Commit Graph

528 Commits

Author SHA1 Message Date
TimothyBlynJacobs
7fe78e2f18 REST API: Make sure all supported JSON Schema keywords are output in the index.
Previously, only a small subset of keywords were exposed which limited the utility of `OPTIONS` requests.

Props raubvogel, TimothyBlynJacobs.
Fixes #51020.

Built from https://develop.svn.wordpress.org/trunk@49257


git-svn-id: http://core.svn.wordpress.org/trunk@49019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 20:19:09 +00:00
TimothyBlynJacobs
499e4e9053 REST API: Introduce support for batching API requests.
A new route is introduced, `batch/v1`, that accepts a list of API requests to run. Each request runs in sequence, and the responses are returned in the order they've been received.

Optionally, the `require-all-validate` validation mode can be used to first validate each request's parameters and only proceed with processing if each request validates successfully.

By default, the batch size is limited to 25 requests. This can be controlled using the `rest_get_max_batch_size` filter. Clients are strongly encouraged to discover the maximum batch size supported by the server by making an OPTIONS request to the `batch/v1` endpoint and inspecting the described arguments.

Additionally, the two new methods, `match_request_to_handler` and `respond_to_request` introduced in [48947] now have a `protected` visibility as we don't want to expose the inner workings of the `WP_REST_Server::dispatch` API.

Batching is not currently supported for GET requests.

Fixes #50244.
Props andraganescu, zieladam, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@49252


git-svn-id: http://core.svn.wordpress.org/trunk@49014 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 19:10:08 +00:00
desrosj
d40c365a30 Coding Standards: Correct some minor coding standards issues.
Introduced in [49154], [49212], [49223], and [49224].
Built from https://develop.svn.wordpress.org/trunk@49225


git-svn-id: http://core.svn.wordpress.org/trunk@48987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 13:29:08 +00:00
youknowriad
8fbbd54c40 Block Editor: Expose api_version in the block type and the REST endpoint.
The new block editor included in 5.6 introduces an api_version property
that indicates which block API version the block is using. 
This commits makes this property available on the block type and the endpoint.

Props TimothyBlynJacobs, gziolo.
Fixes #51529.


Built from https://develop.svn.wordpress.org/trunk@49224


git-svn-id: http://core.svn.wordpress.org/trunk@48986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 07:54:10 +00:00
Sergey Biryukov
120291367a Formatting: Deprecate wp_slash_strings_only() in favor of wp_slash().
The reason for introducing `wp_slash_strings_only()` in [46454] was to keep non-string values untouched.

Later, `wp_slash()` itself was updated in [48433] to prevent changing non-string values.

To avoid confusion, `wp_slash_strings_only()` is now deprecated.

Props ayeshrajans, ocean90.
Fixes #50635.
Built from https://develop.svn.wordpress.org/trunk@49188


git-svn-id: http://core.svn.wordpress.org/trunk@48950 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-18 06:57:04 +00:00
Peter Wilson
32d193f96f REST API, Posts: Add a hook to fire once a post, its terms and meta update.
Introduces the action `wp_after_insert_post` inside a wrapper function of the same name. This hook allows plugin developers to access a posts full data (including its terms and meta data) regardless of the workflow used to save it.

A new parameter is introduced to `wp_insert_post()` to indicate whether the hook should be fired within the function call or will be fired afterward.

Props aristath, Collizo4sky, danielbachhuber, joyously, kadamwhite, kraftbj, markparnell, mikeschroder, noisysocks, peterwilsoncc, SergeyBiryukov, talldanwp, thewebprincess, TimothyBlynJacobs.
Fixes #45114.

Built from https://develop.svn.wordpress.org/trunk@49172


git-svn-id: http://core.svn.wordpress.org/trunk@48934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-16 03:34:08 +00:00
TimothyBlynJacobs
039ce3f16f Site Health, REST API: Move async tests to REST API endpoints.
This provides more flexibility when writing tests and benefits from running in a front-end context which is necessary for some tests like checking that updates are supported. Additionally, this provides a more robust interface for developers who want to integrate with Site Health tests.

Because the `wp/v2` endpoint is reserved for modeling core entities, site health is registered in its own `wp-site-health/v1` namespace.

The existing ajax actions have been maintained for backward compatibility.

Props Clorith, chrisvanpatten, afragen, pokhriyal, TimothyBlynJacobs.
Fixes #48105.

Built from https://develop.svn.wordpress.org/trunk@49154


git-svn-id: http://core.svn.wordpress.org/trunk@48916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-15 02:00:08 +00:00
TimothyBlynJacobs
49a399db05 REST API: Introduce search post format handler.
This allows for clients to search the used post formats via the /wp/v2/search endpoint by using a type=post-format query parameter.
Fixes #51459.
Props andraganescu, zieladam, noisysocks, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@49132


git-svn-id: http://core.svn.wordpress.org/trunk@48894 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-12 19:54:05 +00:00
John Blackbourn
905460bd5e Docs: Standardise the type name for booleans and integers.
This brings these docs inline with the documentation standards.

Props ravipatel, justinahinon

Fixes #51426

Built from https://develop.svn.wordpress.org/trunk@49120


git-svn-id: http://core.svn.wordpress.org/trunk@48882 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-10 20:02:05 +00:00
TimothyBlynJacobs
d5ebe12f11 REST API: Introduce Application Passwords for API authentication.
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.

This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.

Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.

Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes #42790.

Built from https://develop.svn.wordpress.org/trunk@49109


git-svn-id: http://core.svn.wordpress.org/trunk@48871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 22:14:06 +00:00
Sergey Biryukov
897f004a9c General: Replace older-style PHP type conversion functions with type casts.
This improves performance, readability, and consistency throughout core.

