Commit Graph

95 Commits

Author SHA1 Message Date
audrasjb 4cfb52760f REST API: Limit `search_columns` for users without `list_users`.
Props Vortfu, jorbin, joehoyle, timothyblynjacobs, peterwilsoncc, ehtis.




Built from https://develop.svn.wordpress.org/trunk@56833


git-svn-id: http://core.svn.wordpress.org/trunk@56345 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-10-12 12:30:20 +00:00
Sergey Biryukov 1aca5e48e5 Coding Standards: Restore more descriptive variable names in a few class methods.
When various methods parameters in child classes were renamed to `$item` to match the parent class for PHP 8 named parameter support, most of the methods restored the more descriptive, specific name at the beginning for better readability, with several exceptions for methods consisting only of a few lines.

To avoid confusion about why some methods do that and some don't, this commit aims to bring more consistency to the code, specifically in list tables' `::column_default()` methods.

Follow-up to [51728], [51737], [51786].

See #58831.
Built from https://develop.svn.wordpress.org/trunk@56586


git-svn-id: http://core.svn.wordpress.org/trunk@56098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-14 12:46:20 +00:00
audrasjb 58ebfc61f1 Docs: Replace multiple single line comments with multi-line comments.
This changeset updates various comments as per WordPress PHP Inline Documentation Standards.
See https://developer.wordpress.org/coding-standards/inline-documentation-standards/php/#5-inline-comments.

Follow-up to [56174], [56175], [56176], [56177], [56178], [56179], [56180], [56191], [56192], [56193], [56194].

Props costdev, audrasjb.
See #58459.



Built from https://develop.svn.wordpress.org/trunk@56195


git-svn-id: http://core.svn.wordpress.org/trunk@55707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-10 23:19:23 +00:00
Sergey Biryukov 1ce5dc7444 Code Modernization: Replace usage of `strpos()` with `str_contains()`.
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].

Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #58206.
Built from https://develop.svn.wordpress.org/trunk@55988


git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 14:36:26 +00:00
hellofromTonya 5584cf60c0 REST API: Remove 'Invalid user ID' error in WP_REST_Users_Controller::update_item().
Removes the `WP_Error` code for `'Invalid user ID.'`. Why?

tl;dr
This branch will never be entered as the `$user` will never be falsey.

Longer reasoning:

[39954] introduced `WP_REST_Users_Controller::get_user()` method to encapsulate getting the user and handling the `'Invalid user ID.'` `WP_Error`. It replaced `get_userdata()` in `WP_REST_Users_Controller::update_item()` but left the existing `'Invalid user ID.'` `WP_Error` introduced in [38832].

The code removed in this changeset will never be reached because `$user` will never be falsey. Rather, `WP_REST_Users_Controller::get_user()` will always return an instance of `WP_Error` or `WP_User`. 

Could the user's ID be falsey?
No. Why? `WP_REST_Users_Controller::get_user()` checks that the user exists, which checks if the ID is falsey.

Therefore, the code can safely be removed.

Follow-up to [39954], [38832].

Props jrf, costdev, hellofromTonya, SergeyBiryukov.
Fixes #56662.
Built from https://develop.svn.wordpress.org/trunk@55325


git-svn-id: http://core.svn.wordpress.org/trunk@54858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-13 23:10:20 +00:00
Sergey Biryukov 3ba44120d0 Coding Standards: Always use parentheses when instantiating an object.
Note: This will be enforced by WPCS 3.0.0.

Props jrf.
See #56791.
Built from https://develop.svn.wordpress.org/trunk@54891


git-svn-id: http://core.svn.wordpress.org/trunk@54443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-29 15:51:14 +00:00
hellofromTonya d7893c3cea Code Modernization: Fix null to non-nullable deprecation in `WP_REST_Users_Controller::update_item()`.
Not all requests are accompanied by a `$request['email']`. This leads to a PHP 8.1 "passing null to non-nullable" deprecation notice when the `WP_REST_Users_Controller::update_item()` method passes a `null` email address onto `email_exists()`, which eventually reached the `WP_User::get_data_by()` method where things go wrong.

In the next condition in the code of the `WP_REST_Users_Controller::update_item()` method - `if ( $owner_id && $owner_id !== $id )` - you can see that the code already takes this into account as it will not throw a `WP_Error` if `$owner_id` is falsey.

`WP_User::get_data_by()` returns `false` for a failed field request. The other functions through which the return value is passed through, do the same.

