Commit Graph

607 Commits

Author SHA1 Message Date
spacedmonkey f1f71a0798 REST API: Ensure that the get_theme_item method should respect fields param.
Fix the `get_theme_item` method in the `WP_REST_Global_Styles_Controller` class to respect the fields param context filtering and to return links. 

Props spacedmonkey, hellofromtonya, peterwilsoncc, costdev.
Fixes #54595.


Built from https://develop.svn.wordpress.org/trunk@52374


git-svn-id: http://core.svn.wordpress.org/trunk@51966 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-14 16:31:00 +00:00
hellofromTonya 65a4199149 Themes: Rename public static functions in `WP_Theme_JSON_Resolver` to remove `custom_post_type` references.
WordPress Core is not really custom and does not reference "custom post type" in its function naming. This commit renames 2 public static methods:

* `WP_Theme_JSON_Resolver::get_user_custom_post_type_id()` renamed to `WP_Theme_JSON_Resolver::get_user_global_styles_post_id()`.
* `WP_Theme_JSON_Resolver::get_user_data_from_custom_post_type()` renamed to `WP_Theme_JSON_Resolver:: get_user_data_from_wp_global_styles()`.

Follow-up to [52049], [52051], [52069], [52232], [52275], [52364].

Props antonvlasenko, bernhard-reiter, costdev, desrosj, hellofromTonya, noisysocks, oandregal, SergeyBiryukov.
Fixes #54517.
Built from https://develop.svn.wordpress.org/trunk@52372


git-svn-id: http://core.svn.wordpress.org/trunk@51964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-14 16:14:01 +00:00
spacedmonkey 120b1ab117 REST API: Ensure that the parent link, uses the rest_get_route_for_post function.
In [51962] the `rest_get_route_for_post` function was implemented in all places where link to a post's REST API endpoint is needed. However in this commit, the up link, which links to the parent post of the current object, did not use this function.   

Props Spacedmonkey, SergeyBiryukov.
Fixes #53656.



Built from https://develop.svn.wordpress.org/trunk@52363


git-svn-id: http://core.svn.wordpress.org/trunk@51955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-13 15:20:03 +00:00
Sergey Biryukov d09d194f12 Docs: Capitalize "ID", when referring to a widget ID or sidebar ID, in a more consistent way.
Follow-up to [48104], [52357], [52361].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@52362


git-svn-id: http://core.svn.wordpress.org/trunk@51954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-13 10:21:07 +00:00
audrasjb 12369a6425 Coding Standards: Correct alignment in `blocks.php` and `class-wp-rest-templates-controller`.
See #53359.

Built from https://develop.svn.wordpress.org/trunk@52345


git-svn-id: http://core.svn.wordpress.org/trunk@51937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-07 22:49:59 +00:00
spacedmonkey ec370a0af4 REST API: Improve permission handling in global style endpoint.
The new wp_global_styles post type is registered to use edit_theme_options in the capability settings. The WP_REST_Global_Styles_Controller class's permission checks methods use the capability in a hard coded form rather than looking up the capability via the post type object. Changing the permission callbacks to lookup capabilities via the post type object, allows theme and plugin developers to modify the capability used for editing global styles via a filter and these values to be respected via the Global Styles REST API.

Props Spacedmonkey, peterwilsoncc, hellofromTonya , antonvlasenko, TimothyBlynJacobs, costdev, zieladam.
Fixes #54516.


Built from https://develop.svn.wordpress.org/trunk@52342


git-svn-id: http://core.svn.wordpress.org/trunk@51934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-07 20:58:00 +00:00
spacedmonkey 40b22d1209 REST API: Ensure that the export template endpoint returns a valid WP_Error object.
Ensure that the export template endpoint returns a WP_Error object, including code and message, so that the site editor can display an error message. 
Add some basic unit tests to ensure that permission checks are working as expected. 

Follow-up to [52286].

Props Spacedmonkey, dlh, hellofromTonya , Mamaduka, TimothyBlynJacobs.
Fixes #54448.


Built from https://develop.svn.wordpress.org/trunk@52340


git-svn-id: http://core.svn.wordpress.org/trunk@51932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-07 18:38:02 +00:00
John Blackbourn 39bff93b6b Docs: Various inline documentation corrections and improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@52332


git-svn-id: http://core.svn.wordpress.org/trunk@51924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-07 12:20:02 +00:00
audrasjb cbadb65a2a REST API: Use global transients for URL details endpoint.
Follow-up to [51973].

Props peterwilsoncc, costdev.
Fixes #54499.

Built from https://develop.svn.wordpress.org/trunk@52311


git-svn-id: http://core.svn.wordpress.org/trunk@51903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-03 11:36:09 +00:00
spacedmonkey 13c5637263 Site Editor: Add site export REST API endpoint.
Add a REST API to export site templates and template part as html files. When the REST API is requested, it responds by downloading a single ZIP file and exits early, without completing full request.  To create the exported zip, the ZipArchive class is required. If this class is not present then the export will gracefully fail, returning a `WP_Error` object and 500 status error code. 

Props spacedmonkey, youknowriad, Mamaduka, walbo, peterwilsoncc. 
Fixes #54448 .


Built from https://develop.svn.wordpress.org/trunk@52286


git-svn-id: http://core.svn.wordpress.org/trunk@51878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-30 17:32:02 +00:00
Sergey Biryukov 9c9c576d88 I18N: Remove redundant `default` text domain parameter in some `__()` calls.
Follow-up to [51160], [52069].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@52278


git-svn-id: http://core.svn.wordpress.org/trunk@51870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-30 08:33:05 +00:00
Peter Wilson 43290b2e04 REST API: Fire `wp_after_insert_post` later in new post object endpoints.
In the new menu items, global items and template controllers manually call the function `wp_after_insert_post()` to manually fire the action of the same name after all potential data is updated.

This accounts for the use case in which a theme or plugin developer has modified the endpoints use of either taxonomy or meta data.

The new parameter `$fire_after_hooks` is added to `wp_update_nav_menu_item()` to control whether the `wp_after_insert_post` action is fired when it in turn calls `wp_insert_post()`.

Props spacedmonkey, peterwilsoncc, zieladam.
Fixes #54536.


Built from https://develop.svn.wordpress.org/trunk@52276


git-svn-id: http://core.svn.wordpress.org/trunk@51868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-30 01:10:08 +00:00
noisysocks e4b553a201 Update @wordpress packages
Update packages to include these bug fixes from Gutenberg:

- Update Pattern block category and add documentation
- Fix non existent menu handling in nav block
- Make Reusable blocks available in the Site Editor
- Add caching to WP_Theme_JSON_Resolver_Gutenberg::get_user_data_from_custom_post_type()
- theme.json: add appearanceTools flag to opt-in into appearance UI controls
- Update the block theme folders to templates and parts
- Remove reference to gutenberg_, swap with wp_
- Use table layout in templates list screen
- Update featured image placeholder graphic.
- [Inserter]: Adjust order of theme blocks and reorder inserter items
- Implement suitable fallback for Nav block on front end of site when no menu selected
- Toggle Group Control: add tooltip
- Use first non-empty Nav post as primary fallback for Nav block
- Change .nvmrc and documentation for Node.js version (LTS to 14.18.1)
- Update: Migrate global styles user database data on the rest endpoint
- Update global styles public API
- Update: Rename user preset origin to custom
- Try always generating navigation post title
- Show all templates and template parts on the site editor list screens
- Highlight "Site" in the navigation panel
- Fix template part slug generation when creating through the block placeholder
- [Block Library - Post Title]: Fix render error when setting Page to homepage
- Add 'Clear customizations' button to template list page
- Gallery v1: Allow clicks within replace media placeholder state
- Site Editor: Set the <title> on the list page to be same as the CPT name
- Gallery: Fix stuck image size options loader
- Cover: Fix undo trap
- Add success and error snackbars to the templates list page
- Fix: theme colors cannot override defaults
- Fix: Color palette is not being stored
- Add elements support to the typography panel in global styles
- Make links plural in global styles
- Add: Gradient palette editor
- Update some small style regressions in the template list
- Add: Transparency support on global styles colors
- Fix: apply by slug on all origins
- Render empty Nav block if no fallback block can be utilised
- Allow filtering of Nav block fallback
- Fix Nav block fallback DB query to match on full block grammar start tag
- Remove unstable max pages attribute from Nav block
- DateTimePicker: set PM hours correctly
- Update delete template button
- Site Editor: Template list add rename action
- Fix Nav block editing wrong entity on creation of new Menu
- [REST] Restore the missing double slash in the ID received by /templates
- Add icons to navigation sidebar items
- Update function names for the public global styles API functions
- Templates Controller: Add missing 'is_custom' prop
- Rename gutenberg_ to wp_ for some functions that land in WordPress 5.9
- [Block Library - Template Part]:Remove support for conversion to Reusable block
- Global Styles: Call "palettes" and not "color palettes" on panel label
- Add button text when no colors found
- Update: Global Styes: Count all color palette origins on the palette counter
- Rename navigationMenuId to ref
- Offset the parent iframe when computing Popover position 
- Fix: Failing PHPUnit test
- Show theme, plugin or author in Added By column with appropriate icon or avatar
- Add origin and author to template rest api

See #54487.
Props talldanwp, mamaduka, oandregal.

Built from https://develop.svn.wordpress.org/trunk@52275


git-svn-id: http://core.svn.wordpress.org/trunk@51867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-30 00:24:27 +00:00
spacedmonkey ebf7eb50dc Editor: Remove Navigation Areas
Navigation area were merged as part of full site editing and the new navigation block. This functionality is experimental and not currently used in WordPress core, so should be removed.

Props noisysocks, spacedmonkey, get_dave, zieladam.
Fixes #54506.


Built from https://develop.svn.wordpress.org/trunk@52272


git-svn-id: http://core.svn.wordpress.org/trunk@51864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-29 22:06:01 +00:00
spacedmonkey 2f6cf4ba81 REST API: Ensure that the rest_after_insert_ action is executed in the templates controller.
Fire the that dynamic action `rest_after_insert_{$this->post_type}` in templates controller, as this action is fired in other post based REST API controllers. 

Props spacedmonkey, peterwilsoncc, zieladam.
Fixes #54520.
Built from https://develop.svn.wordpress.org/trunk@52268


git-svn-id: http://core.svn.wordpress.org/trunk@51860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-29 11:43:01 +00:00
John Blackbourn 92f0b0cb48 Docs: Various docblock corrections and improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@52236


git-svn-id: http://core.svn.wordpress.org/trunk@51828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-23 21:37:01 +00:00
John Blackbourn 40626108d0 Docs: Corrections relating to types used in inline documentation for comment ID and site ID proprties.
Includes a correction for a typo introduced in [52204].

See #53399

Built from https://develop.svn.wordpress.org/trunk@52205


git-svn-id: http://core.svn.wordpress.org/trunk@51797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-18 13:57:01 +00:00
John Blackbourn c9746ab584 Docs: Various corrections and improvements relating to types used in inline documentation.
See #53399

Built from https://develop.svn.wordpress.org/trunk@52204


git-svn-id: http://core.svn.wordpress.org/trunk@51796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-18 13:50:05 +00:00
spacedmonkey 33499dc6d8 REST API: Make the templates controller follow core REST patterns.
The templates controller now respects the `_fields` parameter and filters the response accordingly. The schema has been updated to include all the fields returned. The `content.block_version` field has been added. The controller now returns WP_Error objects for improved error handling.

Add new unit tests.

Props TimothyBlynJacobs, hellofromtonya, zieladam.
Fixes #54422.

Built from https://develop.svn.wordpress.org/trunk@52186


git-svn-id: http://core.svn.wordpress.org/trunk@51778 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-16 18:06:00 +00:00
spacedmonkey b9ee5a4b29 REST API: Remove experimental block menu item types.
The menu items REST API controller was added in [52079]. This included functionality to add a "block" menu item type. This functionality is experimental and not currently used in WordPress core, so should be removed. 

Props noisysocks.
See #40878.


Built from https://develop.svn.wordpress.org/trunk@52184


git-svn-id: http://core.svn.wordpress.org/trunk@51776 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-16 17:09:00 +00:00
noisysocks c2d0fb2040 Update @wordpress packages
Update packages to include these bug fixes from Gutenberg:

- Navigation: Fix click-button size, submenu directions, scrollbars.
- Group - Fix overzealous regex when restoring inner containers
- Babel Preset: Update Babel packages to 7.16 version
- theme.json: adds a setting property that enables some other ones
- Polish metabox container.
- Fix submenu justification and spacer orientation.
- Fix Gutenberg 11.8.2 in WordPress trunk
- Strip meta tags from pasted links in Chromium
- Hide visilibility and status for navigation posts
- Navigation: Refactor and simplify setup state.
- Nav block menu switcher - decode HTML entities and utilise accessible markup pattern
- Rename fse_navigation_area to wp_navigation_area
- theme.json: adds a setting property that enables some other ones
- Revert "theme.json: adds a setting property that enables some other ones"
- Skip flaky image block test
- WordPress/gutenberg@3c935c4
- React to any errors coming up in gutenberg_migrate_menu_to_navigation_post
- Return wp error from wp_insert_post
- Fix not transforming logical assignments for packages

See #54337.

Built from https://develop.svn.wordpress.org/trunk@52161


git-svn-id: http://core.svn.wordpress.org/trunk@51753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-15 12:50:17 +00:00
noisysocks 449f1bb07a REST API: Add /wp/v2/block-navigation-areas endpoint
Copies WP_REST_Block_Navigation_Areas_Controller from the Gutenberg plugin. This
provides the /wp/v2/block-navigation-areas endpoint used by the Navigation
block.

Props antonvlasenko, TimothyBlynJacobs.
Fixes #54393.

Built from https://develop.svn.wordpress.org/trunk@52133


git-svn-id: http://core.svn.wordpress.org/trunk@51725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-11 03:52:00 +00:00
noisysocks 3e094c27d0 Update @wordpress packages
Update packages to include these bug fixes from Gutenberg:

- Force remount LinkControl when moving between links within same richtext block
- Site Editor: Change ToolsMoreMenuGroup slot-fill name
- Respect fields param for global styles REST API requests.
- Try ensuring the item after post content clears floats
- Fix submenus not opening on click
- Apply i18n functions to Nav block menu drops when selecting existing Menu
- Gallery: Make sure the mobile warning notice only runs when images are added to a new block
- Prepare navigation php code for core patch
- Address deprecation issues from Buttons flex layout PR.
- Block Library: Fix incorrect attributes definitions
- Fix Navigation accessibility issues

See #54337.

