Commit Graph

119 Commits

Author SHA1 Message Date
Joe Hoyle c15065dddf REST API: Remove get_allowed_query_vars() now `filter` is gone.
Now all public query vars are not supoprted via `?filter` in the REST API, we can remove the get_allowed_query_vars() method and filter. To provide developers with a good altnerative to `filter`, the `"rest_{$this->post_type}_collection_params"` filter has been added.

Props rmccue, rachelbacker, danielbachhuber.
Fixes #38629.

Built from https://develop.svn.wordpress.org/trunk@39162


git-svn-id: http://core.svn.wordpress.org/trunk@39102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 14:08:32 +00:00
Joe Hoyle 8de95582e2 REST API: Remove rest_get_post filter and `get_post` abstraction.
This filter was originally introduced in https://github.com/WP-API/WP-API/pull/2535 to support Customizer Changesets (née Transactions). This is a super broad filter and doesn't really fit with the design of the API, nor is it (arguably) the right level to do this.

Props rmccue.
Fixes #38701.

Built from https://develop.svn.wordpress.org/trunk@39161


git-svn-id: http://core.svn.wordpress.org/trunk@39101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 13:09:33 +00:00
Ryan McCue f1975b18ea REST API: Respect unfiltered_html for HTML post fields.
This necessitates a change to our slashing code as well. Ah slashing, the cause of, and solution to, all of life's problems.

Props jnylen0.
Fixes #38609.

Built from https://develop.svn.wordpress.org/trunk@39155


git-svn-id: http://core.svn.wordpress.org/trunk@39095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 05:55:32 +00:00
Rachel Baker 5564716a07 REST API: Modify the structure of our DELETE responses to be more explicit.
Add the `deleted` property to the root of the Response object to communicate if the delete action was successful. Move the state of the resource prior to the delete request under a new `previous` property.  As a result DELETE responses are now structured like so:
 `{ deleted: true, previous: { ... } }`

Also includes helpful information to DELETE requests for resources that are not trashable.

Props timmydcrawford, rmccue, jnylen0.
Fixes #38494.
Built from https://develop.svn.wordpress.org/trunk@39126


git-svn-id: http://core.svn.wordpress.org/trunk@39066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-04 17:11:29 +00:00
Rachel Baker 8c9f4f812a REST API: Return a `WP_Error` when a user does not have permission to create or update a post with the provided terms.
Add the 'assign_term' check for post create and update.

Props boonebgorges, johnbillion.
Fixes #38505.
Built from https://develop.svn.wordpress.org/trunk@39108


git-svn-id: http://core.svn.wordpress.org/trunk@39050 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 03:16:30 +00:00
Joe Hoyle d544c6ddd0 REST API: Switch to stable version of JSON Schema.
Props danielbachhuber.
Fixes #38635.

Built from https://develop.svn.wordpress.org/trunk@39106


git-svn-id: http://core.svn.wordpress.org/trunk@39048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 02:22:29 +00:00
Rachel Baker dcb12c35cf REST API: Clean-up our validation callbacks and add missing array `items` properties in our endpoint schemas.
Props joehoyle, jnylen0.
Fixes #38617.
Built from https://develop.svn.wordpress.org/trunk@39105


git-svn-id: http://core.svn.wordpress.org/trunk@39047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 02:18:29 +00:00
Joe Hoyle 901c4ed17a REST API: Support querying for multiple post statuses.
Multiple post statuses can be specified by the usual CSV or array-propper format.

Props jnylen0, kadamwhite, websupporter.
Fixes #38420.

Built from https://develop.svn.wordpress.org/trunk@39104


git-svn-id: http://core.svn.wordpress.org/trunk@39046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 01:46:29 +00:00
Ryan McCue 34cf5d8934 REST API: Allow querying for multiple `slug` values.
Props jnylen0, rachelbaker.
Fixes #38579.

Built from https://develop.svn.wordpress.org/trunk@39093


git-svn-id: http://core.svn.wordpress.org/trunk@39035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 07:14:29 +00:00
Ryan McCue a911bf7e2c REST API: Avoid default sanitization for polymorphic params.
Some parameters (`title`, `content`, etc) are objects in the output, but allow objects or strings to be sent in updates for a more ergonomic interface. This is pretty weird behaviour, so the default sanitisation doesn't handle this. We instead handle this ourselves in the preparation.