So, by setting a default value for `$owner_id` of `false` and only checking `email_exists()` when there is an email to check, the "passing null to non-nullable" deprecation notice is bypassed without breaking BC.

Fixes a whole slew of test errors along the lines of:
{{{
6) WP_Test_REST_Users_Controller::test_update_item_en_US_locale
trim(): Passing null to parameter https://github.com/WordPress/wordpress-develop/pull/1 ($string) of type string is deprecated

/var/www/src/wp-includes/class-wp-user.php:211
/var/www/src/wp-includes/pluggable.php:105
/var/www/src/wp-includes/user.php:1953
/var/www/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php:728
/var/www/src/wp-includes/rest-api/class-wp-rest-server.php:1143
/var/www/src/wp-includes/rest-api/class-wp-rest-server.php:990
/var/www/tests/phpunit/includes/spy-rest-server.php:67
/var/www/tests/phpunit/tests/rest-api/rest-users-controller.php:1719
/var/www/vendor/bin/phpunit:123
}}}

Follow-up to [44641], [38832].

Props jrf.
See #55656.
Built from https://develop.svn.wordpress.org/trunk@54317


git-svn-id: http://core.svn.wordpress.org/trunk@53876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-26 21:46:09 +00:00
spacedmonkey 16dfb05173 REST API: Avoid unnecessarily preparing item links.
Do not call the `prepare_links` methods in core REST API controllers, unless the `_links` or `_embedded` fields are requested. There is no need to prepare links if they are never returned in the response. This saves resources, as many calls to `prepare_links` methods perform database queries. 

Props Spacedmonkey, timothyblynjacobs, rachelbaker, desrosj, dlh, hellofromTonya.
Fixes #52992.
Built from https://develop.svn.wordpress.org/trunk@53760


git-svn-id: http://core.svn.wordpress.org/trunk@53319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-07-22 14:00:12 +00:00
audrasjb 223cda987f Administration: Replace contracted verb forms for better consistency.
This changeset replaces contracted verb forms like `doesn't`, `can't`, or `isn't` with non-contracted forms like `does not`, `cannot`, or `is not`, for better consistency across the WordPress administration. It also updates some corresponding unit tests strings.

Props Presskopp, socalchristina, aandrewdixon, francina, SergeyBiryukov, JeffPaul, audrasjb, hellofromTonya.
Fixes #38913.
See #39176.

Built from https://develop.svn.wordpress.org/trunk@52978


git-svn-id: http://core.svn.wordpress.org/trunk@52567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-22 16:25:03 +00:00
noisysocks c421e9b34a Add Site Editor and PHP changes from Gutenberg 10.1 - 11.9
- First pass at adding the site editor from the Gutenberg plugin to
  wp-admin/site-editor.php.
- Adds miscellaneous PHP changes from Gutenberg 10.1 - 11.9.

Follows [52042].
See #54337.
Props youknowriad, aristath, hellofromtonya, gziolo.

Built from https://develop.svn.wordpress.org/trunk@52069


git-svn-id: http://core.svn.wordpress.org/trunk@51661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-09 02:17:17 +00:00
Pascal Birchler a225165010 Role/Capability: Add support for capability queries in `WP_User_Query`.
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:

* `capability` 
* `capability__in`
* `capability__not_in`

These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.

Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:

* all users with a role that has this capability
* all users with the capability being assigned directly

Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.

The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.

Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.

This updates any usage of `'who' => 'authors'` in core to use capability queries instead.

Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.

Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.

Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.

Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes #16841.

Built from https://develop.svn.wordpress.org/trunk@51943


git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:43:57 +00:00
hellofromTonya 41307cd4e6 Code Modernization: Fix parameter name mismatches for parent/child classes in `WP_REST_Controller::prepare_item_for_response()`.
In each child and grandchild class, renames the first parameter to match the parent's method signature.

Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.

Changes for readability:

- `@since` clearly specifies the original parameter name and its new name as well as why the change happened.

- In methods longer than a single line, the generic parameter is reassigned to the original parameter restoring it for context for use within the method. An inline comment is added to explain why this reassignment is made.

Follow-up to [38832], [39011], [39015], [39021], [39024], [39025], [39031], [39036], [43519], [43735], [43739], [43768], [46821], [48173], [48242], [49088], [50995], [51003], [51021].

Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51786


git-svn-id: http://core.svn.wordpress.org/trunk@51393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 18:36:57 +00:00
Sergey Biryukov d72eb14abf Docs: Document the globals used in some REST API methods.
See #53399.
Built from https://develop.svn.wordpress.org/trunk@51278


git-svn-id: http://core.svn.wordpress.org/trunk@50887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-30 12:34:56 +00:00
Sergey Biryukov cc95428f75 REST API: Update “object” strings to use the appropriate nouns.
This updates route arguments and schema descriptions to use more specific object types for clarity.

Follow-up to [39342].

Props lephleg, jnylen0.
Fixes #40720.
Built from https://develop.svn.wordpress.org/trunk@51000


git-svn-id: http://core.svn.wordpress.org/trunk@50609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-25 13:12:58 +00:00
John Blackbourn 35e1b34f8e REST API: Corrections and improvements to docblocks for REST API filters.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49955


git-svn-id: http://core.svn.wordpress.org/trunk@49654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-10 22:23:09 +00:00
Sergey Biryukov c3b89441f7 Docs: Correct the type of the `$user` parameter in `WP_REST_Users_Controller::prepare_links()`.
Props iviweb, mukesh27.
Fixes #52175.
Built from https://develop.svn.wordpress.org/trunk@49906


git-svn-id: http://core.svn.wordpress.org/trunk@49605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-25 14:54:07 +00:00
John Blackbourn bf83c368fd Docs: Various docblock improvements.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49790


git-svn-id: http://core.svn.wordpress.org/trunk@49513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-10 23:59:03 +00:00
John Blackbourn 905460bd5e Docs: Standardise the type name for booleans and integers.
This brings these docs inline with the documentation standards.

Props ravipatel, justinahinon

Fixes #51426

Built from https://develop.svn.wordpress.org/trunk@49120


git-svn-id: http://core.svn.wordpress.org/trunk@48882 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-10 20:02:05 +00:00
Sergey Biryukov 1f85e7484f Docs: Consistently use third-person singular verbs for various filter descriptions, per the documentation standards.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@48782


git-svn-id: http://core.svn.wordpress.org/trunk@48544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-11 00:34:08 +00:00
Sergey Biryukov bb0630caa9 I18N: Use a placeholder instead of the `\` character in a translatable string in `WP_REST_Users_Controller::check_user_password()`.
Props ramiy.
Fixes #50812.
Built from https://develop.svn.wordpress.org/trunk@48692


git-svn-id: http://core.svn.wordpress.org/trunk@48454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-30 12:28:06 +00:00
TimothyBlynJacobs b8d5e161eb REST API: Issue a _doing_it_wrong when registering a route without a permission callback.
The REST API treats routes without a permission_callback as public. Because this happens without any warning to the user, if the permission callback is unintentionally omitted or misspelled, the endpoint can end up being available to the public. Such a scenario has happened multiple times in the wild, and the results can be catostrophic when it occurs.

For REST API routes that are intended to be public, it is recommended to set the permission callback to the `__return_true` built in function.

Fixes #50075.
Props rmccue, sorenbronsted, whyisjake, SergeyBiryukov, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48526


git-svn-id: http://core.svn.wordpress.org/trunk@48288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 12:03:05 +00:00
Sergey Biryukov 37d48e2f2e Users: Merge two similar error messages about usernames with invalid characters.
Props ramiy, garrett-eclipse, chetan200891.
Fixes #47003.
Built from https://develop.svn.wordpress.org/trunk@48195


git-svn-id: http://core.svn.wordpress.org/trunk@47964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-27 23:44:09 +00:00
Sergey Biryukov a576a13246 Docs: Remove an empty line between `@param` and `@return` tags, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48102


git-svn-id: http://core.svn.wordpress.org/trunk@47871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 11:18:09 +00:00
John Blackbourn 1a77bb81d8 Docs: Remove unnecessary variables names from `@return` tags.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48100


git-svn-id: http://core.svn.wordpress.org/trunk@47869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-19 22:55:12 +00:00
John Blackbourn 056dad9c2c Docs: Use more specific types in parameter descriptions in place of `mixed`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47397


git-svn-id: http://core.svn.wordpress.org/trunk@47184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 10:38:07 +00:00
Sergey Biryukov 61986acde9 Users: Limit the scope of admin files required in `WP_REST_Users_Controller`.
This requires only `wp-admin/includes/user.php` for `get_editable_roles()`, instead of `wp-admin/includes/admin.php`.

Follow-up to [43589].

