Commit Graph

166 Commits

Author SHA1 Message Date
Ryan McCue 8760c9a91d REST API: Change attachment caption & description to objects.
Just like excerpt and content for regular posts, these have transformations applied that can make the content significantly different from the raw value.

Props jnylen0.
Fixes #38679.

Built from https://develop.svn.wordpress.org/trunk@39154


git-svn-id: http://core.svn.wordpress.org/trunk@39094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 04:29:32 +00:00
Rachel Baker 5564716a07 REST API: Modify the structure of our DELETE responses to be more explicit.
Add the `deleted` property to the root of the Response object to communicate if the delete action was successful. Move the state of the resource prior to the delete request under a new `previous` property.  As a result DELETE responses are now structured like so:
 `{ deleted: true, previous: { ... } }`

Also includes helpful information to DELETE requests for resources that are not trashable.

Props timmydcrawford, rmccue, jnylen0.
Fixes #38494.
Built from https://develop.svn.wordpress.org/trunk@39126


git-svn-id: http://core.svn.wordpress.org/trunk@39066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-04 17:11:29 +00:00
Ryan McCue 721cf281a3 REST API: Only provide JSON error code on PHP 5.3+.
json_last_error() was only added to PHP 5.3.0, so we can't provide the information for older versions.

See #38547.

Built from https://develop.svn.wordpress.org/trunk@39111


git-svn-id: http://core.svn.wordpress.org/trunk@39053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 04:57:30 +00:00
Joe Hoyle 6b08485cfa REST API: Return error when JSON decoding fails.
If you send a request to the REST API with invalid JSON in body than it will now return a error. This assists developers if they accidentally send invalid JSON and wonder why their data appears to be ignored.

Props rmccue.
Fixes #38547.

Built from https://develop.svn.wordpress.org/trunk@39109


git-svn-id: http://core.svn.wordpress.org/trunk@39051 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 04:05:36 +00:00
Rachel Baker 8c9f4f812a REST API: Return a `WP_Error` when a user does not have permission to create or update a post with the provided terms.
Add the 'assign_term' check for post create and update.

Props boonebgorges, johnbillion.
Fixes #38505.
Built from https://develop.svn.wordpress.org/trunk@39108


git-svn-id: http://core.svn.wordpress.org/trunk@39050 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 03:16:30 +00:00
Joe Hoyle d544c6ddd0 REST API: Switch to stable version of JSON Schema.
Props danielbachhuber.
Fixes #38635.

Built from https://develop.svn.wordpress.org/trunk@39106


git-svn-id: http://core.svn.wordpress.org/trunk@39048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 02:22:29 +00:00
Rachel Baker dcb12c35cf REST API: Clean-up our validation callbacks and add missing array `items` properties in our endpoint schemas.
Props joehoyle, jnylen0.
Fixes #38617.
Built from https://develop.svn.wordpress.org/trunk@39105


git-svn-id: http://core.svn.wordpress.org/trunk@39047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 02:18:29 +00:00
Joe Hoyle 901c4ed17a REST API: Support querying for multiple post statuses.
Multiple post statuses can be specified by the usual CSV or array-propper format.

Props jnylen0, kadamwhite, websupporter.
Fixes #38420.

Built from https://develop.svn.wordpress.org/trunk@39104


git-svn-id: http://core.svn.wordpress.org/trunk@39046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 01:46:29 +00:00
Rachel Baker 676ae9fc2b REST API: Use the `items` attribute for the taxonomies `types` schema property for proper sanitization/validation.
Props danielbachhuber, joehoyle.
Fixes #38631.
Built from https://develop.svn.wordpress.org/trunk@39103


git-svn-id: http://core.svn.wordpress.org/trunk@39045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 01:26:28 +00:00
Rachel Baker 94ab2f9b16 REST API: Return an error when the length of a comment field is too long.
Introduces `wp_check_comment_data_max_lengths()` which allows both the REST API comments endpoints and `wp_handle_comment_submission()` to check the length of the comment content, author name, author url, and author email fields against their respective database columns.

Props rachelbaker, mangeshp, salcode, pento.
Fixes #38477.
Built from https://develop.svn.wordpress.org/trunk@39101


git-svn-id: http://core.svn.wordpress.org/trunk@39043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 01:12:31 +00:00
Joe Hoyle 5666292dda REST API: Include `taxonomies` as an attribute of post types.
Add the taxonomies for a post type to the `/wp/v2/types` endpoint, so clients know which taxonomies are available for which post types.

Props danielbachhuber.
Fixes #38438, #38631.

