Commit Graph

270 Commits

Author SHA1 Message Date
danielbachhuber 699bf044ef REST API: Correct HTTP status code in error for requests to create a duplicate term.
The 409 error code is intended for situations where it is expected that the user will resolve the conflict and resubmit the same request. We use 400 error codes for other routes when a duplicate request is made. The 400 status code tells the user they need to modify their request for it to be successful.

Props shooper.
Merges [42354] to the 5.0 branch.
Fixes #42781. See #41370.

Built from https://develop.svn.wordpress.org/branches/5.0@43756


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-18 20:32:27 +00:00
danielbachhuber 8023795f7d REST API: Fix permissions error message in post statuses controller.
The permissions error message when a request tries to fetch post statuses unauthenticated is incorrect. It was a copy/paste from elsewhere, as indicated by the use of "in this post type" where this is no post type referenced.

Props schlessera.
Merges [42356] to the 5.0 branch.
Fixes #42303.

Built from https://develop.svn.wordpress.org/branches/5.0@43755


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-18 20:26:25 +00:00
danielbachhuber e4b0ddbf4d REST API: Fix version number in `_doing_it_wrong()` call.
`_doing_it_wrong()`, indeed.

Props joehoyle.
See #39965.

Built from https://develop.svn.wordpress.org/branches/5.0@43741


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-17 22:20:25 +00:00
K. Adam White a943d902c1 REST API: Slash existing meta values when comparing with incoming meta upates.
When comparing the old and new values for a meta key being set, ensure both values are sanitized using the same logic so that equal values match.

props boonebgorges, dcavins, MattGeri, pilou69, TimothyBlynJacobs.
Fixes #42069.

Built from https://develop.svn.wordpress.org/branches/5.0@43740


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-17 20:10:25 +00:00
danielbachhuber a2d601024f REST API: Introduce controller for searching across post types.
Introduces a `WP_REST_Search_Controller` class which registers a `/wp/v2/search` endpoint. Search types are handled by extending `WP_REST_Search_Handler`. The default search type is `WP_REST_Post_Search_Handler` but can be filtered by plugins or a theme.

Props danielbachhuber, flixos90, pento, rmccue.
Fixes #39965.

Built from https://develop.svn.wordpress.org/branches/5.0@43739


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-17 17:03:26 +00:00
danielbachhuber fbd004bbbd REST API: Fire actions after items are completely updated/inserted.
The existing `rest_insert_*` actions are fired before meta and additional fields are updated. These new `rest_after_*` actions fire after all write operations have completed.

Props timothyblynjacobs.
Fixes #42864.

Built from https://develop.svn.wordpress.org/branches/5.0@43737


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-17 11:20:26 +00:00
danielbachhuber 12b674fb3a REST API: Don't add fields to object when not included in `?_fields=`.
In [43087], we improved REST API performance by only rendering the fields specified in the request. Similarly, any fields registered with `register_rest_field()` should only be rendered when included in `?_fields=`.

Props dlh.
Fixes #45099.

Built from https://develop.svn.wordpress.org/branches/5.0@43736


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43565 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-17 02:41:27 +00:00
K. Adam White 9cafddd841 REST API: Add new class file and tests missed in [43734].
See #45016.

Built from https://develop.svn.wordpress.org/branches/5.0@43735


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-16 22:50:26 +00:00
danielbachhuber bab0d57578 REST API: Include `permalink_template`/`generated_slug` for Posts
In order for clients to present permalink previews, the REST API must share the computed results of `get_sample_permalink()`. These two values are now exposed as `permalink_template` and `generated_slug` for public, viewable post types, but only for `context=edit`.

Props danielbachhuber, rahulsprajapati.
Fixes #45017.

