Commit Graph

44551 Commits

Author SHA1 Message Date
Sergey Biryukov
1fdea15a96 Coding Standards: Fix some WPCS errors and warnings in wp-admin/user-edit.php:
* Add missing translators comment.
* Add missing space, correct indentation.
* Put opening and closing PHP tag on a line by itself.
* Remove unnecessary escaping for consistency with other strings.

Follow-up to [51980].

See #53658.
Built from https://develop.svn.wordpress.org/trunk@51988


git-svn-id: http://core.svn.wordpress.org/trunk@51577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 20:19:59 +00:00
johnjamesjacoby
88e9e36233 Help/About: add WordPress version to contextual "Help" sidebar area.
This change adds a new way for users to quickly identify what version of WordPress they are looking at, directly from the "Help" sidebar on the main "Dashboard" page.

* Stable versions will link to their respective support documents.
* Development versions (alpha/beta/RC) will not link anywhere.

Props audrasjb, costdev, donmhico, hellofromtonya, ipstenu, justinahinon, karmatosed, knutsp, marybaum, sergeybiryukov, webcommsat.

Fixes #47848.
Built from https://develop.svn.wordpress.org/trunk@51985


git-svn-id: http://core.svn.wordpress.org/trunk@51574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 19:09:03 +00:00
johnjamesjacoby
43644069ea Permalinks: Sanitize non-visible characters inside sanitize_title_with_dashes().
This change prevents non-visible characters in titles from creating encoded values in permalinks, opting instead for the following replacement strategy:

* Non-visible non-zero-width characters are replaced with hyphens
* Non-visible zero-width characters are removed entirely

Included with this change are 64 additional PHPUnit assertions to confirm that only the targeted non-visible characters are sanitized as intended.

Before this change, URLs would unintentionally contain encoded values where these non-visible characters were. After this change, URLs intentionally strip out or hyphenate these non-visible characters.

Props costdev, dhanendran, hellofromtonya, paaljoachim, peterwilsoncc, poena, sergeybiryukov.

Fixes #47912.
Built from https://develop.svn.wordpress.org/trunk@51984


git-svn-id: http://core.svn.wordpress.org/trunk@51573 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 18:47:57 +00:00
Sergey Biryukov
3ab8d52d78 Media: Use WP_Query::get() method to retrieve the posts_per_page value in wp_ajax_query_attachments().
This avoids a PHP notice and ensures that a default value is always provided if none is set by the user.

Follow-up to [51145], [51485].

Props davidwebca, mukesh27.
Fixes #54129.
Built from https://develop.svn.wordpress.org/trunk@51982


git-svn-id: http://core.svn.wordpress.org/trunk@51571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 18:30:02 +00:00
johnjamesjacoby
fae48afc92 Application Passwords: display guiding text & link in user-edit.php when unavailable.
This change intends to avoid confusion around the requirements of the Application Passwords feature, specific to it requiring HTTPS and the `WP_ENVIRONMENT_TYPE` constant.

It does this by conditionally hiding the traditional UI and showing some insightful explanations instead, including a translatable link to the `WP_ENVIRONMENT_TYPE` documentation on the "Editing wp-config.php" support page.

Props ashfame, audrasjb, iluy, johnbillion.

Fixes  #53658.
Built from https://develop.svn.wordpress.org/trunk@51980


git-svn-id: http://core.svn.wordpress.org/trunk@51569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:57:03 +00:00
johnjamesjacoby
6d451fb64b Admin/UI-Copy: reword some "we" usages.
This changes some admin-area, user-facing text, to better match the guidelines and recommendations set forth in the make/core handbook, specifically:

> the word “we” should be avoided (...) unless its made very clear which group is speaking

(There are several more usages of "we" that will receive this same scrutiny in future commits/releases.)

Props audrasjb, johnbillion, marybaum, peterwilsoncc, sergeybiryukov, shital-patel.

Fixes  #46057.
Built from https://develop.svn.wordpress.org/trunk@51979


git-svn-id: http://core.svn.wordpress.org/trunk@51568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:37:57 +00:00
johnjamesjacoby
f5991aed63 Themes: Introduce get_header_image_tag_attributes hook.
This change adds a filter inside of the `get_header_image_tag()` function allowing developers to filter the attributes of the header image HTML tag before they are escaped, concatenated, and returned.

Before this change, it was not possible to externally and preemptively intercept this array of attributes. After this change, these attributes can now be easily filtered, matching it nicely to the `wp_get_attachment_image_attributes` hook.