Built from https://develop.svn.wordpress.org/trunk@39097


git-svn-id: http://core.svn.wordpress.org/trunk@39039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 21:51:30 +00:00
Joe Hoyle 37858faf96 REST API: Add en_US to the locales enum.
Props ocean90.
Fixes #38528. 

Built from https://develop.svn.wordpress.org/trunk@39096


git-svn-id: http://core.svn.wordpress.org/trunk@39038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 21:21:32 +00:00
Ryan McCue 34cf5d8934 REST API: Allow querying for multiple `slug` values.
Props jnylen0, rachelbaker.
Fixes #38579.

Built from https://develop.svn.wordpress.org/trunk@39093


git-svn-id: http://core.svn.wordpress.org/trunk@39035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 07:14:29 +00:00
Ryan McCue 624def0ec3 REST API: Add update and delete endpoints to /users/me
Now that /users/me is a standalone resource, it should have all the standard endpoints for a resource.

Props pento.
Fixes #38521 (hopefully).

Built from https://develop.svn.wordpress.org/trunk@39092


git-svn-id: http://core.svn.wordpress.org/trunk@39034 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 06:53:32 +00:00
Ryan McCue 3fef086ede REST API: Set default sanitize callback if type is set.
Props joehoyle, ChopinBach, jnylen0.
Fixes #38593.

Built from https://develop.svn.wordpress.org/trunk@39091


git-svn-id: http://core.svn.wordpress.org/trunk@39033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 06:28:29 +00:00
Ryan McCue 862724274e REST API: Add locale to user resource.
Props ocean90, joehoyle.
Fixes #38528.

Built from https://develop.svn.wordpress.org/trunk@39090


git-svn-id: http://core.svn.wordpress.org/trunk@39032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 06:24:29 +00:00
Ryan McCue a911bf7e2c REST API: Avoid default sanitization for polymorphic params.
Some parameters (`title`, `content`, etc) are objects in the output, but allow objects or strings to be sent in updates for a more ergonomic interface. This is pretty weird behaviour, so the default sanitisation doesn't handle this. We instead handle this ourselves in the preparation.

Props joehoyle, rachelbaker.
Fixes #38529.

Built from https://develop.svn.wordpress.org/trunk@39089


git-svn-id: http://core.svn.wordpress.org/trunk@39031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 06:02:29 +00:00
Ryan McCue d7bdd72510 REST API: Change method of merging parameters.
`array_merge()` incorrectly reindexes numeric parameters, causing things like `{"123": true}` to be "dropped".

Props sswells, joehoyle.
Fixes #38306.

Built from https://develop.svn.wordpress.org/trunk@39087


git-svn-id: http://core.svn.wordpress.org/trunk@39029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 05:53:31 +00:00
Ryan McCue ba039f7546 REST API: Remove the Location redirect for the /users/me endpoint.
This is a re-commit of [38980], which was reverted in [38990].

Props youknowriad, jnylen0, pento.
Fixes #38521.

Built from https://develop.svn.wordpress.org/trunk@39085


git-svn-id: http://core.svn.wordpress.org/trunk@39027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 03:44:30 +00:00
Ryan McCue 08ea66490b REST API: Only expose formats supported by the current theme.
While it's valid to save any format to the database, and WordPress is totally fine with that, we should only include the formats specified by the theme in the schema.

Props danielbachhuber.
Fixes #38610.

Built from https://develop.svn.wordpress.org/trunk@39084


git-svn-id: http://core.svn.wordpress.org/trunk@39026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 03:37:32 +00:00
Joe Hoyle f1591eccca REST API: Add support for "integer" type for meta and options
Previously Settings only supported "number" which meant it was possible to push floats to things like posts_per_page. This means now developers can also specify `type => ineger` in meta nad settings resgration.

Props flixos90.
Fixes #38393.

Built from https://develop.svn.wordpress.org/trunk@39058


git-svn-id: http://core.svn.wordpress.org/trunk@39000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 16:07:31 +00:00
Gary Pendergast 03e34ab461 REST API: Allow a CSV list of user roles to be passed to `/users`.
After [39048], this changes explicitly parses the list of user roles as slugs, and adds tests.

Props jnylen0.
Fixes #38557.


Built from https://develop.svn.wordpress.org/trunk@39056


git-svn-id: http://core.svn.wordpress.org/trunk@38998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 11:11:29 +00:00
Gary Pendergast 9862543913 REST API: Allow a CSV list of term IDs to be passed to `/posts`.
[39048] added CSV support to array types, this change explicitly parses term lists as IDs, and adds tests.