Built from https://develop.svn.wordpress.org/branches/5.0@43720


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-13 03:49:57 +00:00
Sergey Biryukov a6a20b29d8 REST API: Support pagination, order, search and other common query parameters for revisions.
The original REST API revisions controller relied on `wp_get_post_revisions()`, getting all revisions of a post without any possibility to restrict the result. This changeset replaces that function call with a proper `WP_Query` setup, replicating how `wp_get_post_revisions()` works while offering parameters to alter the default behavior.

Props adamsilverstein, birgire, flixos90.
Merges [43584-43586], [43647] to the 5.0 branch.
Fixes #40510.
Built from https://develop.svn.wordpress.org/branches/5.0@43716


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-11 07:16:46 +00:00
Sergey Biryukov c288d39db2 REST API: Pass correct ID to `meta->update_value` to permit setting term meta during term creation.
Props joehoyle.
Merges [43636] to the 5.0 branch.
Fixes #44834.
Built from https://develop.svn.wordpress.org/branches/5.0@43714


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-11 06:35:23 +00:00
danielbachhuber 4bf87727a4 REST API: Enable users with `read_private_posts` to query for them.
An authorized request with the `read_private_posts` capability for a post type should be able to `GET /wp/v2/posts` for posts of `status=private`. This query is further sanity-checked by `WP_REST_Posts_Controller->check_read_permission()`, which is unchanged.

Props rachelbaker, soulseekah, twoelevenjay.
Fixes #43701.

Built from https://develop.svn.wordpress.org/branches/5.0@43694


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-10 20:49:23 +00:00
danielbachhuber 8a5e5b0cf9 REST API: Load missing required file for multisite users
Requires wp-admin/includes/ms.php to make `upload_is_user_over_quota()` function available to multisite users uploading files.

Props JakePT, rachelbaker.
Merges [43603] to the 5.0 branch.
Fixes #44864.

Built from https://develop.svn.wordpress.org/branches/5.0@43691


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-10 12:37:24 +00:00
danielbachhuber bc07c9dd9f REST API: Declare `unfiltered_html` capability in links.
Because user capabilities can be modified at runtime, the REST API needs to expose them in some evaluated but declarative manner for clients to interpret. JSON Hyper Schema `targetSchema` provides an appropriate paradigm for doing so.

Props timothyblynjacobs.
Fixes #45014.

Built from https://develop.svn.wordpress.org/branches/5.0@43682


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-08 22:45:25 +00:00
danielbachhuber c1ddf45869 REST API: Persist attributes for attachment links
In [43437], the link definition implementation caused attachment links to be unexpectedly nested under an `attributes` key. This changeset restores the prior behavior.

Props TimothyBlynJacobs.
Fixes #44750.

Built from https://develop.svn.wordpress.org/branches/5.0@43681


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-08 18:19:28 +00:00
danielbachhuber 62a35c8545 REST API: Define taxonomy visibility settings in schema
For Gutenberg and other admin-type interfaces, it's
useful to be able to see the visibility settings for
taxonomies.

The original changeset was partially included in [43445].

Merges [42729], [42730], [42973] to the 5.0 branch.
Props joehoyle, TimothyBlynJacobs, pento.
Fixes #42707

Built from https://develop.svn.wordpress.org/branches/5.0@43680


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-08 13:50:27 +00:00
Sergey Biryukov 4c11410c58 REST API: Ensure attachments created with `WP_REST_Attachments_Controller::create_item()` on Windows have a relative path.
Props ocean90, SergeyBiryukov, redcastor.
Merges [43529] to the 4.9 branch.
Fixes #40861.
Built from https://develop.svn.wordpress.org/branches/4.9@43530


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43359 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 16:54:26 +00:00
K. Adam White 2afa2b446f REST API: Support meta registration for specific object subtypes.
Introduce an object_subtype argument to the args array for register_meta() which can be used to limit meta registration to a single subtype (e.g. a custom post type or taxonomy, vs all posts or taxonomies).

Introduce register_post_meta() and register_term_meta() wrapper methods for register_meta to provide a convenient interface for the common case of registering meta for a specific taxonomy or post type. These methods work the way plugin developers have often expected register_meta to function, and should be used in place of direct register_meta where possible.