Props audrasjb, chaion07, junaidbhura, sabernhardt.

Fixes #38942.
Built from https://develop.svn.wordpress.org/trunk@51978


git-svn-id: http://core.svn.wordpress.org/trunk@51567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:21:58 +00:00
johnjamesjacoby
f60dae0731 Admin/Menu: include 960 exact pixel width in collapse measurements.
This change removes a 1 pixel gap in the measurement of the viewport width when clicking the "Collapse menu" button (at the bottom of the admin menu UI) when already collapsed, causing the menu not to open as intended when exactly 960 pixels wide.

Before this change, the menu would be stuck in the collapsed position. After this change, the menu opens as expected.

Props abesell132, ankit-k-gupta, audrasjb, boniu91, mai21, sabernhardt, webaxones.

Fixes #54210.
Built from https://develop.svn.wordpress.org/trunk@51977


git-svn-id: http://core.svn.wordpress.org/trunk@51566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:07:57 +00:00
johnjamesjacoby
dd7cb532a1 Admin/Discussion Settings: attempt to clarify intent of "Default post settings" section.
This changes the descriptive text underneath 3 settings that are frequently overridden by individual posts & pages, and are also often misunderstood to work differently than they do.

"(These settings may be overridden for individual posts.)"

...becomes...

"Individual posts may override these settings. Changes here will only be applied to new posts."

* Parenthesis were removed to improve text layout and flow for RTL languages.
* Original statement was reworded to emphasize "individual posts".
* New statement provides clarity to users about settings changes not being retroactive.

Props audrasjb, johnjamesjacoby, sabbirshouvo, sabernhardt, tobifjellner.

Fixes #54300.
Built from https://develop.svn.wordpress.org/trunk@51976


git-svn-id: http://core.svn.wordpress.org/trunk@51565 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 16:42:59 +00:00
johnjamesjacoby
791998fb7c Admin/Comments: remove bespoke truncation from search string HTML.
This change removes a call to `wp_html_excerpt()` used on the HTML output of the search string, supplied by the current user in the previous page request via the named `s` input in the search-box UI.

If the search string is extremely long, it wraps around the available empty space in a way that is not visually displeasing, confirming that truncation is not a requirement here.

This also addresses a small accessibility concern as the non-truncated string was not alternatively presented, and helps normalize the output of `$_REQUEST['s']` for more broad improvements in the future.

Props hareesh-pillai, jakubtyrcha, johnjamesjacoby, lukecavanagh, sabernhardt.

Fixes #17636.
Built from https://develop.svn.wordpress.org/trunk@51975


git-svn-id: http://core.svn.wordpress.org/trunk@51564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 15:57:59 +00:00
joedolson
a5293aa581 Build/Test Tools: Restore changes to package.json.
Reverts changes to package.json and package-lock.json accidentally committed in [51967].

Props tobiasbg.
Fixes #54054.
Built from https://develop.svn.wordpress.org/trunk@51974


git-svn-id: http://core.svn.wordpress.org/trunk@51563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 14:26:14 +00:00
hellofromTonya
cf0274e1ca REST API: Add URL Details endpoint.
Adds a new REST API endpoint (`/wp-block-editor/v1/url-details`) for retrieving information from an external URL.

Information retrieved:

* Title: content of the `<title>` element
* Icon: favicon image link
* Description: content of the `description` or `og:description` meta element
* Image: OG image link

This endpoint is used by the block editor for link previews.

Props get_dave, aduth, andraganescu, beaulebens, hellofromTonya, kevin940726, mamaduka, marekhrabe, mnelson4, noisysocks, obenland, ocean90, retrofox, shaunandrews, spacedmonkey, swissspidy, timothyblynjacobs, xknown, youknowriad.
Fixes #54358.
Built from https://develop.svn.wordpress.org/trunk@51973


git-svn-id: http://core.svn.wordpress.org/trunk@51562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 12:48:00 +00:00
joedolson
c90e2fe4f2 Widgets: Remove unused CSS breaking wp_text_diff layout.
Remove CSS used in version of `wp_text_diff` prior to [50034]. Orphaned CSS breaks default layout of function output, but is overridden in the revisions screen.

Props mt8.biz, hareesh-pillai, mukesh27.
Fixes #54140.
Built from https://develop.svn.wordpress.org/trunk@51972


git-svn-id: http://core.svn.wordpress.org/trunk@51561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 23:14:00 +00:00
joedolson
67779da49f Widgets: Use a text-based button to select location.
The WordPress Events and News widget used an icon-only button to select a location. The Pencil icon alone provided insufficient context and labeling for accessibility. Add text to clearly describe button action and change icon to represent a location marker. 