Props timmydcrawford, pento.
Fixes #38553.


Built from https://develop.svn.wordpress.org/trunk@39055


git-svn-id: http://core.svn.wordpress.org/trunk@38997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 11:06:31 +00:00
Drew Jaynes 5f4497f0af Docs: Fix multiple trivial typos throughout a variety of core files.
Props ottok.
Fixes #38489.

Built from https://develop.svn.wordpress.org/trunk@39051


git-svn-id: http://core.svn.wordpress.org/trunk@38993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 06:28:32 +00:00
Drew Jaynes 9635867540 Docs: The `query_vars` filter used in the REST posts controller should be notated as a duplicate rather than a new hook.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39049


git-svn-id: http://core.svn.wordpress.org/trunk@38991 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 05:50:29 +00:00
Ryan McCue 4dab905dba REST API: Support password on non-post post types.
The password field was incorrectly only added to "post" post types, but is supported for all post types in the Dashboard UI.

Props jnylen0.
Fixes #38582.

Built from https://develop.svn.wordpress.org/trunk@39047


git-svn-id: http://core.svn.wordpress.org/trunk@38989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 03:53:32 +00:00
Gary Pendergast 6c1e98d1fb REST API: Add support for arrays in schema validation and sanitization.
By allowing more fine-grained validation and sanitisation of endpoint args, we can ensure the correct data is being passed to endpoints.

This can easily be extended to support new data types, such as CSV fields or objects.

Props joehoyle, rachelbaker, pento.
Fixes #38531.


Built from https://develop.svn.wordpress.org/trunk@39046


git-svn-id: http://core.svn.wordpress.org/trunk@38988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 01:48:41 +00:00
Gary Pendergast dbc4b87b7f REST API: Allow Content-Type on CORS requests.
This allows `POST` requests with a wider variety of `Content-Type' headers - `Content-Type: application/json`, for example.

Props jnylen0.
Fixes #37994.


Built from https://develop.svn.wordpress.org/trunk@39044


git-svn-id: http://core.svn.wordpress.org/trunk@38986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 00:34:33 +00:00
Drew Jaynes 993b3a5c6e Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Users_Controller` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39036


git-svn-id: http://core.svn.wordpress.org/trunk@38978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:52:30 +00:00
Drew Jaynes b8f14e00ef Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_User_Meta_Fields` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39034


git-svn-id: http://core.svn.wordpress.org/trunk@38976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:28:30 +00:00
Drew Jaynes 90c17ccbf1 Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Terms_Controller` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39033


git-svn-id: http://core.svn.wordpress.org/trunk@38975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:21:30 +00:00
Drew Jaynes b71e62b9eb Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Term_Meta_Fields` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39032


git-svn-id: http://core.svn.wordpress.org/trunk@38974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:09:32 +00:00
Drew Jaynes 7d7d0c8599 Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Taxonomies_Controller` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39031


git-svn-id: http://core.svn.wordpress.org/trunk@38973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:07:33 +00:00
Drew Jaynes 5dfa0c4cee Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Settings_Controller` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39030


git-svn-id: http://core.svn.wordpress.org/trunk@38972 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:01:30 +00:00
Drew Jaynes 2452f69485 REST: Fix some errant `else if` conditions and add a few missing periods on inline comments.
Props mrahmadawais.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39029


git-svn-id: http://core.svn.wordpress.org/trunk@38971 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 17:54:30 +00:00
Drew Jaynes 596ee8bc9d Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Revisions_Controller` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39028


git-svn-id: http://core.svn.wordpress.org/trunk@38970 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 17:50:29 +00:00
Drew Jaynes 1ef0a5514e REST: Fix a yoda condition in `WP_REST_Request::get_parameter_order()` and add a missing period for an inline comment in `WP_REST_Request::from_url().
Props mrahmadawais.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39027


git-svn-id: http://core.svn.wordpress.org/trunk@38969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 17:42:45 +00:00
Drew Jaynes e84b257852 Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Posts_Controller` class.
Props Soean, mrahmadawais, flixos90, DrewAPicture.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39026


git-svn-id: http://core.svn.wordpress.org/trunk@38968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 17:37:35 +00:00
Drew Jaynes 7d488bd2b1 Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Post_Types_Controller` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39025


git-svn-id: http://core.svn.wordpress.org/trunk@38967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 16:51:30 +00:00
Drew Jaynes 04f0340a96 Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Post_Statuses_Controller` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39024