Built from https://develop.svn.wordpress.org/trunk@52103


git-svn-id: http://core.svn.wordpress.org/trunk@51695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-10 06:01:30 +00:00
TimothyBlynJacobs e2d4385a4f REST API: Introduce Menu management endpoints.
This commit introduces the `/wp/v2/menus`, `/wp/v2/menu-items` and `/wp/v2/menu-locations` REST API endpoints. These endpoints are fully available to users with the `edit_theme_options` capability, but can be read by any user who can edit a REST API available post type.

The `nav_menu` taxonomy and `nav_menu_item` post type now map their capabilities to the `edit_theme_options` primitive capability. This allows developers to provide more fine-grained access control. However, if a developer is currently dynamically removing the `edit_theme_options` capability using `map_meta_cap`, they should use the `user_has_cap` filter instead.

The `wp_update_nav_menu_item()` function has been adjusted to return an error if saving the menu item post or assigning the menu item to a menu generate an error.

Lastly, a new menu item type is introduced, `block`, that can be used to store a Block as a menu item.

Props andraganescu, antonvlasenko, dingo_d, dlh, isabel_brison, kadamwhite, Mamaduka, NateWr, noisysocks, peterwilsoncc, ryelle, schlessera, soean, Spacedmonkey, talldanwp, TimothyBlynJacobs, tobifjellner, westonruter, wpscholar, zieladam.
Fixes #40878.

Built from https://develop.svn.wordpress.org/trunk@52079


git-svn-id: http://core.svn.wordpress.org/trunk@51671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-09 19:00:01 +00:00
noisysocks c421e9b34a Add Site Editor and PHP changes from Gutenberg 10.1 - 11.9
- First pass at adding the site editor from the Gutenberg plugin to
  wp-admin/site-editor.php.
- Adds miscellaneous PHP changes from Gutenberg 10.1 - 11.9.

Follows [52042].
See #54337.
Props youknowriad, aristath, hellofromtonya, gziolo.

Built from https://develop.svn.wordpress.org/trunk@52069


git-svn-id: http://core.svn.wordpress.org/trunk@51661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-09 02:17:17 +00:00
TimothyBlynJacobs 84dae82fd3 REST API: Add batch support for posts and terms controllers.
This also exposes the value of `allow_batch` in `OPTIONS` requests to a route.

A future commit will add batch support to more resources.

Props spacedmonkey, chrisvanpatten.
See #53063.

Built from https://develop.svn.wordpress.org/trunk@52068


git-svn-id: http://core.svn.wordpress.org/trunk@51660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-09 01:59:02 +00:00
noisysocks f05f235042 Editor: Add block theme infrastructure
Adds the required infrastructure to render block-based themes. This is sourced
from the Gutenberg plugin.

Fixes #54335.
Props bernhard-reiter, youknowriad, ntsekouras, hellofromtonya.

Built from https://develop.svn.wordpress.org/trunk@52062


git-svn-id: http://core.svn.wordpress.org/trunk@51654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-08 23:10:59 +00:00
jorgefilipecosta db5d8b5e03 Add: Global Styles Rest endpoints.
This commit ports the global styles rest endpoints from the Gutenberg plugin into the core.

See #54336.
Props oandregal, aristath, timothyblynjacobs, spacedmonkey, youknowriad.
Built from https://develop.svn.wordpress.org/trunk@52051


git-svn-id: http://core.svn.wordpress.org/trunk@51643 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-08 21:00:07 +00:00
TimothyBlynJacobs fa473014dc REST API: Support subdirectory themes in the Themes controller.
This allows for themes that are included inside of a subdirectory, for example `subdir/my-theme`, to be accessed via the single item route of the `/wp/v2/themes` controller.

Fixes #54349.

Built from https://develop.svn.wordpress.org/trunk@52017


git-svn-id: http://core.svn.wordpress.org/trunk@51609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-05 02:30:57 +00:00
TimothyBlynJacobs 04a853195b REST API: Allow sidebars and their widgets to be public.
By default, only users with the `edit_theme_options` capability can access the sidebars and widgets REST API endpoints. In this commit, A new `show_in_rest` parameter is added to the `register_sidebar` function. When enabled, all users will be able to access that sidebar and any widgets belonging to that sidebar.

This commit reduces the `context` for a widget's `instance` information to only `edit`. This is to ensure that internal widget data is not inadvertently exposed to the public. A future ticket may expose additional APIs to allow widget authors to indicate that their instance data can be safely exposed. REST API consumers intending to access this `instance` information should take care to explicitly set the `context` parameter to `edit`.

Props spacedmonkey, zieladam.
Fixes #53915.

Built from https://develop.svn.wordpress.org/trunk@52016


git-svn-id: http://core.svn.wordpress.org/trunk@51608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-05 02:15:59 +00:00
hellofromTonya 27d239d01b REST API: Improve translations, comments, and readability in URL Details endpoint.
Improvements:
* Removes HTML tags from translatable strings. Uses `sprintf` with placeholder and translators comment.
* Spells out "OG" to "Open Graph" to help translators.
* Adds `@since` param to new filters.
* Improves comments for code standards and consistency.
* Improves readability by making multiple args multiline.
* Micro-optimizations to avoid unnecessary variable assignments.

Follow-up to [51973].

Props hellofromTonya, sergeybiryukov, swissspidy.
Fixes #54358.
Built from https://develop.svn.wordpress.org/trunk@52008


git-svn-id: http://core.svn.wordpress.org/trunk@51599 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 12:44:01 +00:00
hellofromTonya cf0274e1ca REST API: Add URL Details endpoint.
Adds a new REST API endpoint (`/wp-block-editor/v1/url-details`) for retrieving information from an external URL.

Information retrieved:

* Title: content of the `<title>` element
* Icon: favicon image link
* Description: content of the `description` or `og:description` meta element
* Image: OG image link

This endpoint is used by the block editor for link previews.

Props get_dave, aduth, andraganescu, beaulebens, hellofromTonya, kevin940726, mamaduka, marekhrabe, mnelson4, noisysocks, obenland, ocean90, retrofox, shaunandrews, spacedmonkey, swissspidy, timothyblynjacobs, xknown, youknowriad.
Fixes #54358.
Built from https://develop.svn.wordpress.org/trunk@51973


git-svn-id: http://core.svn.wordpress.org/trunk@51562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 12:48:00 +00:00
Sergey Biryukov b855ffec3f Docs: Add a `@since` note for the `rest_namespace` argument of `register_post_type()` and `register_taxonomy()`.
Use 3-digit, x.x.x-style semantic versioning for `@since` tags of the `$rest_namespace` property in `WP_Post_Type` and `WP_Taxonomy`.

Add a `@since` note to `WP_REST_Taxonomies_Controller::get_item_schema()` for the `visibility` and `rest_namespace` properties.

The `rest_base` property was also added after the method was initially introduced, but that happened during the same release cycle, so it doesn't need a separate `@since` note.

Follow-up to [38832], [39191], [42729], [51959], [51961], [51962], [51964].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51965


git-svn-id: http://core.svn.wordpress.org/trunk@51554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 14:31:00 +00:00
TimothyBlynJacobs c0995319f4 REST API: Support custom namespaces for taxonomies.
While a taxonomy can define a custom route by using the rest_base argument, a namespace of wp/v2 was assumed. This commit introduces support for a rest_namespace argument.