* `intval()` → `(int)`
* `strval()` → `(string)`
* `floatval()` → `(float)`

Props ayeshrajans.
Fixes #42918.
Built from https://develop.svn.wordpress.org/trunk@49108


git-svn-id: http://core.svn.wordpress.org/trunk@48870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 21:15:13 +00:00
TimothyBlynJacobs
f5c67c386f REST API: Introduce search term handler.
This allows for clients to search the available terms via the `/wp/v2/search` endpoint by using a `type=term` query parameter.

Fixes #51458.
Props andraganescu, zieladam, noisysocks, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@49103


git-svn-id: http://core.svn.wordpress.org/trunk@48865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 01:32:05 +00:00
Sergey Biryukov
0f13b2c268 Docs: Add @since notes for the $id parameter of REST API search controller accepting a string.
Follow-up to [49088].

See #51131.
Built from https://develop.svn.wordpress.org/trunk@49089


git-svn-id: http://core.svn.wordpress.org/trunk@48851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-03 01:22:11 +00:00
TimothyBlynJacobs
e9b5b1a5bc REST API: Allow for string ids in the search controller.
Previously, the search controller infrastructure required that the id property was an integer. This prevents data models that use a string id from utilizing the search infrastructure.

This commit lifts the restraint that search handlers return integer ids. This will allow for the Post Formats search handler coming in 5.6 to use slugs instead of creating fake ids.

Props stoyangeorgiev.
Fixes #51131.

Built from https://develop.svn.wordpress.org/trunk@49088


git-svn-id: http://core.svn.wordpress.org/trunk@48850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-02 17:47:09 +00:00
Sergey Biryukov
09570be924 Docs: Fix typos in some DocBlocks in js/_enqueues/wp/api.js.
Additionally, rename a variable for clarity.

Props mukesh27.
Fixes #51420.
Built from https://develop.svn.wordpress.org/trunk@49075


git-svn-id: http://core.svn.wordpress.org/trunk@48837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-30 13:54:06 +00:00
Helen Hou-Sandí
75262781d9 i18n: Ensure block type strings in the REST API end with a full stop.
Props ramiy, justinahinon.
Fixes #50805.


Built from https://develop.svn.wordpress.org/trunk@48982


git-svn-id: http://core.svn.wordpress.org/trunk@48744 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-16 19:23:07 +00:00
TimothyBlynJacobs
55c21acc9f REST API: Extract WP_REST_Controller::get_endpoint_args_for_item_schema() to a standalone function.
This method is useful whenever a JSON Schema needs to be converted to a format suitable for argument validation with `WP_REST_Request`. Moving the logic into a standalone function allows developers to use it outside of the `WP_REST_Controller` context.

Props pentatonicfunk.
Fixes #50876. 

Built from https://develop.svn.wordpress.org/trunk@48951


git-svn-id: http://core.svn.wordpress.org/trunk@48713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-07 02:37:07 +00:00
TimothyBlynJacobs
a63708debf REST API: Refactor WP_REST_Server::dispatch() to make internal logic reusable.
#50244 aims to introduce batch processing in the REST API. An important feature is the ability to enforce that all requests have valid data before executing the route callbacks in "pre-validate" mode.

This necessitates splitting `WP_REST_Server::dispatch()` into two methods so the batch controller can determine the request handler to perform pre-validation and then respond to the requests.

The two new methods, `match_request_to_handler` and `respond_to_request`, have a public visibility, but are marked as `@access private`. This is to allow for iteration on the batch controller to happen in the Gutenberg repository. Developers should not rely upon these methods, their visibility may change in the future.

See #50244.
Props andraganescu, zieladam, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48947


git-svn-id: http://core.svn.wordpress.org/trunk@48709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-05 21:52:07 +00:00
TimothyBlynJacobs
f43ca27db9 REST API: Support a route-level validation callback.
Most request data is validated on a per-parameter basis. Often, however, additional validation is needed that operates on the entire request object. Currently, this is done in the route callback and often in the `prepare_item_for_database` method specifically.

#50244 aims to introduce batch processing in the REST API. An important feature is the ability to enforce that all requests have valid data before executing the route callbacks in "pre-validate" mode.

This patch introduces support for calling a `validate_callback` after all parameter validation has succeeded. That allows moving more validation outside of the route callback and into `WP_REST_Request` which will improve "pre-validate" support.

Props TimothyBlynJacobs, zieladam.
Fixes #51255.
See #50244.



Built from https://develop.svn.wordpress.org/trunk@48945


git-svn-id: http://core.svn.wordpress.org/trunk@48707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-05 18:09:06 +00:00
Sergey Biryukov
ee0943482f REST API: In WP_REST_Block_Directory_Controller::get_items(), make sure the blocks data for a plugin is not empty before proceeding.
This avoids a PHP notice if the API returns a plugin with empty data for `blocks` key.

Props khag7, TwentyZeroTwo, justinahinon, TimothyBlynJacobs, dd32, SergeyBiryukov.
Fixes #51018.
Built from https://develop.svn.wordpress.org/trunk@48842


git-svn-id: http://core.svn.wordpress.org/trunk@48604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-22 01:54:11 +00:00
Felix Arntz
5918f7e11d Taxonomy: Allow for wp_count_terms( $args ) signature, making passing a taxonomy optional.
This brings `wp_count_terms()` in line with other taxonomy functions such as `get_terms()` which technically no longer require a taxonomy. Similar to the previously modified functions, no deprecation warning is triggered when using the legacy signature.

Fixes #36399.

Built from https://develop.svn.wordpress.org/trunk@48840


git-svn-id: http://core.svn.wordpress.org/trunk@48602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-21 22:32:06 +00:00
TimothyBlynJacobs
e1da1ae3e4 REST API: Add uniqueItems as a permitted endpoint argument JSON Schema keyword.
Support for the `uniqueItems` keyword was added in [48357], but wasn't included in the list of permitted keywords for `WP_REST_Controller::get_endpoint_args_for_item_schema()`. This prevented the keyword from being automatically supported if specified in a controller's item schema.