git-svn-id: http://core.svn.wordpress.org/trunk@38966 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 16:44:38 +00:00
Drew Jaynes c4df9d63ba Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Post_Meta_Fields` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39023


git-svn-id: http://core.svn.wordpress.org/trunk@38965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 16:36:32 +00:00
Drew Jaynes 9ce98d98ac Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Meta_Fields` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39022


git-svn-id: http://core.svn.wordpress.org/trunk@38964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 16:33:30 +00:00
Drew Jaynes 718f9fe868 Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Controller` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39021


git-svn-id: http://core.svn.wordpress.org/trunk@38963 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 16:20:29 +00:00
Drew Jaynes e2e47a192d Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Comments_Controller` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39015


git-svn-id: http://core.svn.wordpress.org/trunk@38957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 06:55:30 +00:00
Drew Jaynes 7d25657c01 Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Comment_Meta_Fields` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39014


git-svn-id: http://core.svn.wordpress.org/trunk@38956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 06:34:31 +00:00
Drew Jaynes 08b0407367 Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Attachments_Controller` class.
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39011


git-svn-id: http://core.svn.wordpress.org/trunk@38953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 05:40:37 +00:00
Gary Pendergast 60eb1ddc5c REST API: Revert [38980].
`/users/me` still needs attention, but this change wasn't quite ready.

See #38521.


Built from https://develop.svn.wordpress.org/trunk@38990


git-svn-id: http://core.svn.wordpress.org/trunk@38933 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-28 02:07:35 +00:00
Rachel Baker 4a37a04d0f REST API: Return `WP_Error` when a client is attempting to update an option with a non-scalar value to `null`.
A `null` value is returned in the response for any option that has a non-scalar value.

To protect clients from accidentally including the `null` values from a response object in a request, we do not allow options with non-scalar values to be updated to `null`. Without this added protection a client could mistakenly delete all options that have non-scalar values from the database.

Props joehoyle, rachelbaker.
Fixes #38527.
Built from https://develop.svn.wordpress.org/trunk@38982


git-svn-id: http://core.svn.wordpress.org/trunk@38925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-27 16:08:45 +00:00
Rachel Baker d42acc530c REST API: Remove the Location header redirect for the /users/me endpoint.
Props youknowriad jnylen0.
Fixes #38521.
Built from https://develop.svn.wordpress.org/trunk@38980


git-svn-id: http://core.svn.wordpress.org/trunk@38923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-27 14:37:36 +00:00
Boone Gorges 493f76a3d2 REST API: Use `wp_get_object_terms()` when fetching terms for a post object.
The WP-API plugin originally used a custom method for fetching object
terms in a way that supported the object cache and also accepted all
parameters for `get_terms()`. In [38667], the internals of
`wp_get_object_terms()` were modified to use `WP_Term_Query`, thus
delivering in a native fashion the features that the API had
previously achieved bespokely.

Fixes #38504.
Built from https://develop.svn.wordpress.org/trunk@38974


git-svn-id: http://core.svn.wordpress.org/trunk@38917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-27 01:42:32 +00:00
Rachel Baker d359ffc270 REST API: Remove experimental `filter` wrapper parameter from the Posts Controller class.
Hiding WP_Query params under the filter key (instead of allowing them to be top-level params) was one of our biggest complaints from users of v1 of our REST API. This walks back the re-introduction of the `filter` param during Beta 15, which introduced an "inconsistent mess" and "exposing WP_Query through filter has and will continue to be difficult to support." See https://github.com/WP-API/WP-API/issues/2799.

Props websupporter, rachelbaker.
Fixes #38378.
Built from https://develop.svn.wordpress.org/trunk@38968


git-svn-id: http://core.svn.wordpress.org/trunk@38911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 21:37:31 +00:00
Boone Gorges 91b518a716 REST API: Use term-specific caps for permission checks in term update and delete endpoints.
See #38505.
Built from https://develop.svn.wordpress.org/trunk@38960


git-svn-id: http://core.svn.wordpress.org/trunk@38903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 14:52:29 +00:00
Rachel Baker 0c2a6184eb REST API: Add constructor to the `WP_REST_Settings_Controller` class.
Provides consistency with the other API endpoint controller classes.

Props Soean.
Fixes #38429.
Built from https://develop.svn.wordpress.org/trunk@38954


git-svn-id: http://core.svn.wordpress.org/trunk@38897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 13:45:47 +00:00
Gary Pendergast 6b4357e14b REST API: Deprecate the `rest_enabled` filter.
As the REST API becomes more integral to WordPress Core, turning it off will cause a... suboptimal experience. If we don't want it to be turned off, the off switch needs to be removed.