Props johnwatkins0.
Fixes #49450.
Built from https://develop.svn.wordpress.org/trunk@47299


git-svn-id: http://core.svn.wordpress.org/trunk@47099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 05:33:06 +00:00
Sergey Biryukov 8f877dc875 Docs: Improve inline comments for `require_once` calls in `WP_REST_Users_Controller` per the documentation standards.
Follow-up to [47295].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47298


git-svn-id: http://core.svn.wordpress.org/trunk@47098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:56:06 +00:00
Sergey Biryukov 001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov ea6e0cc3ca Coding Standards: Use Yoda conditions in `wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php`.
Props jenilk.
Fixes #49150.
Built from https://develop.svn.wordpress.org/trunk@47050


git-svn-id: http://core.svn.wordpress.org/trunk@46850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-08 11:32:02 +00:00
Sergey Biryukov 9bec6f1e54 REST API: Synchronize permission checks in `::get_items_permissions_check()` methods for post types, post statuses, and users:
* Only query post types with `'show_in_rest' => true` instead of looping over all post types and checking the `show_in_rest` property separately.
* Return from the `foreach()` loop as soon as the permission check succeeded.

Props pbiron, TimothyBlynJacobs, SergeyBiryukov.
Fixes #49118.
Built from https://develop.svn.wordpress.org/trunk@47034


git-svn-id: http://core.svn.wordpress.org/trunk@46834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-03 02:28:03 +00:00
John Blackbourn f93ee2ca76 Docs: Increase the specificity of various docblock parameter types and return types.
See #48303
Built from https://develop.svn.wordpress.org/trunk@46823


git-svn-id: http://core.svn.wordpress.org/trunk@46623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-06 22:43:04 +00:00
Sergey Biryukov 1d1c74385f REST API: Use strict `in_array()` checks for the list of usernames blacklisted via `illegal_user_logins` filter.
See #48839.
Built from https://develop.svn.wordpress.org/trunk@46804


git-svn-id: http://core.svn.wordpress.org/trunk@46604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-29 22:04:02 +00:00
Sergey Biryukov 3d623995a8 Docs: In various `@return` tags, list the expected type first, instead of `WP_Error`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@46696


git-svn-id: http://core.svn.wordpress.org/trunk@46496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-11 02:43:03 +00:00
Sergey Biryukov 6cab9557fb REST API: Mark `WP_REST_Users_Controller::update_current_item()` and `::delete_current_item()` as public.
Props dkarfa.
Fixes #47967.
Built from https://develop.svn.wordpress.org/trunk@46070


git-svn-id: http://core.svn.wordpress.org/trunk@45882 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-05 23:18:55 +00:00
Sergey Biryukov 65747e3c91 Docs: Remove extra spaces in various REST API DocBlocks.
See #47110.
Built from https://develop.svn.wordpress.org/trunk@46069


git-svn-id: http://core.svn.wordpress.org/trunk@45881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-05 23:05:55 +00:00
Sergey Biryukov e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
K. Adam White 5dbb64d0dd REST API: Cache results of get_item_schema on controller instances for performance.
Caches the output of get_item_schema() to avoid redundant recomputation of translatable strings and other computed values. This method is called many times per item in each REST request, and the results of the method should not vary between calls.
Additional schema fields are not cached.

Props kadamwhite, joehoyle, TimothyBlynJacobs.
Fixes #47871.

Built from https://develop.svn.wordpress.org/trunk@45811


git-svn-id: http://core.svn.wordpress.org/trunk@45622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 21:09:55 +00:00
Sergey Biryukov e85a5c64a3 REST API: Allow `rest_get_avatar_urls()` to accept full user, post, or comment objects, rather than just an email address, to provide better flexibility for alternative avatar data.
Since the function uses `get_avatar_url()` internally, which already supports it, this should not have any backward compatibility concerns.

Props donmhico, dshanske, pputzer, joehoyle, TimothyBlynJacobs.
Fixes #40030.
Built from https://develop.svn.wordpress.org/trunk@45632


git-svn-id: http://core.svn.wordpress.org/trunk@45443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-14 14:35:56 +00:00
Gary Pendergast 4803fc405e Coding Standards: Fix the `Squiz.PHP.DisallowMultipleAssignments` violations in `wp-includes`.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45590


git-svn-id: http://core.svn.wordpress.org/trunk@45401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-02 23:42:58 +00:00
Sergey Biryukov c77e771c84 Date/Time: Replace all instances of `date()` with `gmdate()`.
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).

`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.