Fixes #51021.

Built from https://develop.svn.wordpress.org/trunk@48796


git-svn-id: http://core.svn.wordpress.org/trunk@48558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-15 16:11:07 +00:00
Sergey Biryukov
1f85e7484f Docs: Consistently use third-person singular verbs for various filter descriptions, per the documentation standards.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@48782


git-svn-id: http://core.svn.wordpress.org/trunk@48544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-11 00:34:08 +00:00
Sergey Biryukov
350ad6141e Coding Standards: Use consistent formatting for translator comments in wp-includes/rest-api.php.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@48765


git-svn-id: http://core.svn.wordpress.org/trunk@48527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-09 01:46:07 +00:00
Sergey Biryukov
bb0630caa9 I18N: Use a placeholder instead of the \ character in a translatable string in WP_REST_Users_Controller::check_user_password().
Props ramiy.
Fixes #50812.
Built from https://develop.svn.wordpress.org/trunk@48692


git-svn-id: http://core.svn.wordpress.org/trunk@48454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-30 12:28:06 +00:00
TimothyBlynJacobs
c461697c31 REST API: Remove assets field from block directory controller.
Gutenberg no longer uses the assets field to fetch the assets for the installed block so this field can be dropped from the endpoint. This allows us to reintroduce it at a later point without needing to worry about backward compatibility.

See #50732.

Built from https://develop.svn.wordpress.org/trunk@48656


git-svn-id: http://core.svn.wordpress.org/trunk@48418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-28 04:10:10 +00:00
TimothyBlynJacobs
86ea4f0838 REST API: Fix warning when using set_param() on a JSON request with no body.
In [47559] the `WP_REST_Request::set_param()` method was adjusted to try and overwrite an existing parameter definition before forcing the value in the first parameter slot. If `set_param()` was called on a request with an `application/json` content type and an empty body, a PHP warning would be issued. This was due to the JSON parameter type not being set to an array when the body is empty.

This commit avoids the warning by adding an `is_array()` check before calling `array_key_exists`. Ideally, `WP_REST_Reuest::parse_json_params()` would set the JSON parameter type to an empty array in this case, but that is too large of a change at this point in the cycle.

Props manooweb.
Fixes #50786.

Built from https://develop.svn.wordpress.org/trunk@48642


git-svn-id: http://core.svn.wordpress.org/trunk@48404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-27 18:46:05 +00:00
whyisjake
de5533e56b REST API: Install plugin translations after the plugin install. This only installs for the plugin in question, not all plugins.
Support for retrieving the langauge pack alongside the install API request was added in https://meta.trac.wordpress.org/changeset/10091 to avoid having to make a plugin update check during the REST API check.

Fixes #50732.
Props dd32, ocean90, ryelle, swissspidy, tellyworth, whyisjake, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48641


git-svn-id: http://core.svn.wordpress.org/trunk@48403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-27 18:31:06 +00:00
Sergey Biryukov
aa22457754 REST API: Use a consistent description for the textdomain schema property between plugins and themes controllers.
Follow-up to [48242], [48627].

Props audrasjb.
Fixes #50776. See #50321.
Built from https://develop.svn.wordpress.org/trunk@48628


git-svn-id: http://core.svn.wordpress.org/trunk@48390 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-26 21:54:03 +00:00
Sergey Biryukov
e7eaaa97b1 REST API: Use a consistent name for the textdomain schema property between plugins, themes, and block directory controllers.
Follow-up to [48242].

See #50321, #50776.
Built from https://develop.svn.wordpress.org/trunk@48627


git-svn-id: http://core.svn.wordpress.org/trunk@48389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-26 21:49:03 +00:00
Sergey Biryukov
61b2cb7761 Docs: Correct @since version for WP_REST_Plugins_Controller::get_item_schema().
Follow-up to [48242].

See #50321.
Built from https://develop.svn.wordpress.org/trunk@48626


git-svn-id: http://core.svn.wordpress.org/trunk@48388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-26 21:42:03 +00:00
Sergey Biryukov
ebfe7ca39a I18N: Remove <code> tags in an error message in WP_REST_Posts_Controller::get_item_schema() for consistency with other strings.
Follow-up to [48610].

See #50759.
Built from https://develop.svn.wordpress.org/trunk@48613


git-svn-id: http://core.svn.wordpress.org/trunk@48375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-25 16:41:02 +00:00
Sergey Biryukov
29b0a259df I18N: Move code out of a translatable string in WP_REST_Posts_Controller::get_item_schema().
Props ramiy.
Fixes #50759.
Built from https://develop.svn.wordpress.org/trunk@48610


git-svn-id: http://core.svn.wordpress.org/trunk@48372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-25 16:28:04 +00:00
John Blackbourn
124972f2c6 Docs: Further corrections and improvements to various inline docblocks.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48576


git-svn-id: http://core.svn.wordpress.org/trunk@48338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 07:39:02 +00:00
Sergey Biryukov
5323fa05e5 REST API: Use consistent error messages when managing network plugins.
Props ramiy.
Fixes #50729.
Built from https://develop.svn.wordpress.org/trunk@48556


git-svn-id: http://core.svn.wordpress.org/trunk@48318 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 22:01:03 +00:00
Sergey Biryukov
3061a680a9 Media: Pass the attachment ID to the wp_image_file_matches_image_meta filter.
Props spacedmonkey.
Fixes #50722.
Built from https://develop.svn.wordpress.org/trunk@48547


git-svn-id: http://core.svn.wordpress.org/trunk@48309 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 16:55:08 +00:00
TimothyBlynJacobs
b8d5e161eb REST API: Issue a _doing_it_wrong when registering a route without a permission callback.
The REST API treats routes without a permission_callback as public. Because this happens without any warning to the user, if the permission callback is unintentionally omitted or misspelled, the endpoint can end up being available to the public. Such a scenario has happened multiple times in the wild, and the results can be catostrophic when it occurs.