Props jorbin, pento.
Fixes #38446.


Built from https://develop.svn.wordpress.org/trunk@38947


git-svn-id: http://core.svn.wordpress.org/trunk@38890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 06:28:30 +00:00
Rachel Baker b13da6ae73 REST API: Add missing sanitization callback for the `hide_empty` parameter of the Terms Controller.
Fixes a bug where the boolean parameter `hide_empty` was not being properly sanitized in the Terms controller.

Props websupporter.
Fixes #38465.
Built from https://develop.svn.wordpress.org/trunk@38942


git-svn-id: http://core.svn.wordpress.org/trunk@38885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 02:29:30 +00:00
Joe Hoyle e8a311ed02 REST API: Validate posts status enum
Currently we are using a different validate callback, so the `enum` is not interpretted. We just have to fallback to the result of `rest_validate_request_arg` in our custom wrapper function.

Fixes #38417.

Built from https://develop.svn.wordpress.org/trunk@38911


git-svn-id: http://core.svn.wordpress.org/trunk@38854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-25 17:13:28 +00:00
Rachel Baker cdce9d5dac REST API: Allow comments to be created setting the user_agent parameter.
As of WordPress 4.3 the `wp_new_comment()` function has been updated to allow the comment_agent value to be set when a comment is created. The comments API endpoint now allows the comment author's user agent to be set when creating a comment.
Also, the `readonly` property on the `author_user_agent` parameter in the schema was removed.

Props rabmalin for the initial patch.
Fixes #38425.
Built from https://develop.svn.wordpress.org/trunk@38864


git-svn-id: http://core.svn.wordpress.org/trunk@38807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-21 18:28:32 +00:00
Rachel Baker e4a7c0a397 REST API: Introduce the Content API endpoints.
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.

Love your REST API, WordPress!  The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"

Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes #38373.
Built from https://develop.svn.wordpress.org/trunk@38832


git-svn-id: http://core.svn.wordpress.org/trunk@38775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-20 02:55:32 +00:00
Dominik Schilling ae2ff33c91 Docs: Improve formatting of filter docs added in [38689].
Fixes #35590.
Built from https://develop.svn.wordpress.org/trunk@38749


git-svn-id: http://core.svn.wordpress.org/trunk@38692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-07 19:24:28 +00:00
Joe Hoyle d72da116be REST API: Add filters to allow creating REST API middleware plugins.
Introduce two new filters: `rest_request_before_callbacks` and `rest_request_after_callbacks` to
assist REST API middleware plugins to perform pre-callback and cleanup hooks such as `switch_to_blog()`
or caching implementations.

Props jnylen0.
Fixes #35590.

Built from https://develop.svn.wordpress.org/trunk@38689


git-svn-id: http://core.svn.wordpress.org/trunk@38632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-30 20:12:28 +00:00
Joe Hoyle 794dd5d8cb REST API: Enable sanitize_callback to return WP_Error.
Give developers the opportunity to reject incoming data without using the validation callback. It also enables us to do sanitization and validation in one function in instances where this could be useful.

Props websupporter, rmccue.
Fixes #37560.

Built from https://develop.svn.wordpress.org/trunk@38601


git-svn-id: http://core.svn.wordpress.org/trunk@38544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-14 15:50:29 +00:00
Dominik Schilling 97bf32c66a Text Changes: Unify/merge two more permission error messages.
Props ramiy.
Fixes #34521.
Built from https://develop.svn.wordpress.org/trunk@38037


git-svn-id: http://core.svn.wordpress.org/trunk@37978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-12 11:45:29 +00:00
Rachel Baker e5fcbb3514 REST API: Reverse order of setting sanitization/validation, validating prior to sanitizing.
Fixes mistake in the current behavior, where the sanitization callback ran before the validation callback. Now the validation callback will run before the sanitization.

Props schlessera, rachelbaker.
See #37247.
Fixes #37192.



Built from https://develop.svn.wordpress.org/trunk@37943


git-svn-id: http://core.svn.wordpress.org/trunk@37884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-02 23:03:27 +00:00
Rachel Baker a475d0a161 REST API: Include auto-discovery Link header when serving API requests.
The Link header allows clients to verify if a site has made the REST API available, as well as indicating how to access it.

Props danielbachhuber.
Fixes #35580.