Props joehoyle, rachelbaker.
Fixes #38529.

Built from https://develop.svn.wordpress.org/trunk@39089


git-svn-id: http://core.svn.wordpress.org/trunk@39031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 06:02:29 +00:00
Ryan McCue 08ea66490b REST API: Only expose formats supported by the current theme.
While it's valid to save any format to the database, and WordPress is totally fine with that, we should only include the formats specified by the theme in the schema.

Props danielbachhuber.
Fixes #38610.

Built from https://develop.svn.wordpress.org/trunk@39084


git-svn-id: http://core.svn.wordpress.org/trunk@39026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 03:37:32 +00:00
Gary Pendergast 9862543913 REST API: Allow a CSV list of term IDs to be passed to `/posts`.
[39048] added CSV support to array types, this change explicitly parses term lists as IDs, and adds tests.

Props timmydcrawford, pento.
Fixes #38553.


Built from https://develop.svn.wordpress.org/trunk@39055


git-svn-id: http://core.svn.wordpress.org/trunk@38997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 11:06:31 +00:00
Drew Jaynes 9635867540 Docs: The `query_vars` filter used in the REST posts controller should be notated as a duplicate rather than a new hook.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39049


git-svn-id: http://core.svn.wordpress.org/trunk@38991 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 05:50:29 +00:00
Ryan McCue 4dab905dba REST API: Support password on non-post post types.
The password field was incorrectly only added to "post" post types, but is supported for all post types in the Dashboard UI.

Props jnylen0.
Fixes #38582.

Built from https://develop.svn.wordpress.org/trunk@39047


git-svn-id: http://core.svn.wordpress.org/trunk@38989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 03:53:32 +00:00
Gary Pendergast 6c1e98d1fb REST API: Add support for arrays in schema validation and sanitization.
By allowing more fine-grained validation and sanitisation of endpoint args, we can ensure the correct data is being passed to endpoints.

This can easily be extended to support new data types, such as CSV fields or objects.

Props joehoyle, rachelbaker, pento.
Fixes #38531.


Built from https://develop.svn.wordpress.org/trunk@39046


git-svn-id: http://core.svn.wordpress.org/trunk@38988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 01:48:41 +00:00
Drew Jaynes e84b257852 Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Posts_Controller` class.
Props Soean, mrahmadawais, flixos90, DrewAPicture.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39026


git-svn-id: http://core.svn.wordpress.org/trunk@38968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 17:37:35 +00:00
Rachel Baker d359ffc270 REST API: Remove experimental `filter` wrapper parameter from the Posts Controller class.
Hiding WP_Query params under the filter key (instead of allowing them to be top-level params) was one of our biggest complaints from users of v1 of our REST API. This walks back the re-introduction of the `filter` param during Beta 15, which introduced an "inconsistent mess" and "exposing WP_Query through filter has and will continue to be difficult to support." See https://github.com/WP-API/WP-API/issues/2799.

Props websupporter, rachelbaker.
Fixes #38378.
Built from https://develop.svn.wordpress.org/trunk@38968


git-svn-id: http://core.svn.wordpress.org/trunk@38911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 21:37:31 +00:00
Joe Hoyle e8a311ed02 REST API: Validate posts status enum
Currently we are using a different validate callback, so the `enum` is not interpretted. We just have to fallback to the result of `rest_validate_request_arg` in our custom wrapper function.

Fixes #38417.

Built from https://develop.svn.wordpress.org/trunk@38911


git-svn-id: http://core.svn.wordpress.org/trunk@38854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-25 17:13:28 +00:00
Rachel Baker e4a7c0a397 REST API: Introduce the Content API endpoints.
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.

Love your REST API, WordPress!  The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"

Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes #38373.
Built from https://develop.svn.wordpress.org/trunk@38832


git-svn-id: http://core.svn.wordpress.org/trunk@38775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-20 02:55:32 +00:00