For REST API routes that are intended to be public, it is recommended to set the permission callback to the `__return_true` built in function.

Fixes #50075.
Props rmccue, sorenbronsted, whyisjake, SergeyBiryukov, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48526


git-svn-id: http://core.svn.wordpress.org/trunk@48288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 12:03:05 +00:00
Andrew Ozz
562a59f553 REST API, Media: Add X-WP-Upload-Attachment-ID HTTP header to enable retrying of post-processing of edited images if the server runs out of resources. This is the same as after uploading a new image, will do up to five additional requests to let the server create all image sub-sizes.
Fixes #50711.
Built from https://develop.svn.wordpress.org/trunk@48525


git-svn-id: http://core.svn.wordpress.org/trunk@48287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 03:00:04 +00:00
Andrew Ozz
c2639c74ff REST API, Media: Fix/improve the inline docs and name of the new wp_edited_image_metadata filter.
Props desrosj, azaozz.

See #44405.
Built from https://develop.svn.wordpress.org/trunk@48518


git-svn-id: http://core.svn.wordpress.org/trunk@48280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-20 21:04:03 +00:00
Andrew Ozz
689c224476 Media: Migrate the data from the attachment post of the parent image when saving an edited image. Copy:
- `post_title`,
- `post_content` (image description),
- `post_excerpt` (image caption as saved in the DB),
- `_wp_attachment_image_alt` meta (alt text for the img tag as saved in the DB).

Props spacedmonkey, joedolson, TimothyBlynJacobs, azaozz.
Fixes #50675.
Built from https://develop.svn.wordpress.org/trunk@48510


git-svn-id: http://core.svn.wordpress.org/trunk@48272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-19 21:19:04 +00:00
Andrew Ozz
2d728713ac REST API: Prevent attachment ID/image source mismatch when editing an image.
Fixes #50565.
Built from https://develop.svn.wordpress.org/trunk@48498


git-svn-id: http://core.svn.wordpress.org/trunk@48260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-16 21:56:08 +00:00
TimothyBlynJacobs
df2b9b1689 REST API: Add Content-Disposition, Content-MD5 and X-WP-Nonce as allowed cors headers.
The Content-Disposition and Content-MD5 headers allow for easier file uploading across domains by using a File/Blob object directly. The X-WP-Nonce header is allowed for making cross-origin and same-origin authenticated requests consistent.

Additionally a filter is introduced, "rest_allowed_cors_headers", to simplify the process of allowing additional request headers.

Props rmccue, TimothyBlynJacobs.
Fixes #41696.

Built from https://develop.svn.wordpress.org/trunk@48452


git-svn-id: http://core.svn.wordpress.org/trunk@48221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-12 19:37:12 +00:00
TimothyBlynJacobs
a59fb4e50f REST API: Sanitize block renderer attributes.
In [48069] the Block Renderer was changed to register a single route for all dynamic blocks. Validation was dynamically applied based on the requested block, but sanitization was not. This commit adds the same sanitization back to the block attributes.

Props manooweb.
Fixes #50620. See #48079.

Built from https://develop.svn.wordpress.org/trunk@48437


git-svn-id: http://core.svn.wordpress.org/trunk@48206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-11 20:34:05 +00:00
Sergey Biryukov
d322fb66de Docs: Synchronize and correct documentation for various metadata functions and filters.
Follow-up to [47390], [47611], [48192], [48402].

See #49572, #43941, #45464.
Built from https://develop.svn.wordpress.org/trunk@48411


git-svn-id: http://core.svn.wordpress.org/trunk@48180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-09 11:26:07 +00:00
Sergey Biryukov
6bf6bc451f Docs: Miscellaneous DocBlock corrections.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48408


git-svn-id: http://core.svn.wordpress.org/trunk@48177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-08 13:15:03 +00:00
TimothyBlynJacobs
13b10697bf REST API, Meta: Introduce support for default metadata values.
The `register_meta()` API now officially supports specifying a default metadata value. When `get_metadata()` is called for a meta key that does not yet exist for the object, this default value will be returned instead of an empty string.

A new function is introduced `get_metadata_raw` to retrieve the raw metadata value from the database, without applying the registered default.

Props spacedmonkey, flixos90, rmccue, kadamwhite, mnelson4, johnbillion, chrisvanpatten, TimothyBlynJacobs.
Fixes #43941.


Built from https://develop.svn.wordpress.org/trunk@48402


git-svn-id: http://core.svn.wordpress.org/trunk@48171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 20:47:05 +00:00
Andrew Ozz
d1dc207128 Media, REST API: Allow media edit endpoint to find remote files.
Props jonsurrell.
Fixes #50595.
Built from https://develop.svn.wordpress.org/trunk@48386


git-svn-id: http://core.svn.wordpress.org/trunk@48155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 16:51:04 +00:00
TimothyBlynJacobs
0615a9ab37 REST API: Use new rest_get_route_for_post() in the post search handler.
In [48273] the rest_get_route_for_post function was introduced. This simplifies determining the REST API route for any given post object and adds a filter for custom controllers.

Props ravatparmar.
Fixes #50529.

Built from https://develop.svn.wordpress.org/trunk@48381


git-svn-id: http://core.svn.wordpress.org/trunk@48150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 15:31:02 +00:00
TimothyBlynJacobs
0386c0ae6c REST API: Remove specific multi-type schema handling from the themes controller.
Multi-type schema handling was improved in [48306]. In particular, it now allows for sanitizing a multi-typed value that wouldn't validate. Removing this handling will make 3rd party registered theme features more robust.