Built from https://develop.svn.wordpress.org/trunk@37903


git-svn-id: http://core.svn.wordpress.org/trunk@37844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-29 01:57:55 +00:00
Rachel Baker 228c60a222 REST API: Include X-Robots-Tag: noindex header in REST API responses to prevent endpoints from being indexed by search engines.
Prevent duplicate content issues with search engines and REST API endpoint response data.

Fixes #36390.
Props m_uysl for the initial patch.
Built from https://develop.svn.wordpress.org/trunk@37726


git-svn-id: http://core.svn.wordpress.org/trunk@37692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-16 14:59:28 +00:00
Peter Wilson 47d26cd9fb DOCS: Replace HTTP links with HTTPS.
Replaces unsecure links in documentation and translator comments with their secure versions.

Props johnpgreen, netweb

Fixes #36993

Built from https://develop.svn.wordpress.org/trunk@37674


git-svn-id: http://core.svn.wordpress.org/trunk@37640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-10 04:50:33 +00:00
Rachel Baker 99cca27041 REST API: Create the general `wp_check_jsonp_callback()` function for validating JSONP callback functions.
Move the REST API JSONP callback validation check into a separate function named `wp_check_jsonp_callback()`. This allows plugins to use the built-in validation when handling JSONP callbacks.
Extremely Important Note: If you send JSONP in your custom response, make sure you prefix the response with `/**/`. This will mitigate the Rosetta Flash exploit. You should also send the `X-Content-Type-Options:nosniff` header, or even better, use the REST API infrastructure.

Props rmccue.
Fixes #28523.
Built from https://develop.svn.wordpress.org/trunk@37646


git-svn-id: http://core.svn.wordpress.org/trunk@37612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-06 21:34:28 +00:00
Drew Jaynes f03eef071e Docs: Standardize hook docs in wp-includes/rest-api/* to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37490


git-svn-id: http://core.svn.wordpress.org/trunk@37458 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:08:29 +00:00
Drew Jaynes b1804afeaf Docs: Standardize on 'backward compatibility/compatible' nomenclature in core inline docs.
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.

Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.

Props ocean90.
Fixes #36835.

Built from https://develop.svn.wordpress.org/trunk@37431


git-svn-id: http://core.svn.wordpress.org/trunk@37397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-13 18:41:31 +00:00
Drew Jaynes fe3b007fdd Docs: Remove inline `@see` tags from function, class, and method references in inline docs.
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.

Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.

See #32246.

Built from https://develop.svn.wordpress.org/trunk@37342


git-svn-id: http://core.svn.wordpress.org/trunk@37308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-02 04:00:28 +00:00
Mark Jaquith 31152de134 REST API: Deliver parameters unadulterated instead of slashed.
We goofed, and parameters accessed through the REST API's methods
were slashed (inconsistently, even). This unslashes the data, so
you get the un-messed-with data that was sent.

Props joehoyle.
Fixes #36419.
Built from https://develop.svn.wordpress.org/trunk@37163


git-svn-id: http://core.svn.wordpress.org/trunk@37130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-06 21:02:28 +00:00
Joe Hoyle a07988c1c5 REST API: Provide better method for generating CURIEs
In [36533] CURIEs were added to the API responses for the link relation URIs, this makes
it a lot easier for clients to look up links by relation. That patch was functional, but
broke on edge cases such as embedded responses and collection items with links in the items.

This patch instead takes a less obtrusive approach by creating a new `get_compact_response_links`
to compliment `get_response_links` making both old and new functionality available.

Also the regex for curie relations has been relaxed to `.+` as rel names can have any uri-valid charector in it.

Fixes #34729.


Built from https://develop.svn.wordpress.org/trunk@37041


git-svn-id: http://core.svn.wordpress.org/trunk@37008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-22 00:16:27 +00:00
Rachel Baker 6edbcc88ff REST API: Add `home_url` to API index to avoid confusion with `site_url`.
Confusion abound, the API index is the generic term `url` to display the `site_url`. New `home` key will display the `home_url` in the index as well.

Fixes #35647.
Built from https://develop.svn.wordpress.org/trunk@37031


git-svn-id: http://core.svn.wordpress.org/trunk@36998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-17 19:16:29 +00:00
Rachel Baker 76d14c1d24 REST API: Remove unused variable `$api_root` from WP_Rest_Server->embed_links() method.
After [r36674] the variable `$api_root` is no longer used in this method and should be removed.

See #35803.
Built from https://develop.svn.wordpress.org/trunk@37021


git-svn-id: http://core.svn.wordpress.org/trunk@36988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 21:41:28 +00:00
Drew Jaynes a65c79b3d2 Docs: Use a third-person singular verb in the DocBlock summary for `WP_REST_Response::get_curies()`, introduced in [36533].
Also adds a missing return description.