Props AmethystAnswers, sabernhardt.
Fixes #53311.
Built from https://develop.svn.wordpress.org/trunk@51971


git-svn-id: http://core.svn.wordpress.org/trunk@51560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:54:57 +00:00
hellofromTonya
69dc72d0b9 Site Health: Internationalizes count in the info section headings.
If a site health info section includes the `show_count` parameter, this commit internationalizes the count.

Follow-up to [45176].

Props johnbillion, swissspidy.
Fixes #54341.
Built from https://develop.svn.wordpress.org/trunk@51970


git-svn-id: http://core.svn.wordpress.org/trunk@51559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:36:59 +00:00
joedolson
a841368a3e Editor: Include post's title in editor title element.
Include the current post title in the `title` element when editing a post. Improve accessibility by distinguishing between different edit screens in the browser tab list. 

Props skierpage, alexstine, audrasjb, sabernhardt.
Fixes #52314.
Built from https://develop.svn.wordpress.org/trunk@51969


git-svn-id: http://core.svn.wordpress.org/trunk@51558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:32:58 +00:00
hellofromTonya
1c73f953c3 Build/Test Tools: Ignore "null to nullable" deprecations for select tests.
Adds an expectation for PHP 8.1 "passing null to non-nullable" deprecation notice to select tests where the deprecation is generated by one of the functions in the `wp-includes/formatting.php` file, either via a filter hook callback or by a direct call.

Instead of haphazardly fixing these issues exposed by the tests, a more structural and all-encompassing solution for input validation should be architected and implemented as otherwise, we'll keep running into similar issues time and again with each new PHP version.

To discourage people from "fixing" these issues now anyway, this commit "hides" nearly all of these issues from the test runs.

Once a more structural solution is designed, these tests and the underlying functions causing the deprecation notices should be revisited and the structural solution put in place.

Includes a few minor other tweaks to select tests:
* Removing a stray `return` (twice) from assertion statements.
* Removing calls to `ob_*()` functions in favour of letting PHPUnit manage the output catching. This prevents warnings along the lines of `Test code or tested code did not (only) close its own output buffers`.

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51968


git-svn-id: http://core.svn.wordpress.org/trunk@51557 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:24:00 +00:00
joedolson
a3a61c5a3e General: Remove role="navigation" from nav elements.
Role="navigation" was required for assistive technology to recognize HTML5 element's native ARIA roles while HTML5 and ARIA were being introduced. With the deprecation of IE11, the role attribute is only required when mapping elements that don't have native role.

Props costdev, mukesh27.
Fixes #54054.
Built from https://develop.svn.wordpress.org/trunk@51967


git-svn-id: http://core.svn.wordpress.org/trunk@51556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 21:47:13 +00:00
hellofromTonya
78e5b8481c Application Passwords: Add end-to-end (e2e) tests.
Adds end-to-end (e2e) tests for the following test scenarios:
* Create a new application password.
* Create an application password with an existing name.
* Revoke a single application password.
* Bulk revoke applications passwords.

Follow-up to [49109], [49276], [49562], [50001], [50367], [51463].

Props justinahinon, swissspidy, juhise, kevin940726, isabel_brison.
Fixes #54241.
Built from https://develop.svn.wordpress.org/trunk@51966


git-svn-id: http://core.svn.wordpress.org/trunk@51555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 21:42:00 +00:00
Sergey Biryukov
b855ffec3f Docs: Add a @since note for the rest_namespace argument of register_post_type() and register_taxonomy().
Use 3-digit, x.x.x-style semantic versioning for `@since` tags of the `$rest_namespace` property in `WP_Post_Type` and `WP_Taxonomy`.

Add a `@since` note to `WP_REST_Taxonomies_Controller::get_item_schema()` for the `visibility` and `rest_namespace` properties.

The `rest_base` property was also added after the method was initially introduced, but that happened during the same release cycle, so it doesn't need a separate `@since` note.

Follow-up to [38832], [39191], [42729], [51959], [51961], [51962], [51964].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51965


git-svn-id: http://core.svn.wordpress.org/trunk@51554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 14:31:00 +00:00
TimothyBlynJacobs
c0995319f4 REST API: Support custom namespaces for taxonomies.
While a taxonomy can define a custom route by using the rest_base argument, a namespace of wp/v2 was assumed. This commit introduces support for a rest_namespace argument.