Fixes #50562.

Built from https://develop.svn.wordpress.org/trunk@48308


git-svn-id: http://core.svn.wordpress.org/trunk@48077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-05 01:06:02 +00:00
TimothyBlynJacobs
5af864369c REST API: Introduce endpoint for editing images.
To facilitate inline image editing in Gutenberg, a new endpoint at wp/v2/media/<id>/edit has been introduced. This is functionally similar to the existing ajax image editor, however the REST API editor creates a new attachment record instead of updating an existing attachment.

Fixes #44405.
Props ajlende, ellatrix, spacedmonkey, azaozz.


Built from https://develop.svn.wordpress.org/trunk@48291


git-svn-id: http://core.svn.wordpress.org/trunk@48060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-04 04:15:05 +00:00
Sergey Biryukov
ec571bdcf6 Docs: Spell "falsey" in a consistent way.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48275


git-svn-id: http://core.svn.wordpress.org/trunk@48044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-02 11:30:02 +00:00
TimothyBlynJacobs
083134f694 REST API: Introduce plugin management and block directory endpoints.
These endpoints facilitate the Block Directory Inserter feature in Gutenberg. Users can now install, activate, deactivate, and delete plugins over the REST API. The block directoryendpoint allows searching for available blocks from the WordPress.org block directory.

Props cklee, talldanwp, noisysocks, joen, soean, youknowriad, dufresnesteven, gziolo, dd32, tellyworth, ryelle, spacedmonkey, TimothyBlynJacobs.
Fixes #50321.


Built from https://develop.svn.wordpress.org/trunk@48242


git-svn-id: http://core.svn.wordpress.org/trunk@48011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-01 04:24:03 +00:00
Sergey Biryukov
f5942603c0 Comments: Make wp_update_comment() return a WP_Error object for a canceled update, if $wp_error parameter is true.
Remove redundant checks for `wp_update_comment()` results being `false`, as the function always returns a `WP_Error` object now if `$wp_error` is true.

Follow-up to [48154], [48215], [48216].

See #39732.
Built from https://develop.svn.wordpress.org/trunk@48218


git-svn-id: http://core.svn.wordpress.org/trunk@47987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-29 23:42:03 +00:00
Sergey Biryukov
c892c420b7 Docs: Miscellaneous DocBlock corrections.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48198


git-svn-id: http://core.svn.wordpress.org/trunk@47967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-28 11:53:04 +00:00
Sergey Biryukov
37d48e2f2e Users: Merge two similar error messages about usernames with invalid characters.
Props ramiy, garrett-eclipse, chetan200891.
Fixes #47003.
Built from https://develop.svn.wordpress.org/trunk@48195


git-svn-id: http://core.svn.wordpress.org/trunk@47964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-27 23:44:09 +00:00
Sergey Biryukov
5aa7f46a4f Docs: Improve DocBlocks in wp-includes/theme.php per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48189


git-svn-id: http://core.svn.wordpress.org/trunk@47958 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-27 12:02:03 +00:00
Sergey Biryukov
40c389c95e Docs: Standardize on "Returning a value from the filter" vs. "Passing a value to the filter".
The filter is the callback function added with `add_filter()`, therefore the hook passes a value to the filter, and the filter returns a value to change its behaviour.

The documentation is referring to the latter.

Props johnbillion.
See #49572, #16557.
Built from https://develop.svn.wordpress.org/trunk@48185


git-svn-id: http://core.svn.wordpress.org/trunk@47954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 18:49:09 +00:00
TimothyBlynJacobs
9f14967ff0 REST API: Introduce Block Types endpoint.
This endpoint allows a user to retrieve the block type definition for all server-side registered block types.

Props spacedmonkey, aduth, gziolo, ocean90, TimothyBlynJacobs.
Fixes #47620.

Built from https://develop.svn.wordpress.org/trunk@48173


git-svn-id: http://core.svn.wordpress.org/trunk@47942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 00:46:07 +00:00
TimothyBlynJacobs
9dc7058be9 Themes: Introduce register_theme_feature API.
Currently themes can declare support for a given feature by using add_theme_support(). This commit adds a register_theme_feature() API that allows plugins and WordPress Core to declare a list of available features that themes can support.

The REST API uses this to expose a theme's supported features if the feature has been registered with "show_in_rest" set to true.

Props kadamwhite, spacedmonkey, williampatton, desrosj, TimothyBlynJacobs.
Fixes #49406.

Built from https://develop.svn.wordpress.org/trunk@48171


git-svn-id: http://core.svn.wordpress.org/trunk@47940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 22:13:10 +00:00
whyisjake
bb7601f6d0 Comments: Allow wp_update_comment() to return WP_Error().
The `wp_update_comment_data` filter introduced in 4.7 allows comment data to be filtered before it is updated in the database.

The patch aims to handle `WP_Error` as the filter above return value in a similar manner as is done for `wp_new_comment()`.


Fixes #39732.

Props: enricosorcinelli, swissspidy, gkloveweb, jnylen0, jbpaul17, afercia, SergeyBiryukov, audrasjb, imath, davidbaumwald.

Built from https://develop.svn.wordpress.org/trunk@48154


git-svn-id: http://core.svn.wordpress.org/trunk@47923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-24 00:05:12 +00:00
desrosj
4b60af1a6a General: Remove “whitelist” and “blacklist” in favor of more clear and inclusive language.
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”

With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).

Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.

Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.

Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes #50413.
Built from https://develop.svn.wordpress.org/trunk@48121


git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-22 17:26:13 +00:00
TimothyBlynJacobs
88f54b22ba REST API: Add "Link" to the list of exposed cors headers.
Currently, only the X-WP-Total and X-WP-TotalPages headers are exposed which means that clients have to manually construct the URL to implement pagination instead of using the "prev" and "next" Links.