See #34729. See #35986.

Built from https://develop.svn.wordpress.org/trunk@37015


git-svn-id: http://core.svn.wordpress.org/trunk@36982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 16:54:26 +00:00
Drew Jaynes ddf7375217 Docs: Improve parameter description syntax in the hook doc for the `rest_request_from_url` filter, introduced in [36673].
See #35803. See #35986,

Built from https://develop.svn.wordpress.org/trunk@37014


git-svn-id: http://core.svn.wordpress.org/trunk@36981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 16:52:27 +00:00
Drew Jaynes 408da605e4 Docs: Improve the DocBlock for `WP_REST_Request::from_url()`, introduced in [36673].
See #35803. See #35986.

Built from https://develop.svn.wordpress.org/trunk@37013


git-svn-id: http://core.svn.wordpress.org/trunk@36980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 16:50:27 +00:00
Ryan McCue 937b0c3241 REST API: Use WP_REST_Request::from_url() when embedding.
See #35803.

Built from https://develop.svn.wordpress.org/trunk@36674


git-svn-id: http://core.svn.wordpress.org/trunk@36641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 04:20:25 +00:00
Ryan McCue 0b7e133054 REST API: Add WP_REST_Request::from_url()
Allows converting a REST URL into a Request object.

Props danielbachhuber.
Fixes #35803.

Built from https://develop.svn.wordpress.org/trunk@36673


git-svn-id: http://core.svn.wordpress.org/trunk@36640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 04:01:26 +00:00
Drew Jaynes a0aa608970 Docs: Improve documentation for `WP_REST_Request` to highlight a caveat of ArrayAccess when it comes to passing similar arguments for multiple request methods.
Props danielbachhuber, DrewAPicture.
Fixes #35799.

Built from https://develop.svn.wordpress.org/trunk@36636


git-svn-id: http://core.svn.wordpress.org/trunk@36603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 16:57:26 +00:00
Rachel Baker 9fdb970ceb Docs: Add missing @since and @access tags to `get_curies` method and filter from r36533
See #34729, #32246.
Built from https://develop.svn.wordpress.org/trunk@36593


git-svn-id: http://core.svn.wordpress.org/trunk@36560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-19 23:42:27 +00:00
Drew Jaynes e020ccd081 Docs: Add formatting to a changelog entry in the hook doc for the `rest_dispatch_request` filter.
See [36534]. See #32246.

Built from https://develop.svn.wordpress.org/trunk@36576


git-svn-id: http://core.svn.wordpress.org/trunk@36543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-18 18:18:25 +00:00
Ryan McCue 3e65236aa7 REST API: Apply rest_post_dispatch to embedded responses.
Fixes #35628.
Props @danielbachhuber.

Built from https://develop.svn.wordpress.org/trunk@36536


git-svn-id: http://core.svn.wordpress.org/trunk@36503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-16 06:06:27 +00:00
Ryan McCue 03ba67a0b7 REST API: Allow explicit HEAD callbacks.
HEAD callbacks can now be registered independently, with the GET
callback still used as a fallback.

Fixes #34841.

Built from https://develop.svn.wordpress.org/trunk@36535


git-svn-id: http://core.svn.wordpress.org/trunk@36502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-16 05:51:26 +00:00
Ryan McCue 0438795671 REST API: Add routing args to rest_dispatch_request filter.
This allows requests to be hijacked via the filter more easily.

Fixes #35507.

Built from https://develop.svn.wordpress.org/trunk@36534


git-svn-id: http://core.svn.wordpress.org/trunk@36501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-16 04:40:26 +00:00
Ryan McCue 47bee5157b REST API: Add support for CURIEs.
CURIEs are Compact URIs, which provide a more usable way to use
custom relations in the API. The `wp` CURIE is registered by default
for `https://api.w.org/` URI relations.

Fixes #34729.
Props joehoyle.

Built from https://develop.svn.wordpress.org/trunk@36533


git-svn-id: http://core.svn.wordpress.org/trunk@36500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-16 02:19:27 +00:00
Joe Hoyle ee94a28953 REST API: Improve formatting of failed validation errors.
If a validation_callback returns a WP_Error it should give the same response format as if it returned `false`. This makes programmatically reading the validation errors better.

Props bradyvercher for initial patch.
Fixes #35028.