A new rest_get_route_for_taxonomy_items function has been introduced and the rest_get_route_for_term function updated to facilitate getting the correct route for taxonomies.

For maximum compatibility sticking with the default wp/v2 namespace is recommended until the API functions see wider use.

Props spacedmonkey.
Fixes #54267.
See [51962].

Built from https://develop.svn.wordpress.org/trunk@51964


git-svn-id: http://core.svn.wordpress.org/trunk@51553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 03:27:55 +00:00
TimothyBlynJacobs bac6e41c85 REST API: Support custom namespaces for custom post types.
While a custom post type can define a custom route by using the `rest_base` argument, a namespace of `wp/v2` was assumed. This commit introduces support for a `rest_namespace` argument. 

A new `rest_get_route_for_post_type_items` function has been introduced and the `rest_get_route_for_post` function updated to facilitate getting the correct route for custom post types.

While the WordPress Core Block Editor bootstrap code has been updated to use these API functions, for maximum compatibility sticking with the default `wp/v2` namespace is recommended until the API functions see wider use.

Props spacedmonkey, swissspidy.
Fixes #53656.

Built from https://develop.svn.wordpress.org/trunk@51962


git-svn-id: http://core.svn.wordpress.org/trunk@51551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 23:16:58 +00:00
Sergey Biryukov c60a9d92e2 Docs: Add a `@since` note to `WP_REST_Post_Types_Controller::get_item_schema()` for the `supports` and `visibility` properties.
The `taxonomies` and `rest_base` properties were also added after the method was initially introduced, but that happened during the same release cycle, so they don't need a separate `@since` note.

Follow-up to [38832], [39097], [39191], [39647], [51959].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51961


git-svn-id: http://core.svn.wordpress.org/trunk@51550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 20:28:01 +00:00
TimothyBlynJacobs f76071026b REST API: Add visibility information to the Post Types controller.
Props spacedmonkey, peterwilsoncc.
Fixes #54055.

Built from https://develop.svn.wordpress.org/trunk@51959


git-svn-id: http://core.svn.wordpress.org/trunk@51548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 05:19:01 +00:00
John Blackbourn 3d86f8af55 Application Passwords: Various docblock improvements.
See #53399, #42790

Built from https://develop.svn.wordpress.org/trunk@51958


git-svn-id: http://core.svn.wordpress.org/trunk@51547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 20:26:59 +00:00
Pascal Birchler a225165010 Role/Capability: Add support for capability queries in `WP_User_Query`.
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:

* `capability` 
* `capability__in`
* `capability__not_in`

These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.

Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:

* all users with a role that has this capability
* all users with the capability being assigned directly

Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.

The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.

Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.

This updates any usage of `'who' => 'authors'` in core to use capability queries instead.

Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.

Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.

Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.

Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes #16841.

Built from https://develop.svn.wordpress.org/trunk@51943


git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:43:57 +00:00
TimothyBlynJacobs bb7a0cf334 REST API: Sort widget types by their id.
Fixes #53303.
Props spacedmonkey.

Built from https://develop.svn.wordpress.org/trunk@51882


git-svn-id: http://core.svn.wordpress.org/trunk@51475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-02 21:45:03 +00:00
hellofromTonya 07139653b9 Widgets: Revert [51705].
While the new name is much better, it doesn't fully tell what will happen when invoked nor does it fully solve the root problems. 

Why? The function is doing too much. And naming is hard.

Props azaozz, desrosj, andraganescu, zieladam, hellofromTonya.
See #53811.
Built from https://develop.svn.wordpress.org/trunk@51791


git-svn-id: http://core.svn.wordpress.org/trunk@51398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 21:40:57 +00:00
hellofromTonya 41307cd4e6 Code Modernization: Fix parameter name mismatches for parent/child classes in `WP_REST_Controller::prepare_item_for_response()`.
In each child and grandchild class, renames the first parameter to match the parent's method signature.

Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.

Changes for readability:

- `@since` clearly specifies the original parameter name and its new name as well as why the change happened.

- In methods longer than a single line, the generic parameter is reassigned to the original parameter restoring it for context for use within the method. An inline comment is added to explain why this reassignment is made.

Follow-up to [38832], [39011], [39015], [39021], [39024], [39025], [39031], [39036], [43519], [43735], [43739], [43768], [46821], [48173], [48242], [49088], [50995], [51003], [51021].

Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51786


git-svn-id: http://core.svn.wordpress.org/trunk@51393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 18:36:57 +00:00
hellofromTonya 71977c215d Widgets: Rename and soft deprecate `retrieve_widgets()`.
The original name `retrieve_widgets()` was unclear as it suggested it was a getter, i.e. getting the widgets. This function does more than get: finds orphaned widgets, assigns them to the inactive sidebar, and updates the database.

The new name is `sync_registered_widgets()` which better represents what happens when this function is invoked.

The original `retrieve_widgets()` function is soft deprecated to avoid unnecessary code churn downstream for developers that support more than the latest version of WordPress.

Follow-up to [18630].

Props zieladam, timothyblynjacobs, andraganescu, hellofromTonya.
See #53811.
Built from https://develop.svn.wordpress.org/trunk@51705


git-svn-id: http://core.svn.wordpress.org/trunk@51311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-08-31 19:58:58 +00:00
desrosj 5090761b4f Coding Standards: Apply some minor alignment fixes.
These are updates caused by running `composer format`.

Follow up to [51501], [51599], [51618], [51653].
See #53359, #50542, #53238, #53668, #53690.
Built from https://develop.svn.wordpress.org/trunk@51693


git-svn-id: http://core.svn.wordpress.org/trunk@51299 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-08-30 14:09:58 +00:00
John Blackbourn b3226d8e62 REST API: Correct the description for the `last_updated` property in the block-directory endpoint.
This field shows the date in ISO 8601 format.

Fixes #53595

Built from https://develop.svn.wordpress.org/trunk@51676


git-svn-id: http://core.svn.wordpress.org/trunk@51282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-08-26 19:34:56 +00:00
hellofromTonya c7d3e267b8 Coding Standards: Use static closures when not using `$this`.
When a closure does not use `$this`, it can be made `static` for improved performance.

Static closures are supported in PHP since PHP 5.4. ​

Props jrf, hellofromTonya, swissspidy, SergeyBiryukov.
See #53359.
Built from https://develop.svn.wordpress.org/trunk@51657


git-svn-id: http://core.svn.wordpress.org/trunk@51263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-08-26 12:59:02 +00:00
gziolo 327852393a Build: Split packages and blocks to their webpack configs
It aligns with the changes proposed added in Gutenberg: https://github.com/WordPress/gutenberg/pull/33293.

The idea here is to split the growing webpack config into two parts: blocks and  packages.

We need to add handling for JavaScript files that are going to be used with blocks on the frontend. They didn't work quite well with the current setup for entry points created for packages.

As part of the effort, it adds support for `viewScript` in `block.json` metadata file that is later translated to `$view_script` in `WP_Block_Type` class and exposed as `view_script` from the REST API endpoint for block types.

Props youknowriad, desrosj, aristath.
Fixes #53690.


Built from https://develop.svn.wordpress.org/trunk@51501


git-svn-id: http://core.svn.wordpress.org/trunk@51112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-28 10:06:59 +00:00
John Blackbourn f5713b8d71 Application Passwords: Improve various user-facing and developer-facing terminology.
Fixes #53503, #53691

Built from https://develop.svn.wordpress.org/trunk@51463


git-svn-id: http://core.svn.wordpress.org/trunk@51074 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-19 21:14:57 +00:00
desrosj 88309aa27e Widgets: Prevent widgets unintentionally being moved to the inactive sidebar.
This fixes a bug where widgets are unintentionally moved to the `wp_inactive_widgets` sidebar when batch updates occur through the REST API.