Props flixos90, tharsheblows, spacedmonkey.

Merges [43378] to the 4.9 branch.
Fixes #38323.

Built from https://develop.svn.wordpress.org/branches/4.9@43510


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43339 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-19 18:49:25 +00:00
Sergey Biryukov 63779784f3 REST API: Fix some incorrect `@since` tags.
[43437] included some new methods, which were incorrectly tagged as being `@since 4.9.7`. This updates them to `4.9.8`.

Props danielbachhuber.
Merges [43463] to the 4.9 branch.
Fixes #44287.
Built from https://develop.svn.wordpress.org/branches/4.9@43490


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43317 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 16:16:26 +00:00
Sergey Biryukov d413bb103d REST API: Attachments controller should respect upload limits.
When the REST API is in use on WordPress multisite, the `WP_REST_Attachments_Controller` should respect the "Max upload file size" and "Site upload space" site options.

Props flixos90, danielbachhuber.
Merges [43462] to the 4.9 branch.
Fixes #43751.
Built from https://develop.svn.wordpress.org/branches/4.9@43489


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 16:12:27 +00:00
Gary Pendergast 595cd450eb REST API: Filter responses based on the `_fields` parameter, before data is processed.
Historically, the REST API would generate the entire response object, including running expensive filters, then it would apply the `_fields` parameter, discarding the fields that weren't specificed.

This change causes `_fields` to be applied earlier, so that only requested fields are processed.

Merges [43087] to the 4.9 branch.

Props danielbachhuber.
See #43874.


Built from https://develop.svn.wordpress.org/branches/4.9@43445


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 06:51:27 +00:00
Gary Pendergast 547a500699 REST API: Tweak permission checks for taxonomy and term endpoints
To match behaviour in the Classic Editor, we need to slightly loosen permissions on taxonomy and term endpoints. This allows users to create terms to assign to a post that they're editing.

Merges [43440] to the 4.9 branch.

Props danielbachhuber.
Fixes #44096.


Built from https://develop.svn.wordpress.org/branches/4.9@43443


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43270 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 06:29:25 +00:00
Gary Pendergast d802d709c7 REST API: Expose revision count and last revision ID on Post response
So that REST API clients can show appropriate UI for a post's revisions, it needs to know how many revisions the post has, and what the latest revision ID is.

Merge of [43439] and [43441] to the 4.9 branch.

Props kadamwhite, danielbachhuber, birgire, TimothyBlynJacobs, pento.
Fixes #44321.


Built from https://develop.svn.wordpress.org/branches/4.9@43442


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43269 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 06:14:25 +00:00
Gary Pendergast 26f6aeaeea REST API: Declare user capabilities using JSON Hyper Schema's "targetSchema".
There are a variety of operations a WordPress user can only perform if they have the correct capabilities. A REST API client should only display UI for one of these operations if the WordPress user can perform the operation.

Rather than requiring REST API clients to calculate whether to display UI based on potentially complicated combinations of user capabilities, `targetSchema` allows us to expose a single flag to show whether the corresponding UI should be displayed.

This change also includes flags on post objects for the following actions:

- `action-publish`: The current user can publish this post.
- `action-sticky`: The current user can make this post sticky, and the post type supports sticking.
- `action-assign-author': The current user can change the author on this post.
- `action-assign-{$taxonomy}`: The current user can assign terms from the "$taxonomy" taxonomy to this post.
- `action-create-{$taxonomy}`: The current user can create terms int the "$taxonomy" taxonomy.

Merges [43437] to the 4.9 branch.

Props TimothyBlynJacobs, danielbachhuber.
Fixes #44287.