A new rest_get_route_for_taxonomy_items function has been introduced and the rest_get_route_for_term function updated to facilitate getting the correct route for taxonomies.

For maximum compatibility sticking with the default wp/v2 namespace is recommended until the API functions see wider use.

Props spacedmonkey.
Fixes #54267.
See [51962].

Built from https://develop.svn.wordpress.org/trunk@51964


git-svn-id: http://core.svn.wordpress.org/trunk@51553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 03:27:55 +00:00
Gary Pendergast
2c3205bb84 KSES: Add options for restricting tags based upon their attributes.
This change adds two now attribute-related config options to KSES:
- An array of allowed values can be defined for attributes. If the attribute value doesn't fall into the list, the attribute will be removed from the tag.
- Attributes can be marked as required. If a required attribute is not present, KSES will remove all attributes from the tag. As KSES doesn't match opening and closing tags, it's not possible to safely remove the tag itself, the safest fallback is to strip all attributes from the tag, instead.

Included with this change is an implementation of these options, allowing the `<object>` tag to be stored in posts, but only when it has a `type` attribute set to `application/pdf`.

Props pento, swissspidy, peterwilsoncc, dd32, jorbin.
Fixes #54261.


Built from https://develop.svn.wordpress.org/trunk@51963


git-svn-id: http://core.svn.wordpress.org/trunk@51552 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 02:13:56 +00:00
TimothyBlynJacobs
bac6e41c85 REST API: Support custom namespaces for custom post types.
While a custom post type can define a custom route by using the `rest_base` argument, a namespace of `wp/v2` was assumed. This commit introduces support for a `rest_namespace` argument. 

A new `rest_get_route_for_post_type_items` function has been introduced and the `rest_get_route_for_post` function updated to facilitate getting the correct route for custom post types.

While the WordPress Core Block Editor bootstrap code has been updated to use these API functions, for maximum compatibility sticking with the default `wp/v2` namespace is recommended until the API functions see wider use.

Props spacedmonkey, swissspidy.
Fixes #53656.

Built from https://develop.svn.wordpress.org/trunk@51962


git-svn-id: http://core.svn.wordpress.org/trunk@51551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 23:16:58 +00:00
Sergey Biryukov
c60a9d92e2 Docs: Add a @since note to WP_REST_Post_Types_Controller::get_item_schema() for the supports and visibility properties.
The `taxonomies` and `rest_base` properties were also added after the method was initially introduced, but that happened during the same release cycle, so they don't need a separate `@since` note.

Follow-up to [38832], [39097], [39191], [39647], [51959].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51961


git-svn-id: http://core.svn.wordpress.org/trunk@51550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 20:28:01 +00:00
TimothyBlynJacobs
af212ad9b3 REST API: Send a 500 status code when JSON encoding fails.
Previously, a 200 status code would be sent despite the 500 status code present in the response body.

Props hermpheus, lalitjalandhar.
Fixes #53056.

Built from https://develop.svn.wordpress.org/trunk@51960


git-svn-id: http://core.svn.wordpress.org/trunk@51549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 06:07:56 +00:00
TimothyBlynJacobs
f76071026b REST API: Add visibility information to the Post Types controller.
Props spacedmonkey, peterwilsoncc.
Fixes #54055.

Built from https://develop.svn.wordpress.org/trunk@51959


git-svn-id: http://core.svn.wordpress.org/trunk@51548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 05:19:01 +00:00
John Blackbourn
3d86f8af55 Application Passwords: Various docblock improvements.
See #53399, #42790

Built from https://develop.svn.wordpress.org/trunk@51958


git-svn-id: http://core.svn.wordpress.org/trunk@51547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 20:26:59 +00:00
John Blackbourn
c274d3c520 Docs: Miscellaneous docblock improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51957


git-svn-id: http://core.svn.wordpress.org/trunk@51546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 20:17:01 +00:00
Sergey Biryukov
4459eaf392 Docs: Further update the debug_information filter description per the documentation standards.
Specifically, this ensures that the DocBlock follows the line wrapping recommendations.