When batch requests are processed, only `$_wp_sidebars_widgets is updated by previous calls to `WP_REST_Widgets_Controller::create_item()`. `$sidebars_widgets` is not aware of the new widget’s intended location, and `retrieve_widgets()` mistakenly flags the widget as inactive.

Calling `wp_get_sidebars_widgets()` before `retrieve_widgets()` ensures both global variables match and is intended as a temporary fix until the root cause of the problem can be fixed.

Props zieladam, htmgarcia, timothyblynjacobs.
Fixes #53657.
Built from https://develop.svn.wordpress.org/trunk@51432


git-svn-id: http://core.svn.wordpress.org/trunk@51043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-14 16:45:58 +00:00
desrosj a3a7ccf107 Widgets: Use `wp_sidebar_description()` to retrieve a sidebar’s `description`.
This switches `WP_REST_Sidebars_Controller` to use `wp_sidebar_description()` for retrieving the `description` of a given sidebar instead of referencing the value in the `$wp_registered_sidebars` global variable directly.

`wp_sidebar_description()` uses `wp_kses()` to only allow the default list of `$allowed_tags` to be present in a sidebar’s `description`.

Props timothyblynjacobs, desrosj.
Fixes #53646.
Built from https://develop.svn.wordpress.org/trunk@51408


git-svn-id: http://core.svn.wordpress.org/trunk@51019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-12 19:03:57 +00:00
TimothyBlynJacobs 3f7c228c90 REST API: Ensure a sidebar's widgets property is a list.
When a widget is removed from a sidebar, if it was removed from the middle of the list, the widgets property would become an object with numeric keys.

The sidebars controller now forces the widgets property to be a list.

Props walbo.
Fixes #53612.

Built from https://develop.svn.wordpress.org/trunk@51377


git-svn-id: http://core.svn.wordpress.org/trunk@50988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-07 19:35:57 +00:00
desrosj 1dcad8f5bb REST API: Add the `$request` parameter to methods checking permissions.
This adds the `$request` parameter to the `permissions_check()` methods within `WP_REST_Widgets_Controller` and adds `$request` as an allowed parameter to the `permissions_check()` method within `WP_REST_Templates_Controller`.

Even when this parameter is not used by default, it should be implemented to support the class being extended and the method overidden.

Props johnbillion, timothyblynjacobs.
Fixes #53593.
Built from https://develop.svn.wordpress.org/trunk@51349


git-svn-id: http://core.svn.wordpress.org/trunk@50958 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-06 15:43:00 +00:00
John Blackbourn efaf4a8938 Docs: Add and correct examples of common names for various dynamic hooks.
See #53581

Built from https://develop.svn.wordpress.org/trunk@51327


git-svn-id: http://core.svn.wordpress.org/trunk@50936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-03 21:42:59 +00:00
John Blackbourn ec4eb88e0f Docs: Further type corrections and improvements for various docblocks.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51302


git-svn-id: http://core.svn.wordpress.org/trunk@50911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-01 22:02:57 +00:00
John Blackbourn 79685db062 Docs: Corrections and improvements to types used in docblocks for symbols, properties, and filters.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51298


git-svn-id: http://core.svn.wordpress.org/trunk@50907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-01 21:02:57 +00:00
Sergey Biryukov 4871e33916 Docs: Correct documentation for `rest_{$post_type}_query` and `rest_{$taxonomy}_query` filters.
Synchronize documentation for related `rest_{$object_type}_query` filters for consistency.

Props dlh.
Fixes #53568.
Built from https://develop.svn.wordpress.org/trunk@51293


git-svn-id: http://core.svn.wordpress.org/trunk@50902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-01 09:12:59 +00:00
Sergey Biryukov 1b749d971a Docs: Remove an empty line between `@param` and `@return` tags in some newly added REST API methods, per the documentation standards.
Follow-up to [48242], [49925], [51003], [51021].

See #52628, #53461.
Built from https://develop.svn.wordpress.org/trunk@51289


git-svn-id: http://core.svn.wordpress.org/trunk@50898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-30 18:43:58 +00:00
Sergey Biryukov 8f4593b124 Docs: List the expected type first instead of `WP_Error` in some REST API methods added in 5.8.
Follow-up to [46696], [49929], [50995], [51021].

See #52628, #53461.
Built from https://develop.svn.wordpress.org/trunk@51286


git-svn-id: http://core.svn.wordpress.org/trunk@50895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-30 17:59:58 +00:00
Sergey Biryukov 598c337f4b Docs: Add missing `@since` tags for some REST API methods added in 5.8.
Follow-up to [50995], [51021].

See #52628, #53461.
Built from https://develop.svn.wordpress.org/trunk@51280


git-svn-id: http://core.svn.wordpress.org/trunk@50889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-30 13:58:59 +00:00
Sergey Biryukov a2f00a677c Docs: Document the globals used in `WP_REST_Widget_Types_Controller` and `WP_REST_Widgets_Controller`.
Follow-up to [50995].

See #52628, #53461.
Built from https://develop.svn.wordpress.org/trunk@51279


git-svn-id: http://core.svn.wordpress.org/trunk@50888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-30 12:55:57 +00:00
Sergey Biryukov d72eb14abf Docs: Document the globals used in some REST API methods.
See #53399.
Built from https://develop.svn.wordpress.org/trunk@51278


git-svn-id: http://core.svn.wordpress.org/trunk@50887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-30 12:34:56 +00:00
Sergey Biryukov ffafbefc36 REST API: Allow multiple widgets to be deleted in a single batch request.
This resets the `WP_Widget::$updated` flag when deleting a widget, to avoid blocking all future updates in a request.

Props noisysocks, andraganescu.
Fixes #53557.
Built from https://develop.svn.wordpress.org/trunk@51277


git-svn-id: http://core.svn.wordpress.org/trunk@50886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-30 10:41:58 +00:00
noisysocks 7131a90b0a Widgets REST API: Fix non-multi widgets not appearing in wp_inactive_widgets
Registered widgets that do not extend WP_Widget should appear in the
wp_inactive_widgets sidebar by default. Having the widgets REST API call
retrieve_widgets() before serving any request ensures that this will happen.

This is a similar fix to [51235].

Fixes #53534.
Props zieladam, timothyblynjacobs.

Built from https://develop.svn.wordpress.org/trunk@51248


git-svn-id: http://core.svn.wordpress.org/trunk@50857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-28 04:34:57 +00:00
desrosj 49a6a14915 REST API: Include the sidebar ID when saving a widget.
This ensures backwards compatibility for code expecting this field to be present.

Props strategio, noisysocks, spacedmonkey.
See #53452.
Built from https://develop.svn.wordpress.org/trunk@51239


git-svn-id: http://core.svn.wordpress.org/trunk@50848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-25 15:25:59 +00:00
TimothyBlynJacobs dc710243a3 REST API: Retrieve latest widgets before loading sidebars.
This fixes issues where sidebars would be unexpectedly missing from the new widgets screen. Running retrieve_widgets syncs sidebars that were registered after the last theme switch.

Props walbo, hellofromTonya, noisysocks.
Fixes #53489.