Built from https://develop.svn.wordpress.org/trunk@35890


git-svn-id: http://core.svn.wordpress.org/trunk@35854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-12 18:23:28 +00:00
Scott Taylor 4ae83ec7ec REST API: Core typically sends nocache headers on all auth'ed responses, as in `wp`, `admin-ajax`, etc. Because the REST API infrastructure is hooked in pre-wp, we should be setting this ourselves.
Adds unit tests.

Props joehoyle.
Fixes #34832.

Built from https://develop.svn.wordpress.org/trunk@35773


git-svn-id: http://core.svn.wordpress.org/trunk@35737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-04 23:36:25 +00:00
Mark Jaquith 6cc98e6fcd Route HEAD API requests through the GET callback method
fixes #34837
props danielbachhuber
Built from https://develop.svn.wordpress.org/trunk@35758


git-svn-id: http://core.svn.wordpress.org/trunk@35722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-03 16:34:25 +00:00
Ryan McCue d1436af513 REST API: Unabbreviate error string.
Props daniel-koskinen.
Fixes #34818.

Built from https://develop.svn.wordpress.org/trunk@35750


git-svn-id: http://core.svn.wordpress.org/trunk@35714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-30 09:51:27 +00:00
Ryan McCue 7ce9772866 REST API: Mark WP_REST_Server::get_raw_data as static.
This is just a utility function for getting the request body, not
tied to the server class.

Fixes #34768.

Built from https://develop.svn.wordpress.org/trunk@35741


git-svn-id: http://core.svn.wordpress.org/trunk@35705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-25 22:22:25 +00:00
Andrew Nacin 1579e45d41 Simplify the include graph after work to split out classes.
see #33413. More details there.

Built from https://develop.svn.wordpress.org/trunk@35718


git-svn-id: http://core.svn.wordpress.org/trunk@35682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 07:24:30 +00:00
John Blackbourn 16502d03f2 Remove `register_api_field()` from core. This is the only core function that utilises the `$wp_rest_additional_fields` global, and doesn't belong as part of the infrastructure.
See https://github.com/WP-API/WP-API/pull/1748

Fixes #34730

Built from https://develop.svn.wordpress.org/trunk@35687


git-svn-id: http://core.svn.wordpress.org/trunk@35651 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 20:39:26 +00:00
John Blackbourn 407f641cf3 Update `WP_REST_Response::as_error()` to handle the new format error responses introduced in [35653].
Props danielbachhuber
Fixes #34551

Built from https://develop.svn.wordpress.org/trunk@35671


git-svn-id: http://core.svn.wordpress.org/trunk@35635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 18:29:26 +00:00
Ryan McCue 0801acbdd8 REST API: Remove redundant "0" parameter.
This is just an artifact of how we parse the URL, and is already available
via $request->get_route()

Props danielbachhuber.
Fixes #34647.

Built from https://develop.svn.wordpress.org/trunk@35659


git-svn-id: http://core.svn.wordpress.org/trunk@35623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 07:24:28 +00:00
Ryan McCue 81ffd2492c REST API: Optimise for singular error instances.
Previously, the API returned a list of errors, as WP_Error can hold multiple
error codes internally. This isn't a particularly common use case, and it
makes handling errors on the client side more complex than it needs to be.

Fixes #34551.

Built from https://develop.svn.wordpress.org/trunk@35653


git-svn-id: http://core.svn.wordpress.org/trunk@35617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-17 04:12:26 +00:00
Ryan McCue 9524ebb38e REST API: Include enum and description in help data.
Props lcherpit.
Fixes #34543.

Built from https://develop.svn.wordpress.org/trunk@35652


git-svn-id: http://core.svn.wordpress.org/trunk@35616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-17 02:49:28 +00:00
Ryan McCue b03e036e94 REST API: Require namespace when registering routes.
Props danielbachhuber.
Fixes #34416.

Built from https://develop.svn.wordpress.org/trunk@35651


git-svn-id: http://core.svn.wordpress.org/trunk@35615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-17 02:39:30 +00:00
Ryan McCue b0ee5efef2 REST API: Change link relations to api.w.org
Fixes #34303.

Built from https://develop.svn.wordpress.org/trunk@35650


git-svn-id: http://core.svn.wordpress.org/trunk@35614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-17 02:24:27 +00:00
Dominik Schilling 5403b62a6a REST API: Use correct `@access` tag for `WP_REST_Request->get_parameter_order()`.
Props Frozzare.
Fixes #34624.
Built from https://develop.svn.wordpress.org/trunk@35612


git-svn-id: http://core.svn.wordpress.org/trunk@35576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-11 19:39:25 +00:00