Built from https://develop.svn.wordpress.org/branches/4.9@43438


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-11 09:21:29 +00:00
Sergey Biryukov 17c256df0b REST API: When handling `who=authors` query parameter for `GET wp/v2/users`, only check `edit_posts` for post types that support `author`.
Props danielbachhuber.
Merges [43137] to the 4.9 branch.
Fixes #42202.
Built from https://develop.svn.wordpress.org/branches/4.9@43138


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 06:54:25 +00:00
Sergey Biryukov 59a7fbddde REST API: Add `who=authors` as a query parameter for `GET wp/v2/users`.
Any WordPress user who can `edit_posts` of a post type with `show_in_rest=true` can query for authors. This maps to current WordPress behavior where a WordPress user who can view the Manage Posts view for a post type can see any WordPress user assigned to a post (whether published or draft).

This implementation, over restricting `who=authors` to users with `list_users`, gives us future flexibility in displaying lists of posts. It still respects more restrictive permissions for `context=edit`.

Props danielbachhuber.
Merges [43001] to the 4.9 branch.
Fixes #42202.
Built from https://develop.svn.wordpress.org/branches/4.9@43067


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 22:18:26 +00:00
Sergey Biryukov f04d84149f REST API: Include `viewable` attribute on Post Type resource for `edit` context.
For the block editor to be able to expose the Preview button correctly, it needs to know the `is_post_type_viewable()` setting, this change adds it to the Post Type response.

Props danielbachhuber.
Merges [43007] to the 4.9 branch.
Fixes #43739.
Built from https://develop.svn.wordpress.org/branches/4.9@43038


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 04:31:25 +00:00
Aaron Jorbin 4aee92bb1c REST API: Add existing term_id to the error data object when attempting to create a duplicate term.
Merges [42350] into 4.9

Props shooper, coleh, rachelbaker.
Fixes #42597. See #41370.

Built from https://develop.svn.wordpress.org/branches/4.9@42578


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-23 20:22:39 +00:00
Sergey Biryukov 9026b41b3b Media: Bring consistency to `getimagesize()` error suppression.
Props chasewg, joemcgill, jeremyfelt.
Merges [42449] to the 4.9 branch.
Fixes #42480.
Built from https://develop.svn.wordpress.org/branches/4.9@42450


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-15 20:02:39 +00:00
Rachel Baker 25bfff959f REST API: Return the proper status code for failed permission callbacks in WP_REST_Server->dispatch().
Use the rest_authorization_required_code() function to return a 401 status code when a permission callback fails due to a user not being logged in.

Merges [42421] to the 4.9 branch.

Props jaswrks.
Fixes #42828.

Built from https://develop.svn.wordpress.org/branches/4.9@42422


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42253 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-30 20:49:40 +00:00
Joe Hoyle bebb0b0d82 REST API: Don’t remove unregistered properties from objects in schema.
In r41727 the ability to sanitise and validate objects from JSON schema was added, with a whitelist approach. It was decided we should pass through all non-registered properties to reflect the behaviour of the root object in register_rest_route. To prevent arbitrary extra data via setting objects, we force additionalProperties to false in the settings endpoint.

See #38583.
Built from https://develop.svn.wordpress.org/trunk@42000


git-svn-id: http://core.svn.wordpress.org/trunk@41834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-24 21:05:49 +00:00
Weston Ruter 29d213cfbd REST API: Allow passing existing template value for posts even when template no longer exists.
Also remove `enum` for validating allowed templates to allow plugins to dynamically supply their own templates for specific posts, even when they are not in the theme.

Props TimothyBlynJacobs, jnylen0, swissspidy.
Fixes #39996.

Built from https://develop.svn.wordpress.org/trunk@41979


git-svn-id: http://core.svn.wordpress.org/trunk@41813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-23 22:11:46 +00:00
K. Adam White 30827e4a4f REST API: Support ordering response collection by listed slugs.
Adds an "include_slug" orderby value for REST API collections to permit returning a collection filtered by slugs in the same order in which those slugs are specified.
Previously, the order of slugs provided with the ?slug query parameter had no effect on the order of the returned records.

Props wonderboymusic, ocean90, boonebgorges.
Fixes #40826.


