@39162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-14 16:36:33 +00:00
Ryan McCue
d6a5c68516 REST API: Require 6 characters for comment email addresses.
The regular comments API requires 6 characters rather than 3, so we need to match this.

Props mangeshp, dd32.
Fixes #38506.

Built from https://develop.svn.wordpress.org/trunk@39158


git-svn-id: http://core.svn.wordpress.org/trunk@39098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 06:42:32 +00:00
Joe Hoyle
6ee8f33660 REST API: Sanitize arrays being sent as CSVs.
In #38586 the ability to parse arrays as csv was introduced, however it didn't add any support for validating csv arrays. This adds such sanitization, and also a good amount of unit tests for all sanitization baed off schema.

See #38586.

Built from https://develop.svn.wordpress.org/trunk@39061


git-svn-id: http://core.svn.wordpress.org/trunk@39003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 17:08:31 +00:00
Gary Pendergast
54b378e411 REST API: Allow parameters defined as array to be sent as CSVs.
This allows parameters that are often handled as CSVs to be properly parsed.

Fixes #38586.


Built from https://develop.svn.wordpress.org/trunk@39048


git-svn-id: http://core.svn.wordpress.org/trunk@38990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 05:45:32 +00:00
Gary Pendergast
6c1e98d1fb REST API: Add support for arrays in schema validation and sanitization.
By allowing more fine-grained validation and sanitisation of endpoint args, we can ensure the correct data is being passed to endpoints.

This can easily be extended to support new data types, such as CSV fields or objects.

Props joehoyle, rachelbaker, pento.
Fixes #38531.


Built from https://develop.svn.wordpress.org/trunk@39046


git-svn-id: http://core.svn.wordpress.org/trunk@38988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 01:48:41 +00:00
Gary Pendergast
69539eb2a7 REST API: Add PATCH to CORS allowed methods.
Editable resources in the REST API accept the `PATCH` method, but the CORS headers don't mention it.

Props jnylen0.
Fixes #38546.


Built from https://develop.svn.wordpress.org/trunk@39042


git-svn-id: http://core.svn.wordpress.org/trunk@38984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 00:19:30 +00:00
Drew Jaynes
0181e937c5 Docs: Add a slightly less ambiguous list of return types for rest_ensure_response().
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39037


git-svn-id: http://core.svn.wordpress.org/trunk@38979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:53:29 +00:00
Rachel Baker
e4a7c0a397 REST API: Introduce the Content API endpoints.
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.

Love your REST API, WordPress!  The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"

Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes #38373.
Built from https://develop.svn.wordpress.org/trunk@38832


git-svn-id: http://core.svn.wordpress.org/trunk@38775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-20 02:55:32 +00:00