Built from https://develop.svn.wordpress.org/trunk@51235


git-svn-id: http://core.svn.wordpress.org/trunk@50844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-25 13:18:58 +00:00
desrosj fd27b43fba Coding Standards: Apply an alignment fix from running `composer format`.
Follow up to [51216].
See #53481.
Built from https://develop.svn.wordpress.org/trunk@51229


git-svn-id: http://core.svn.wordpress.org/trunk@50838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-24 19:25:58 +00:00
desrosj fccc020d29 Docs: Various docblock corrections for code added in 5.8.
Props johnbillion.
See #53461.
Built from https://develop.svn.wordpress.org/trunk@51221


git-svn-id: http://core.svn.wordpress.org/trunk@50830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-23 19:05:57 +00:00
noisysocks 0bf96b88d3 Widgets: Fix widget preview not working if widget registered via a instance
The register_widget function can be called with a class name or a class
instance. Once called with a class instance, the class instance is converted to
hash as used key in array.

Props spacedmonkey, zieladam.

Built from https://develop.svn.wordpress.org/trunk@51216


git-svn-id: http://core.svn.wordpress.org/trunk@50825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-23 01:34:58 +00:00
desrosj 48e31b23f5 Docs: Shorten the copyright notice for the `WP_REST_Sidebars_Controller` class.
The class has been heavily modified from the original source, so the copyright can be modified to simply reference the original author’s work. The carry forward of the copyright and original code is implied.

Follow up to [50993-50995,51007,51020,51029].

Props SergeyBiryukov, cbringmann, chanthaboune, desrosj.
Fixes #41683.
Built from https://develop.svn.wordpress.org/trunk@51210


git-svn-id: http://core.svn.wordpress.org/trunk@50819 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-22 23:05:58 +00:00
iandunn 479e9847ed Block Editor: Move caching to endpoint for unique responses.
Now that the pattern API request includes the locale and version, the cache key needs to contain a hash of the query args.

Props ocean90, dd32, timothyblynjacobs
Fixes #53435

Built from https://develop.svn.wordpress.org/trunk@51208


git-svn-id: http://core.svn.wordpress.org/trunk@50817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-22 21:24:58 +00:00
iandunn 0f249041f9 Block Editor: Send locale, version with remote pattern requests.
This information is needed by the w.org API for translation and caching.

Props dd32, ryelle, tellyworth
See #53435

Built from https://develop.svn.wordpress.org/trunk@51206


git-svn-id: http://core.svn.wordpress.org/trunk@50815 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-22 21:21:57 +00:00
Sergey Biryukov 5f30098a1d REST API: Decode single and double quote entities in widget names and descriptions.
Follow-up to [51174], [51175].

Props ocean90, ramonopoly.
Fixes #53407.
Built from https://develop.svn.wordpress.org/trunk@51183


git-svn-id: http://core.svn.wordpress.org/trunk@50792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-18 15:52:56 +00:00
Sergey Biryukov 29ba355256 Coding Standards: Fix WPCS issue in [51174].
See #53407.
Built from https://develop.svn.wordpress.org/trunk@51175


git-svn-id: http://core.svn.wordpress.org/trunk@50784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-17 11:33:58 +00:00
Sergey Biryukov 9f1145b8ae REST API: Decode HTML entities in widget names and descriptions in widget types controller.
Follow-up to [50995].

Props ramonopoly, noisysocks, spacedmonkey, justinahinon, audrasjb, SergeyBiryukov.
Fixes #53407.
Built from https://develop.svn.wordpress.org/trunk@51174


git-svn-id: http://core.svn.wordpress.org/trunk@50783 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-17 11:30:00 +00:00
desrosj ef4b42b03b Coding Standards: Apply an alignment fix.
Follow up to [51021].

See #53246.
Built from https://develop.svn.wordpress.org/trunk@51093


git-svn-id: http://core.svn.wordpress.org/trunk@50702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-08 13:22:57 +00:00
Sergey Biryukov 47231831f7 REST API: Restore the `$creating` parameter of `rest_after_save_widget` action.
This is consistent with other similar REST API actions.

Partially reverts [51071], except for DocBlock formatting fixes.

Props TimothyBlynJacobs.
See #53317.
Built from https://develop.svn.wordpress.org/trunk@51074


git-svn-id: http://core.svn.wordpress.org/trunk@50683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-04 23:13:59 +00:00
Sergey Biryukov 36cf03ca52 REST API: Rename the `$creating` parameter of `rest_after_save_widget` action to `$update`.
This brings some consistency with similar actions for posts, e.g. `save_post` or `wp_insert_post`.

Follow-up to [51068], [51069].

See #53317.
Built from https://develop.svn.wordpress.org/trunk@51071


git-svn-id: http://core.svn.wordpress.org/trunk@50680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-04 10:48:56 +00:00
noisysocks 222541d7c3 REST API: Delete fresh_site option when updating widgets via REST API
Adds new hooks (rest_save_sidebar, rest_delete_widget, rest_after_save_widget)
to the widgets REST API and uses them to delete the fresh_site option when
updating widgets via the REST API. This ensures that starter content isn't
loaded in the Customizer after a user makes changes.

Fixes #53317.
Props kevin940726, garrett-eclipse, andraganescu, hellofromtonya.

Built from https://develop.svn.wordpress.org/trunk@51068


git-svn-id: http://core.svn.wordpress.org/trunk@50677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-04 00:45:56 +00:00
noisysocks 5162c8e6a8 REST API: Add 'delete_widget' action to delete widget endpoint
Triggers the 'delete_widget' action to the delete widget endpoint in the REST
API. This aligns with the behaviour in the widgets WP Admin screen.

Fixes #53289.
Props isabel_brison, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@51060


git-svn-id: http://core.svn.wordpress.org/trunk@50669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-02 01:40:57 +00:00
noisysocks 2fd3f23408 REST API: Fix delete widget endpoint
Makes the `DELETE /wp/v2/widgets/:id?force=1` endpoint actually delete the
widget from the `"widget-$id_base"` option and not just remove it from
`'sidebars_widgets'`.

Fixes #53313.
Props TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@51059


git-svn-id: http://core.svn.wordpress.org/trunk@50668 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-02 01:22:57 +00:00
TimothyBlynJacobs f3504cd945 REST API: Remove duplicates in the widget types endpoint.
Props noisysocks, spacedmonkey, imath, isabel_brison.
Fixes #53305.

Built from https://develop.svn.wordpress.org/trunk@51049


git-svn-id: http://core.svn.wordpress.org/trunk@50658 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-31 20:57:58 +00:00
TimothyBlynJacobs cc26123e20 REST API: Add support for modifying the term relation when querying posts.
By default, a post most contain any of the requested terms to be included in the response. This commit adds a new `operator` property that can be set to `AND` to require a post to contain all of the requested terms.

For example, `/wp/v2/posts?tags[terms]=1,2,3&tags[operator]=AND` will return posts that have tags with the ids of 1, 2, and 3.

Props dlh, earnjam, Clorith, jnylen0, sebbb.
Fixes #41287.

Built from https://develop.svn.wordpress.org/trunk@51026


git-svn-id: http://core.svn.wordpress.org/trunk@50635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-26 02:16:59 +00:00
ryelle 56ca42b5d9 Block Editor: Add support for the pattern directory.
Add an endpoint for fetching block patterns from WordPress.org, and load the block patterns from this new API. Remove the block patterns that have already been moved to WordPress.org/patterns.