Built from https://develop.svn.wordpress.org/trunk@41760


git-svn-id: http://core.svn.wordpress.org/trunk@41594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-05 00:37:47 +00:00
K. Adam White 704fb3900b REST API: Support objects in settings schema.
Enables register_setting to accept an object as its schema value, allowing settings to accept non-scalar values through the REST API.
This whitelists the added type in the settings controller, and passes properties from argument registration into the validation functions.

Props joehoyle.
See #38583.


Built from https://develop.svn.wordpress.org/trunk@41758


git-svn-id: http://core.svn.wordpress.org/trunk@41592 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-05 00:19:49 +00:00
K. Adam White fe29c9c881 REST API: Return 409 status when attempting to create an existing term.
Fixes an issue where submitting a well-formed request to create a term inappropriately returns a 500 error status if that term already exists.
HTTP 5xx error codes should be reserved for unexpected server errors, so "409 Conflict" is a more appropriate response.

Props alibasheer, guzzilar, shooper.
Fixes #41370.


Built from https://develop.svn.wordpress.org/trunk@41737


git-svn-id: http://core.svn.wordpress.org/trunk@41571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 16:24:46 +00:00
John Blackbourn 090dfae53e REST API: Avoid counting an uncountable type when checking read permissions for comment posts.
This avoids deprecated notices from showing in PHP 7.2 and above.

Props ayeshrajans
Fixes #41457

Built from https://develop.svn.wordpress.org/trunk@41735


git-svn-id: http://core.svn.wordpress.org/trunk@41569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 15:38:49 +00:00
K. Adam White 18d9cc6051 REST API: Specify specific json-schema version.
Explicitly specifies that the REST API uses JSON Schema draft-04,
as JSON Schema has deprecated versionless schema URIs and recommends
the use of a specific draft version.

Props @TimothyBlynJacobs
Fixes #41734


Built from https://develop.svn.wordpress.org/trunk@41731


git-svn-id: http://core.svn.wordpress.org/trunk@41565 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 14:52:46 +00:00
Joe Hoyle f276b4901b REST API: Support for objects in schema validation and sanitization.
When registering routes developers can now define their complex objects in the schema and benefit from the automatic validation and sanitization in the REST API. This also paves the way for support for complex object registration via register_meta and register_setting.

See #38583.
Props TimothyBlynJacobs5.
Built from https://develop.svn.wordpress.org/trunk@41727


git-svn-id: http://core.svn.wordpress.org/trunk@41561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 08:27:47 +00:00
Sergey Biryukov 486ab09a0e I18N: Add translator comments for placeholders in `WP_REST_Controller` strings.
Props ramiy.
Fixes #41667.
Built from https://develop.svn.wordpress.org/trunk@41591


git-svn-id: http://core.svn.wordpress.org/trunk@41424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-25 10:27:43 +00:00
Sergey Biryukov 4a42f4e835 I18N: Replace code fragments in translatable strings for `rest_trash_not_supported` errors with a placeholder.
Props ramiy.
Fixes #41643.
Built from https://develop.svn.wordpress.org/trunk@41588


git-svn-id: http://core.svn.wordpress.org/trunk@41421 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 22:29:46 +00:00
Sergey Biryukov 982ba72da9 I18N: Replace method name in a translatable string in `WP_REST_Controller::register_routes()` with a placeholder.
Props ramiy.
Fixes #41667.
Built from https://develop.svn.wordpress.org/trunk@41587


git-svn-id: http://core.svn.wordpress.org/trunk@41420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 22:04:46 +00:00
Sergey Biryukov deb9b82032 Docs: Remove "to to" dittography from inline comments.
Props birgire.
See #41841.
Built from https://develop.svn.wordpress.org/trunk@41354


git-svn-id: http://core.svn.wordpress.org/trunk@41187 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-09 13:49:43 +00:00
Felix Arntz 1d0478d4b1 REST API: Allow site administrators to edit user roles in multisite.
While site administrators cannot generally edit users in multisite, they have always been able to change the roles of users on their site. In the REST API however, this has not been possible so far. This changeset brings parity with how it is handled in the administration panel: A REST request to edit only a user's roles succeeds correctly, while a REST request to edit any further details of a user fails.