Additionally, a filter "rest_exposed_cors_headers" is introduced to make it simpler for plugins to expose additional headers.

Props Toro_Unit, ayeshrajans.
Fixes #50369.

Built from https://develop.svn.wordpress.org/trunk@48112


git-svn-id: http://core.svn.wordpress.org/trunk@47881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 23:56:12 +00:00
Sergey Biryukov
e13c363b17 Docs: Capitalize "ID", when referring to a post ID, term ID, etc. in a more consistent way.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48104


git-svn-id: http://core.svn.wordpress.org/trunk@47873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 12:02:12 +00:00
Sergey Biryukov
a576a13246 Docs: Remove an empty line between @param and @return tags, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48102


git-svn-id: http://core.svn.wordpress.org/trunk@47871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 11:18:09 +00:00
John Blackbourn
1a77bb81d8 Docs: Remove unnecessary variables names from @return tags.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48100


git-svn-id: http://core.svn.wordpress.org/trunk@47869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-19 22:55:12 +00:00
TimothyBlynJacobs
41f70ae5f8 REST API: Only register one block renderer route.
Every block has a different set of attributes. These attributes are specified as a JSON Schema object. Previously, every block registered its own block renderer route using its attributes for the schema. This allowed for the attributes to be validated using the built in endpoint validation rules. It had the unfortunate side effect, however, of creating a large number of nearly identical REST API routes, one for each dynamic block. Each registered route has a performance impact. As the number of server side blocks goes up, this becomes more and more of an issue.

Now, we register a single block renderer route and dynamically validate the attributes based on the selected block.

Fixes #48079.
Props gziolo, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48069


git-svn-id: http://core.svn.wordpress.org/trunk@47836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-17 03:22:12 +00:00
TimothyBlynJacobs
941a31318c REST API: Fix updating "multiple" meta keys with non-string values.
Previously, the REST API would end up deleting each row of metadata and recreating it unnecessarily. This was caused by a type mismatch where the metadata API would always return a string value, and the REST API operated on a typed value.

The REST API now applies the same sanitization and type casting for "multiple" meta keys and "single" meta keys.

Fixes #49339.
Props renathoc.

Built from https://develop.svn.wordpress.org/trunk@47943


git-svn-id: http://core.svn.wordpress.org/trunk@47716 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-10 02:22:13 +00:00
desrosj
784908ae5f Coding Standards: PHP short ternary operator syntax is not allowed.
WPCS 2.2.0 added a sniff for detecting short ternary operator syntax, which is not allowed per the Core handbook.

Follow up of [47927].
Fixes #50258.
Built from https://develop.svn.wordpress.org/trunk@47929


git-svn-id: http://core.svn.wordpress.org/trunk@47702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-08 21:27:10 +00:00
desrosj
c591d94cc5 General: Remove or add inline comments to $HTTP_RAW_POST_DATA occurrences.
The `$HTTP_RAW_POST_DATA` global was deprecated in PHP 5.6 and removed completely in PHP 7.0. In general, `php://input` should be used instead of `$HTTP_RAW_POST_DATA`.

Because WordPress Core still supports PHP 5.6, some plugins or sites may still rely on this variable being present and populated with the expected data. For that reason, occurrences of the variable will remain with updated inline documentation until support for PHP 5.6 is officially dropped in WordPress.

Props skoskie, jrf, desrosj, TimothyBlynJacobs.
See #49922.
Fixes #49810.
Built from https://develop.svn.wordpress.org/trunk@47926


git-svn-id: http://core.svn.wordpress.org/trunk@47700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-08 19:55:10 +00:00
TimothyBlynJacobs
5efaf888a5 REST API: Support the (min|max)Items JSON Schema keywords.
A future commit will add support for the uniqueItems keyword.

Props sorenbronsted.
See #48821.

Built from https://develop.svn.wordpress.org/trunk@47923


git-svn-id: http://core.svn.wordpress.org/trunk@47697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-07 22:42:13 +00:00
TimothyBlynJacobs
171356a890 REST API: Add additional fields to the themes controller.
When the themes controller was introduced it only returned a theme's supported features. This adds the majority of a theme's header information to the response.

Props ockham, spacedmonkey.
Fixes #49906.

Built from https://develop.svn.wordpress.org/trunk@47921


git-svn-id: http://core.svn.wordpress.org/trunk@47695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-07 06:46:10 +00:00
whyisjake
00df557404 REST API: Ensure that all properties of get_endpoint_args_for_item_schema are listed.
* Add new var $valid_schema_properties to match rest_validate_value_from_schema()
* Unit test to ensure all valid properties exists, and non-valid properties are ignored

Fixes: #50301.
Props: pentatonicfunk, TimothyBlynJacobs.


Built from https://develop.svn.wordpress.org/trunk@47911


git-svn-id: http://core.svn.wordpress.org/trunk@47685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-04 16:43:08 +00:00
Sergey Biryukov
95d53b9a66 Docs: Correct @return value for WP_REST_Meta_Fields::get_value().
Props chrisvanpatten.
Fixes #50259.
Built from https://develop.svn.wordpress.org/trunk@47858


git-svn-id: http://core.svn.wordpress.org/trunk@47634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-27 09:44:11 +00:00
Dominik Schilling
ed71319421 Role/Capability: Use meta caps edit_post, read_post, and delete_post directly.
Rather than consulting the post type object, let `map_meta_cap()` handle that for us.