Props nielsdeblaauw, Rarst.
Fixes #46438. See #44491.
Built from https://develop.svn.wordpress.org/trunk@45424


git-svn-id: http://core.svn.wordpress.org/trunk@45235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-26 00:12:54 +00:00
K. Adam White 0b6f00fde2 REST API: Always urlencode_deep() query args in get_items methods.
Passing all received query arguments through urlencode_deep ensures that the full set of query arguments are encoded in the same way.

Props dmsnell.
Fixes #46199

Built from https://develop.svn.wordpress.org/trunk@45267


git-svn-id: http://core.svn.wordpress.org/trunk@45076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-25 00:08:52 +00:00
desrosj 56bb62543d REST API: Allow a user to change the letter casing of their email.
When a `PUT` request is performed to update a user, a `rest_user_invalid_email` error is incorrectly being returned when the email exists with different letter casing, even if it belongs to the user being updated. `email_exists()` performs a case insensitive lookup, but the conditional statement following that lookup was performing a strict comparison between the new email and the user’s current email.

This changes that comparison to instead compare the user ID returned by `email_exists()` with the user ID being updated. This more closely matches the logic used in `edit_user()` and allows a user to change the letter casing of their email.

Props fuchsws, rachelbaker, desrosj.
Fixes #44672.
Built from https://develop.svn.wordpress.org/trunk@44641


git-svn-id: http://core.svn.wordpress.org/trunk@44472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-17 21:25:51 +00:00
desrosj 6e3adbfe8c REST API: Fire actions after items are completely updated/inserted.
The existing `rest_insert_*` actions are fired before meta and additional fields are updated. These new `rest_after_*` actions fire after all write operations have completed.

Props timothyblynjacobs, danielbachhuber.

Merges [43737] to trunk.

Fixes #42864.
Built from https://develop.svn.wordpress.org/trunk@43987


git-svn-id: http://core.svn.wordpress.org/trunk@43819 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-12 21:12:24 +00:00
Gary Pendergast 56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Sergey Biryukov 4c43e71478 REST API: When handling `who=authors` query parameter for `GET wp/v2/users`, only check `edit_posts` for post types that support `author`.
Props danielbachhuber.
Fixes #42202.
Built from https://develop.svn.wordpress.org/trunk@43137


git-svn-id: http://core.svn.wordpress.org/trunk@42966 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 06:52:21 +00:00
Gary Pendergast 2f792d442b REST API: Filter responses based on the `_fields` parameter, before data is processed.
Historically, the REST API would generate the entire response object, including running expensive filters, then it would apply the `_fields` parameter, discarding the fields that weren't specificed.

This change causes `_fields` to be applied earlier, so that only requested fields are processed.

Props danielbachhuber.
See #43874.


Built from https://develop.svn.wordpress.org/trunk@43087


git-svn-id: http://core.svn.wordpress.org/trunk@42916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:25:21 +00:00
Gary Pendergast 41968f7ea9 REST API: Add `who=authors` as a query parameter for `GET wp/v2/users`.
Any WordPress user who can `edit_posts` of a post type with `show_in_rest=true` can query for authors. This maps to current WordPress behavior where a WordPress user who can view the Manage Posts view for a post type can see any WordPress user assigned to a post (whether published or draft).

This implementation, over restricting `who=authors` to users with `list_users`, gives us future flexibility in displaying lists of posts. It still respects more restrictive permissions for `context=edit`.

Props danielbachhuber.
Fixes #42202.


Built from https://develop.svn.wordpress.org/trunk@43001


git-svn-id: http://core.svn.wordpress.org/trunk@42830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-25 13:06:21 +00:00
Sergey Biryukov 0e802a627d General: Introduce `WP_Error::has_errors()` method and use it where appropriate.
Props robdxw, DrewAPicture, SergeyBiryukov.
Fixes #42742.
Built from https://develop.svn.wordpress.org/trunk@42761


git-svn-id: http://core.svn.wordpress.org/trunk@42591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-27 02:31:31 +00:00
Gary Pendergast aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
K. Adam White 30827e4a4f REST API: Support ordering response collection by listed slugs.
Adds an "include_slug" orderby value for REST API collections to permit returning a collection filtered by slugs in the same order in which those slugs are specified.
Previously, the order of slugs provided with the ?slug query parameter had no effect on the order of the returned records.

Props wonderboymusic, ocean90, boonebgorges.
Fixes #40826.


Built from https://develop.svn.wordpress.org/trunk@41760


git-svn-id: http://core.svn.wordpress.org/trunk@41594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-05 00:37:47 +00:00