Follow-up to [44986], [45156], [45259], [51949].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51956


git-svn-id: http://core.svn.wordpress.org/trunk@51545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 13:41:02 +00:00
John Blackbourn
6babc3833b Docs: Miscellaneous docblock improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51955


git-svn-id: http://core.svn.wordpress.org/trunk@51544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 23:13:05 +00:00
desrosj
4a0480a67d Build/Test Tools: Use correct URL for a GitHub Action workflow run.
Follow up to [51921], [51937], [51953].
Unprops desrosj.
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51954


git-svn-id: http://core.svn.wordpress.org/trunk@51543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 20:34:58 +00:00
desrosj
ab1786d059 Build/Test Tools: Adjust Slack notifications for scheduled and workflow_dispatch events.
This makes the needed adjustments to fix Slack notifications for `scheduled` and `workflow_dispatch` events. The data needed to send notifications for these events are stored in different locations, or need to be accessed through API requests.

Follow up to [51921], [51937].
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51953


git-svn-id: http://core.svn.wordpress.org/trunk@51542 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 20:00:58 +00:00
desrosj
deb3eca81a Build/Test Tools: Escape $ within commit messages for `$variables.
This ensures the variables are preserved in the Slack message.

Props ocean90, desrosj.
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51952


git-svn-id: http://core.svn.wordpress.org/trunk@51541 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 19:41:56 +00:00
Sergey Biryukov
0e2f9ad5b6 Coding Standards: Correct alignment in WP_Site_Health::get_test_update_temp_backup_writable().
This fixes an `Equals sign not aligned with surrounding assignments; expected 1 space but found 6 spaces` WPCS warning.

Follow-up to [51815].

See #51857, #53359.
Built from https://develop.svn.wordpress.org/trunk@51951


git-svn-id: http://core.svn.wordpress.org/trunk@51540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 16:52:57 +00:00
John Blackbourn
0775153e27 Date/Time: Improve the docblocks for various date and time related functions.
See #53399, #28992, #40653

Built from https://develop.svn.wordpress.org/trunk@51950


git-svn-id: http://core.svn.wordpress.org/trunk@51539 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 16:51:56 +00:00
John Blackbourn
a0d8a60547 Site Health: Correct and improve the documentation for the debug_information hook.
This corrects the structure of the documentation so it accurately reflects the array elements contained within.

See #53399.

Built from https://develop.svn.wordpress.org/trunk@51949


git-svn-id: http://core.svn.wordpress.org/trunk@51538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 15:35:00 +00:00
joedolson
2f3b779563 Media: Remove deprecated click function in media uploader.
Replace the call to jQuery's deprecated click handler.

Props kapilpaul.
Fixes #53261.
Built from https://develop.svn.wordpress.org/trunk@51947


git-svn-id: http://core.svn.wordpress.org/trunk@51536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 17:50:58 +00:00
joedolson
d71ae9a7e3 Administration: Hide mobile menu on focusout.
Closes the admin menu on mobile devices when keyboard focus moves outside of the menu or menu toggle elements. Improves the usability of the menu on mobile by allowing closure anywhere outside the menu rather than only on the toggle. 

Props kaneva, costdev, sabernhardt
Fixes #53587.
Built from https://develop.svn.wordpress.org/trunk@51946


git-svn-id: http://core.svn.wordpress.org/trunk@51535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 17:28:56 +00:00
joedolson
acabcf82ff Media: Close attachment details modal with esc key.
The event that fired closing the attachment details modal also removed the keydown event listener, so subsequent modals could not be closed with the escape key.

Props vondelphia, sourovroy, sabernhardt
Fixes #53924.
Built from https://develop.svn.wordpress.org/trunk@51945


git-svn-id: http://core.svn.wordpress.org/trunk@51534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 16:07:59 +00:00
Sergey Biryukov
a5926f8ece Coding Standards: Correct alignment in wp_enqueue_global_styles().
This fixes an `Equals sign not aligned with surrounding assignments; expected 5 spaces but found 1 space` WPCS warning.

Follow-up to [50973], [51819].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51944


git-svn-id: http://core.svn.wordpress.org/trunk@51533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 14:10:59 +00:00
Pascal Birchler
a225165010 Role/Capability: Add support for capability queries in WP_User_Query.
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:

* `capability` 
* `capability__in`
* `capability__not_in`

These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.

Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:

* all users with a role that has this capability
* all users with the capability being assigned directly

Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.

The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.

Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.

This updates any usage of `'who' => 'authors'` in core to use capability queries instead.

Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.

Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.

Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.

Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes #16841.

Built from https://develop.svn.wordpress.org/trunk@51943


git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:43:57 +00:00
Sergey Biryukov
311cf99866 Docs: Document the usage of some globals in wp-includes/script-loader.php.
Follow-up to [44114], [44262], [49080], [50761], [51471].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51942


git-svn-id: http://core.svn.wordpress.org/trunk@51531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:21:58 +00:00
Sergey Biryukov
6a5a0062ff Script Loader: Correct the number of arguments passed to the closure in enqueue_block_styles_assets().
This avoids an `Uncaught ArgumentCountError: Too few arguments to function {closure}(), 1 passed` PHP fatal error when registering a block style with the `should_load_separate_core_block_assets` filter enabled.