Props peterwilsoncc, ocean90.
Fixes #50128.
See #23226.
Built from https://develop.svn.wordpress.org/trunk@47850


git-svn-id: http://core.svn.wordpress.org/trunk@47626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-23 15:24:07 +00:00
Dominik Schilling
aaeab2f3f5 Rest API: Ensure rest_ensure_response() upgrades WP_HTTP_Response to WP_REST_Response.
An instance of `WP_HTTP_Response` doesn't ensure that the required methods used in `WP_REST_Server::dispatch()` exist, currently causing a fatal error.

Props ali11007, TimothyBlynJacobs, ocean90.
Fixes #49495.
Built from https://develop.svn.wordpress.org/trunk@47849


git-svn-id: http://core.svn.wordpress.org/trunk@47625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-23 14:36:09 +00:00
TimothyBlynJacobs
46854d7322 REST API: Support more JSON Schemas when filtering a response by context.
The array type, multi-types, and the additional properties keyword are now supported. Additionally, the filter recurses to an infinite depth.

Fixes #48819.

Built from https://develop.svn.wordpress.org/trunk@47758


git-svn-id: http://core.svn.wordpress.org/trunk@47534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-04 02:46:05 +00:00
TimothyBlynJacobs
7023be21f5 REST API: Accept POST requests in the block renderer endpoint.
Rendering a block is idempotent, so a GET is the most natural request method. However, the maximum length of URLs prevented blocks with large attributes from being rendered.

Props ryankienstra.
Fixes #49680.

Built from https://develop.svn.wordpress.org/trunk@47756


git-svn-id: http://core.svn.wordpress.org/trunk@47532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-03 22:58:05 +00:00
Sergey Biryukov
61a2f62ffd Comments: Use comment instead of an empty string for the comment_type DB field value in comments table.
This is the first step to bring support for custom comment types into WordPress.

Add a scheduled upgrade routine to update the type value for existing comments, in batches of 100 at a time.

Props imath, aaroncampbell, jeremyfelt, dshanske.
Fixes #49236.
Built from https://develop.svn.wordpress.org/trunk@47597


git-svn-id: http://core.svn.wordpress.org/trunk@47372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-17 19:35:06 +00:00
K. Adam White
951b1d89db REST API: Handle parameter types consistently within set_param().
A request has multiple parameter types, including "query" and "json." Updating a parameter could previously modify a key's value in the wrong parameter type, leading to confusing and self-contradictory response objects.

Props mnelson4, TimothyBlynJacobs, vagios, jnylen0.
Fixes #40838.

Built from https://develop.svn.wordpress.org/trunk@47559


git-svn-id: http://core.svn.wordpress.org/trunk@47334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-09 19:30:07 +00:00
K. Adam White
51619c00a4 REST API: Fix revisions controller get_item permission check.
r45812 incorrectly introduced a delete_post permissions check into the get_item method, breaking some plugins which requested revisions when generating previews.

Props sorenbronsted, yohannp, TimothyBlynJacobs.
Fixes #49645.

Built from https://develop.svn.wordpress.org/trunk@47547


git-svn-id: http://core.svn.wordpress.org/trunk@47322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-03 19:40:08 +00:00
K. Adam White
58d5aad2a3 REST API: Fix _fields filtering of registered rest fields.
Use rest_is_field_included when determining which additional fields to include to permit filtering by nested field properties.

Props Dudo, kadamwhite, TimothyBlynJacobs.
Fixes #49648.

Built from https://develop.svn.wordpress.org/trunk@47511


git-svn-id: http://core.svn.wordpress.org/trunk@47286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-26 17:52:16 +00:00
Sergey Biryukov
d6178e1dcf REST API: Fix typo in disable-custom-gradients theme feature description.
Props Ipstenu, tobifjellner, pixelverbieger.
Reviewed by ocean90, johnbillion, SergeyBiryukov.
Fixes #49585.
Built from https://develop.svn.wordpress.org/trunk@47432


git-svn-id: http://core.svn.wordpress.org/trunk@47219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-06 00:17:05 +00:00
John Blackbourn
056dad9c2c Docs: Use more specific types in parameter descriptions in place of mixed.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47397


git-svn-id: http://core.svn.wordpress.org/trunk@47184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 10:38:07 +00:00
Sergey Biryukov
cbe5f9963a Docs: Improve documentation for WP_REST_Attachments_Controller.
This adds a missing DocBlock for `::register_routes()` and parameter descriptions for `::post_process_item()`.

Includes minor documenation fixes in other REST API classes for consistency.

Props dkarfa, mukesh27, SergeyBiryukov.
Fixes #48841.
Built from https://develop.svn.wordpress.org/trunk@47391


git-svn-id: http://core.svn.wordpress.org/trunk@47178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-28 12:31:08 +00:00
Sergey Biryukov
3a333ef030 Coding Standards: Use strict comparison for normalize_whitespace() checks when comparing revisions or autosaves.
Props dkarfa, itowhid06, TimothyBlynJacobs.
Fixes #47965.
Built from https://develop.svn.wordpress.org/trunk@47372


git-svn-id: http://core.svn.wordpress.org/trunk@47159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 19:35:09 +00:00
K. Adam White
a5f16272dd REST API: Permit access to the themes controller if user can edit any post type.
Check a more exhaustive list of post type editing caps beyond "edit_post" to ensure custom user roles with access to to specific post types may still use block editor functionality depending on theme features.

Props miyauchi, TimothyBlynJacobs.
Fixes #46723.

Built from https://develop.svn.wordpress.org/trunk@47361


git-svn-id: http://core.svn.wordpress.org/trunk@47148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 15:20:08 +00:00
K. Adam White
8faf366ab9 REST API: Apply all relevant block rendering filters when rendering block previews.
Several filters were introduced to the render_block method since the initial implementation of the block-renderer/ endpoints, causing the output of those endpoints to diverge from the rendered content of blocks on the frontend.

Props kadamwhite, TimothyBlynJacobs, miinasikk.
Fixes #49387.