Props ryelle, iandunn, youknowriad, timothyblynjacobs.
Fixes #53246.


Built from https://develop.svn.wordpress.org/trunk@51021


git-svn-id: http://core.svn.wordpress.org/trunk@50630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-26 01:11:59 +00:00
youknowriad 4ae0e4220f Block Editor: Introduce block templates for classic themes.
With this patch, users will be able to create custom block based templates
and assign them to specific pages/posts.

Themes can also opt-out of this feature

Props bernhard-reiter, carlomanf.
Fixes #53176.

Built from https://develop.svn.wordpress.org/trunk@51003


git-svn-id: http://core.svn.wordpress.org/trunk@50612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-25 14:20:57 +00:00
Sergey Biryukov cc95428f75 REST API: Update “object” strings to use the appropriate nouns.
This updates route arguments and schema descriptions to use more specific object types for clarity.

Follow-up to [39342].

Props lephleg, jnylen0.
Fixes #40720.
Built from https://develop.svn.wordpress.org/trunk@51000


git-svn-id: http://core.svn.wordpress.org/trunk@50609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-25 13:12:58 +00:00
noisysocks 1314542c50 REST API: Add widget endpoints
Adds the sidebars, widgets and widget-types REST API endpoints from the
Gutenberg plugin.

Fixes #41683.
Props TimothyBlynJacobs, spacedmonkey, zieladam, jorgefilipecosta, youknowriad, kevin940726.

Built from https://develop.svn.wordpress.org/trunk@50995


git-svn-id: http://core.svn.wordpress.org/trunk@50604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-25 08:27:57 +00:00
noisysocks ed195fbd89 REST API: Revert widget endpoints
Reverts [50993] as it has missing props.

Reverts [50993].
See #41683.

Built from https://develop.svn.wordpress.org/trunk@50994


git-svn-id: http://core.svn.wordpress.org/trunk@50603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-25 08:22:56 +00:00
noisysocks 2a4e1e0c04 REST API: Add widget endpoints
Adds the sidebars, widgets and widget-types REST API endpoints from the
Gutenberg plugin.

Fixes #41683.
Props TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@50993


git-svn-id: http://core.svn.wordpress.org/trunk@50602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-25 07:52:55 +00:00
Sergey Biryukov 1e02e0f049 Docs: Use 3-digit, x.x.x-style semantic versioning for two `_doing_it_wrong()` calls.
Follow-up to [37985], [38420], [39021].

See #52628.
Built from https://develop.svn.wordpress.org/trunk@50952


git-svn-id: http://core.svn.wordpress.org/trunk@50561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-22 13:09:56 +00:00
Adam Silverstein 524030edfa Images: enable WebP support.
Add support for uploading, editing and saving WebP images when supported by the server.

Add 'image/webp' to supported mime types. Correctly identify WebP images and sizes even when PHP doesn't support WebP. Resize uploaded WebP files (when supported) and use for front end markup.

Props markoheijne, blobfolio, Clorith, joemcgill, atjn, desrosj, spacedmonkey, marylauc, mikeschroder, hellofromtonya, flixos90.
Fixes #35725.


Built from https://develop.svn.wordpress.org/trunk@50810


git-svn-id: http://core.svn.wordpress.org/trunk@50419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-04 14:44:58 +00:00
desrosj e445660ee3 REST API: Allow authors to read their own password protected posts.
Allow authenticated users to read the contents of password protected posts if they have the `edit_post` meta capability for the post.

Props xknown, zieladam, peterwilsoncc, swissspidy, timothyblynjacobs.
Built from https://develop.svn.wordpress.org/trunk@50717


git-svn-id: http://core.svn.wordpress.org/trunk@50326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-14 23:24:04 +00:00
davidbaumwald 739dfb756f Coding Standards: Remove some extra whitespace in `get_item_schema`.
Introduced in [50527].

See #52627.
Built from https://develop.svn.wordpress.org/trunk@50632


git-svn-id: http://core.svn.wordpress.org/trunk@50244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-01 15:54:04 +00:00
Sergey Biryukov cb55990e50 Docs: Add missing `@since` tags for `item_link` and `item_link_description` post type and taxonomy labels.
Follow-up to [50527].

See #52688.
Built from https://develop.svn.wordpress.org/trunk@50529


git-svn-id: http://core.svn.wordpress.org/trunk@50142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-03-13 10:25:06 +00:00
gziolo f27c179afc Editor: Make block type aware of variations
Currently block variations are only defined on the client. In some cases, creating block variations on the server can be very useful, especially when needed data is not exposed in the REST APIs.

Related to https://github.com/WordPress/gutenberg/pull/29095.

Props: gwwar, timothyblynjacobs.
Fixes: #52688.


Built from https://develop.svn.wordpress.org/trunk@50527


git-svn-id: http://core.svn.wordpress.org/trunk@50140 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-03-12 13:35:09 +00:00
John Blackbourn 52679edbff Docs: Add examples of possible names for various hooks whose name contains a dynamic portion.
This provides greater discoverability of such hooks in search results on the Code Reference site as well as increased clarity when reading the source.

See #50734, #52628

Built from https://develop.svn.wordpress.org/trunk@50505


git-svn-id: http://core.svn.wordpress.org/trunk@50118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-03-07 12:32:09 +00:00
TimothyBlynJacobs 44b83e84ec REST API: Allow for the posts endpoint include/exclude terms query to `include_children`.
For example the `categories` or `categories_exclude` parameters can now optionally accept an object with a `terms` property that accepts the list of term ids and a new `include_children` property which controls the Tax Query `include_children` field.

Props jason_the_adams, jnylen0, birgire, dlh.
Fixes #39494.

Built from https://develop.svn.wordpress.org/trunk@50157


git-svn-id: http://core.svn.wordpress.org/trunk@49836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 19:25:05 +00:00
desrosj 230c1c5c8a Coding Standards: Fix several minor coding standards issues.
These are made by running `composer format`.

Follow up to [50124], [50129], [50143].

See #49961, #52192, #34281.
Built from https://develop.svn.wordpress.org/trunk@50152


git-svn-id: http://core.svn.wordpress.org/trunk@49831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 18:04:03 +00:00
antpb 3e6cc64e35 REST API, Media: Add batch image editing endpoints.
Introduces new endpoints to allow for batch image editing using the REST API. 

The new endpoints can take an array of modifiers that will be applied in the order they appear.

Props ajlende, TimothyBlynJacobs, hellofromTonya, Mista-Flo.
Fixes #52192.

Built from https://develop.svn.wordpress.org/trunk@50124


git-svn-id: http://core.svn.wordpress.org/trunk@49803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 18:37:03 +00:00
TimothyBlynJacobs c27098a3a3 App Passwords: Introduce fine grained capabilities.
Previously, all permission checks for using app passwords were implemented using `edit_user`. This commit introduces a series of more fine grained meta capabilities that should be used instead: `create_app_password`, `list_app_passwords`, `read_app_password`, `edit_app_password`, `delete_app_password` and `delete_app_passwords`. These capabilities all map to `edit_user` by default, but may now be customized by developers.

Props johnbillion, TimothyBlynJacobs.
Fixes #51703.

