REST API: Automatically populate targetHints for the Allow header.
The REST API uses the "Allow" header to communicate what methods a user is authorized to perform on a resource. This works great when operating on a single item route, but can break down when needing to determine authorization over a collection of items. This commit uses the "targetHints" property of JSON Hyper Schema to provide access to the "allow" header for "self" links. This alleviates needing to make a separate network request for each item in a collection. Props mamaduka, noisysocks, peterwilsoncc, spacedmonkey, swissspidy, timothyblynjacobs, tyxla, youknowriad. Fixes #61739. Built from https://develop.svn.wordpress.org/trunk@59032 git-svn-id: http://core.svn.wordpress.org/trunk@58428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
757729e878
commit
b4acb10706
|
@ -636,13 +636,75 @@ class WP_REST_Server {
|
|||
foreach ( $items as $item ) {
|
||||
$attributes = $item['attributes'];
|
||||
$attributes['href'] = $item['href'];
|
||||
$data[ $rel ][] = $attributes;
|
||||
|
||||
if ( 'self' !== $rel ) {
|
||||
$data[ $rel ][] = $attributes;
|
||||
continue;
|
||||
}
|
||||
|
||||
$target_hints = self::get_target_hints_for_link( $attributes );
|
||||
if ( $target_hints ) {
|
||||
$attributes['targetHints'] = $target_hints;
|
||||
}
|
||||
|
||||
$data[ $rel ][] = $attributes;
|
||||
}
|
||||
}
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the target links for a REST API Link.
|
||||
*
|
||||
* @since 6.7.0
|
||||
*
|
||||
* @param array $link
|
||||
*
|
||||
* @return array|null
|
||||
*/
|
||||
protected static function get_target_hints_for_link( $link ) {
|
||||
// Prefer targetHints that were specifically designated by the developer.
|
||||
if ( isset( $link['targetHints']['allow'] ) ) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$request = WP_REST_Request::from_url( $link['href'] );
|
||||
if ( ! $request ) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$server = rest_get_server();
|
||||
$match = $server->match_request_to_handler( $request );
|
||||
|
||||
if ( is_wp_error( $match ) ) {
|
||||
return null;
|
||||
}
|
||||
|
||||
if ( is_wp_error( $request->has_valid_params() ) ) {
|
||||
return null;
|
||||
}
|
||||
|
||||
if ( is_wp_error( $request->sanitize_params() ) ) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$target_hints = array();
|
||||
|
||||
$response = new WP_REST_Response();
|
||||
$response->set_matched_route( $match[0] );
|
||||
$response->set_matched_handler( $match[1] );
|
||||
$headers = rest_send_allow_header( $response, $server, $request )->get_headers();
|
||||
|
||||
foreach ( $headers as $name => $value ) {
|
||||
$name = WP_REST_Request::canonicalize_header_name( $name );
|
||||
|
||||
$target_hints[ $name ] = array_map( 'trim', explode( ',', $value ) );
|
||||
}
|
||||
|
||||
return $target_hints;
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves the CURIEs (compact URIs) used for relations.
|
||||
*
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '6.7-alpha-59031';
|
||||
$wp_version = '6.7-alpha-59032';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
|
Loading…
Reference in New Issue