Built from https://develop.svn.wordpress.org/trunk@47360


git-svn-id: http://core.svn.wordpress.org/trunk@47147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 15:05:06 +00:00
K. Adam White
480372b07c REST API: Fix namespace shadowing issue in route matching logic.
Following [47260] a namespace such as "test-ns" prevents any namespace such as "test-ns/v1" from being found when matching routes.
While not best practice, this was an unintentional back-compat break; this patch restores the original behavior.

Props david.binda, TimothyBlynJacobs.
Fixes #48530.


Built from https://develop.svn.wordpress.org/trunk@47351


git-svn-id: http://core.svn.wordpress.org/trunk@47138 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-24 18:07:08 +00:00
TimothyBlynJacobs
5031baa32b REST API: Don't assume all item schemas have properties.
All schema types, not just objects, are permitted as the base type of a resource. A future patch could add validation support for those types, but this fix only prevents a PHP warning from being issued.

Props dhavalkasvala, johnwatkins0, birgire.
Fixes #48785.

Built from https://develop.svn.wordpress.org/trunk@47328


git-svn-id: http://core.svn.wordpress.org/trunk@47122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-20 16:58:06 +00:00
TimothyBlynJacobs
450d49183b REST API: Fix links format in OPTIONS requests for non-variable routes.
Props nsundberg, johnwatkins0, birgire.
Fixes #49149.

Built from https://develop.svn.wordpress.org/trunk@47326


git-svn-id: http://core.svn.wordpress.org/trunk@47120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-20 00:55:05 +00:00
Sergey Biryukov
61986acde9 Users: Limit the scope of admin files required in WP_REST_Users_Controller.
This requires only `wp-admin/includes/user.php` for `get_editable_roles()`, instead of `wp-admin/includes/admin.php`.

Follow-up to [43589].

Props johnwatkins0.
Fixes #49450.
Built from https://develop.svn.wordpress.org/trunk@47299


git-svn-id: http://core.svn.wordpress.org/trunk@47099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 05:33:06 +00:00
Sergey Biryukov
8f877dc875 Docs: Improve inline comments for require_once calls in WP_REST_Users_Controller per the documentation standards.
Follow-up to [47295].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47298


git-svn-id: http://core.svn.wordpress.org/trunk@47098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:56:06 +00:00
Sergey Biryukov
97380ec1ce Docs: Fix typo in a comment in WP_REST_Attachments_Controller::create_item().
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47297


git-svn-id: http://core.svn.wordpress.org/trunk@47097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:30:04 +00:00
Sergey Biryukov
1d5d5b3e87 REST API: Restore wp-admin/includes/image.php requirement in WP_REST_Attachments_Controller::create_item().
Although the file is already included via the `::insert_attachment()` method, this addresses an inconsistency and corrects a misleading comment.

It also reduces the possibility of a future error in case `::insert_attachment()` is no longer called earlier in `::create_item()` at some point.

Follow-up to [43850] and [44206].

Props luisrivera.
Fixes #49449.
Built from https://develop.svn.wordpress.org/trunk@47296


git-svn-id: http://core.svn.wordpress.org/trunk@47096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:24:07 +00:00
Sergey Biryukov
445e2859ab Docs: Improve inline comments for require_once() calls in WP_REST_Attachments_Controller.
See #49449, #48303.
Built from https://develop.svn.wordpress.org/trunk@47295


git-svn-id: http://core.svn.wordpress.org/trunk@47095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:13:05 +00:00
K. Adam White
c85c8f5235 REST API: Introduce rest_{$this->post_type}_item_schema filter to enable manipulation of schema values.
register_rest_field can be used to add properties to a schema, but no mechanism existed to alter existing properties like "content".
Running the schema through this filter lets plugins append additional sub-properties to existing schema definitions.

Props luisherranz, TimothyBlynJacobs, swissspidy, westonruter, kadamwhite.
Fixes #47779.


Built from https://develop.svn.wordpress.org/trunk@47265


git-svn-id: http://core.svn.wordpress.org/trunk@47065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 16:28:06 +00:00
K. Adam White
12709269c1 REST API: Allow meta to be set when creating a new media record via REST.
Props TimothyBlynJacobs, apermo.
Fixes #44567.

Built from https://develop.svn.wordpress.org/trunk@47261


git-svn-id: http://core.svn.wordpress.org/trunk@47061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 03:39:06 +00:00
K. Adam White
23696bb074 REST API: Match REST API routes on namespace before performing regex checks.
Rule out groups of API endpoints by simple namespace string comparison to reduce the number of regex checks necessary when matching a route.

Props TimothyBlynJacobs.
Fixes #48530.

Built from https://develop.svn.wordpress.org/trunk@47260


git-svn-id: http://core.svn.wordpress.org/trunk@47060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 03:22:05 +00:00
K. Adam White
25d8f7240e REST API: List all core theme feature support details in /themes endpoint response.
Fully list which first-party core theme features are supported in the /themes endpoint response. This brings the REST API themes controller's response more in line with the output of get_theme_support().

Props adamboro, apieschel, koke, spacedmonkey, TimothyBlynJacobs.
See #49037.

Built from https://develop.svn.wordpress.org/trunk@47258


git-svn-id: http://core.svn.wordpress.org/trunk@47058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 02:00:07 +00:00
TimothyBlynJacobs
7019add74e REST API: Add support for the REDIRECT_HTTP_AUTHORIZATION header.
Previously the REST API did not account for server configurations where the Authorization header must be added using ModRewrite. This caused major DUX issues when trying to use custom authentication mechanisms.

Fixes #47077.
Props dshanske, cklosows.

Built from https://develop.svn.wordpress.org/trunk@47239


git-svn-id: http://core.svn.wordpress.org/trunk@47039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 16:08:16 +00:00