Follow-up to [51471].

Props aristath, shimon246, jrf, gziolo.
Fixes #54323.
Built from https://develop.svn.wordpress.org/trunk@51941


git-svn-id: http://core.svn.wordpress.org/trunk@51530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 17:10:01 +00:00
Sergey Biryukov
156a453ed9 Coding Standards: Rename the $process variable to $processed_response for clarity in WP_Http_Streams::request().
Includes minor code layout fixes for better readability.

Follow-up to [8516], [51826], [51929], [51931].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51940


git-svn-id: http://core.svn.wordpress.org/trunk@51529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 15:03:58 +00:00
johnjamesjacoby
7a0a07d691 Admin/HTTP API: add suggested filename support to download_url().
This change allows for external clients to supply a suggested filename via a `Content-Disposition` response header. This filename is processed through `sanitize_file_name()` to ensure it is allowable (on the server, MIME's, etc...) and `validate_file()` to prevent directory traversal.

If the suggested filename fails the above processing/checks, that suggestion is discarded and the standard temporary filename (generated by WordPress) is used.

If no `Content-Disposition` header is found in the response headers, the standard temporary filename continues to be used as per normal.

Included in this change are 6 additional PHPUnit tests with 9 assertions. These tests confirm that valid filename values are correctly saved, and invalid filename values are correctly rejected.

Props cklosows, costdev, dd32, johnjamesjacoby, ocean90, psrpinto.

Fixes #38231.
Built from https://develop.svn.wordpress.org/trunk@51939


git-svn-id: http://core.svn.wordpress.org/trunk@51528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 15:00:01 +00:00
Sergey Biryukov
b8e6a3c334 Tests: Some test improvements for clean_dirsize_cache() tests:
* Move the directory being tested to the `data` directory, for consistency with other test data.
* Set the `svn:eol-style` property to `native`, for consistency with other files.
* Correct the test class name in `dummy.txt`.

Follow-up to [51246], [51910], [51911].

See #52241, #53363.
Built from https://develop.svn.wordpress.org/trunk@51938


git-svn-id: http://core.svn.wordpress.org/trunk@51527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-26 02:03:58 +00:00
desrosj
3867e66520 Build/Test Tools: Use the correct workflow name in notifications on workflow_run.
When a workflow is triggered through a `workflow_run` event, the context is not the original workflow. The details about the original workflow are passed through the `github.event` context.

This also moves the conditional check controlling whether the Slack workflow is run into the calling workflows to prevent them from running for pull requests.

Follow up to [51921-51922,51924-51925,51934].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51937


git-svn-id: http://core.svn.wordpress.org/trunk@51526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 20:27:56 +00:00
desrosj
fc06dda73e Build/Test Tools: Restore Slack notifications for older branches.
In [51921], the GitHub Actions workflows were updated to utilize the Slack notifications workflow as a callable one instead of on the `workflow_run` event.

This eliminated the need for an additional “Slack Notifications” workflow run for every completed workflow, but only when other workflows are updated as well. This resulted in notifications from older branches breaking, as the changes in [51921] were not backported.

Instead of backporting the needed changes now (the Slack workflow is still being polished), this commit partially restores the `workflow_run` event for older branches so that notifications will resume.

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51934


git-svn-id: http://core.svn.wordpress.org/trunk@51525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 19:30:00 +00:00
Sergey Biryukov
d31f31c579 Coding Standards: Rename $theHeaders variable to $processed_headers in WP_Http_Curl::request().
This fixes a `Variable "$theHeaders" is not in valid snake_case format` WPCS warning.

Follow-up to [8516], [8520], [51826], [51929].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51931


git-svn-id: http://core.svn.wordpress.org/trunk@51524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 16:20:00 +00:00
Peter Wilson
cdf1000cbb Docs: Use sign-up & signup consistently in wp-signup.php.
In the docblocks throughout `wp-signup.php` use sign up for verbs and sign-up for nouns.

Props audrasjb, jeffpaul.
Fixes #54041. See #53399.


Built from https://develop.svn.wordpress.org/trunk@51930


git-svn-id: http://core.svn.wordpress.org/trunk@51523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 00:23:57 +00:00