Props jnylen0.
Fixes #40263.

Built from https://develop.svn.wordpress.org/trunk@41226


git-svn-id: http://core.svn.wordpress.org/trunk@41066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 21:59:44 +00:00
Felix Arntz 7e2ca92e69 Multisite: Introduce a `can_add_user_to_blog` filter to prevent adding a user to a site.
Under certain circumstances, it can be necessary that a user should not be added to a site, beyond the restrictions that WordPress core applies. With the new `can_add_user_to_blog` filter, plugin developers can run custom checks and return an error in case of a failure, that will prevent the user from being added.

The user-facing parts and the REST API route that interact with `add_user_to_blog()` have been adjusted accordingly to provide appropriate error feedback when a user could not be added to a site. Furthermore, two existing error feedback messages in the site admin's "New User" screen have been adjusted to properly show inside an error notice instead of a success notice.

Props jmdodd.
Fixes #41101.

Built from https://develop.svn.wordpress.org/trunk@41225


git-svn-id: http://core.svn.wordpress.org/trunk@41065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 21:41:45 +00:00
James Nylen 0ef4d4289f REST API: Exclude numeric parameters from regex parsing
The list of endpoint parameters should only include explicitly named and requested parameters.

Props flixos90, rmccue, jnylen0.
Fixes #40704.

Built from https://develop.svn.wordpress.org/trunk@41223


git-svn-id: http://core.svn.wordpress.org/trunk@41063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 19:55:43 +00:00
John Blackbourn b140e8f574 General: Fix various instances of incorrect filter docs and incorrect filter and action parameters.
Props keesiemeijer for identifying the issues

See #38462

Built from https://develop.svn.wordpress.org/trunk@41219


git-svn-id: http://core.svn.wordpress.org/trunk@41059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 15:43:43 +00:00
Sergey Biryukov e412ea2e6b Docs: Replace HTTP links to stackoverflow.com in DocBlocks with HTTPS.
Update the Nginx "Missing (disappearing) HTTP Headers" link.

Props johnpgreen.
Fixes #41331.
Built from https://develop.svn.wordpress.org/trunk@41189


git-svn-id: http://core.svn.wordpress.org/trunk@41029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-30 14:52:44 +00:00
Drew Jaynes 0860bb2771 Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes.
Prior to about 2013, many class methods lacked even access modifiers which made the `@access` notations that much more useful. Now that we've gotten to a point where the codebase is more mature from a maintenance perspective and we can finally remove these notations. Notable exceptions to this change include standalone functions notated as private as well as some classes still considered to represent "private" APIs.

See #41452.

Built from https://develop.svn.wordpress.org/trunk@41162


git-svn-id: http://core.svn.wordpress.org/trunk@41002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 00:41:44 +00:00
James Nylen 8f6088ba6e REST API: Add a filter to allow modifying the response *after* embedded data is added.
Fixes #38964.

Built from https://develop.svn.wordpress.org/trunk@40961


git-svn-id: http://core.svn.wordpress.org/trunk@40811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-29 13:17:43 +00:00
James Nylen 252ab08d88 REST API: Fix changing parameters with `set_param()` for some requests.
Prior to this commit, `WP_Rest_Request::get_param()` traversed through the parameter order but `WP_Rest_Request::set_param()` did not. For JSON requests (and likely other situations as well), this meant that changing a parameter with `set_param()` would have no effect on `get_param()`.

Props TimothyBlynJacobs.
Fixes #40344.


Built from https://develop.svn.wordpress.org/trunk@40815


git-svn-id: http://core.svn.wordpress.org/trunk@40673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-22 16:16:42 +00:00