Built from https://develop.svn.wordpress.org/trunk@50114


git-svn-id: http://core.svn.wordpress.org/trunk@49793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 19:03:59 +00:00
Felix Arntz 9d348e26f3 Security, Site Health: Improve accuracy in messaging about HTTPS support.
Following up on [49904], this changeset focuses mainly on improving the guidance about the current state of HTTPS in Site Health.

* Correct the existing copy to indicate that both the Site Address and the WordPress Address need to be changed to fully switch to HTTPS.
* Link to the respective input fields via anchor links rather than to the overall General Settings screen.
* Show different copy if the site is using HTTPS for the WordPress Address (for example to have only the administration panel in HTTPS), but not for the Site Address.
* Inform the user about potential problems even when the site is already using HTTPS, for example if the SSL certificate was no longer valid.
* Always rely on fresh information for determining HTTPS support issues in Site Health, and therefore change the `https_status` test to become asynchronous.
* Rename the new private `wp_is_owned_html_output()` function to a more appropriate `wp_is_local_html_output()`.

Props adamsilverstein, flixos90, johnjamesjacoby, timothyblynjacobs.
See #47577.

Built from https://develop.svn.wordpress.org/trunk@50072


git-svn-id: http://core.svn.wordpress.org/trunk@49773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 19:10:58 +00:00
TimothyBlynJacobs cd6238947e App Passwords: Introduce introspection endpoint.
This introduces a new endpoint, `wp/v2/users/me/application-passwords/introspect`, that will return details about the App Password being used to authenticate the current request. This allows for an application to disambiguate between multiple installations of their application which would all share the same `app_id`.

Props xkon, peterwilsoncc, TimothyBlynJacobs.
Fixes #52275.

Built from https://develop.svn.wordpress.org/trunk@50065


git-svn-id: http://core.svn.wordpress.org/trunk@49766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 00:07:02 +00:00
TimothyBlynJacobs ee710f2c16 App Passwords: Improve validation and sanitization of the application name.
Application names are now required to be unique and cannot contain solely whitespace characters. Additionally, invalid characters are now stripped from the application name using `sanitize_text_field()`.

Props Boniu91, hellofromTonya, engahmeds3ed, xkon, francina.
Fixes #51941.

Built from https://develop.svn.wordpress.org/trunk@50030


git-svn-id: http://core.svn.wordpress.org/trunk@49731 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 19:05:02 +00:00
John Blackbourn 3670cc0b36 REST API: Introduce `modified_before` and `modified_after` query parameters for the posts endpoints.
These parameters work just the same as `before` and `after` except they operate on the post modified date instead of the post published date.

Props claytoncollie, TimothyBlynJacobs, hellofromTonya

Fixes #50617

Built from https://develop.svn.wordpress.org/trunk@50024


git-svn-id: http://core.svn.wordpress.org/trunk@49725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-26 18:28:03 +00:00
John Blackbourn 35e1b34f8e REST API: Corrections and improvements to docblocks for REST API filters.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49955


git-svn-id: http://core.svn.wordpress.org/trunk@49654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-10 22:23:09 +00:00
TimothyBlynJacobs b1f8ffa77d REST API: Fix fatal error on multisite when calling the single item plugin routes.
The `is_network_only_plugin` and `is_plugin_active` functions are not available in a front-end context and must be specifically loaded.

Props oakesjosh.
Fixes #52205.

Built from https://develop.svn.wordpress.org/trunk@49952


git-svn-id: http://core.svn.wordpress.org/trunk@49651 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-09 20:22:11 +00:00
John Blackbourn f0078d043e Docs: Miscellaneous docblock corrections and improvements.
See #51800.
Built from https://develop.svn.wordpress.org/trunk@49942


git-svn-id: http://core.svn.wordpress.org/trunk@49641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-07 14:17:11 +00:00
Sergey Biryukov 37662df05e Docs: In various `@return` tags, list the expected type first, instead of `false` or `WP_Error`.
Follow-up to [46696], [47060], [49926], [49927].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@49929


git-svn-id: http://core.svn.wordpress.org/trunk@49628 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-04 17:18:04 +00:00
John Blackbourn dfe1f9b322 Docs: Promote many `bool` types to `true` or `false` where only that value is used.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49927


git-svn-id: http://core.svn.wordpress.org/trunk@49626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 22:04:04 +00:00
TimothyBlynJacobs bf51961e7e REST API: Expose all themes in the themes controller.
Previously, only the active theme was made available. This commit allows for all themes to be queried if the user has the `switch_themes` or `manage_network_themes` capabilities.

This commit also no longer exposes the `page`, `per_page`, `search` and `context` query parameters since they are not supported by this controller.

Props spacedmonkey, lpawlik, TimothyBlynJacobs.
Fixes #50152.

Built from https://develop.svn.wordpress.org/trunk@49925


git-svn-id: http://core.svn.wordpress.org/trunk@49624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 21:47:05 +00:00
TimothyBlynJacobs 7d4a40f4ee REST API: Move the `WP_Query` args filter after the `tax_query` is setup.
This ensures that the entire list of `WP_Query` args are filterable in the posts controller.

Props Krstarica, TimothyBlynJacobs.
Fixes #42762.

Built from https://develop.svn.wordpress.org/trunk@49923


git-svn-id: http://core.svn.wordpress.org/trunk@49622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 02:39:11 +00:00
TimothyBlynJacobs 4e3c568fb1 REST API: Only include the controller's own taxonomy in it's schema.
Previously, all taxonomies were incorrectly exposed as possible values.

Props johnbillion.
Fixes #51940.

Built from https://develop.svn.wordpress.org/trunk@49922


git-svn-id: http://core.svn.wordpress.org/trunk@49621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-02 23:49:05 +00:00
Sergey Biryukov c3b89441f7 Docs: Correct the type of the `$user` parameter in `WP_REST_Users_Controller::prepare_links()`.
Props iviweb, mukesh27.
Fixes #52175.
Built from https://develop.svn.wordpress.org/trunk@49906


git-svn-id: http://core.svn.wordpress.org/trunk@49605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-25 14:54:07 +00:00
John Blackbourn bf83c368fd Docs: Various docblock improvements.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49790


git-svn-id: http://core.svn.wordpress.org/trunk@49513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-10 23:59:03 +00:00
John Blackbourn 00680f2e89 REST API: Pass the previous state of the post as a parameter to the `wp_after_insert_post` hook.
This enables, for example, the previous post status to be used by this hook without the need to first capture it on an earlier hook.

This also fixes the value of the `$fire_after_hooks` parameter in `get_default_post_to_edit()` so the `wp_after_insert_post` action correctly fires just once on the new post screen.

Props Collizo4sky, peterwilsoncc, hellofromTonya, TimothyBlynJacobs, SergeyBiryukov

Fixes #45114

Built from https://develop.svn.wordpress.org/trunk@49731


git-svn-id: http://core.svn.wordpress.org/trunk@49454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-01 20:47:06 +00:00
TimothyBlynJacobs c3b40f7f80 Site Health, App Passwords: Ensure REST API responses are properly translated.
The REST API requests in Site Health and App Passwords now include `_locale=user` in the request URL to ensure the user's locale is used instead of the site locale. Additionally, the `apiRequest` library now sends a JSON `Accept` header which is required by `determine_locale()` to respect the `_locale` query parameter.

The Site Health REST API controllers now manually load the default admin textdomain if not `is_admin()`. This allows for the Site Health tests to be translated even though the translations are part of the administration project and the REST API is not.

Props oglekler, kebbet, Clorith, TimothyBlynJacobs, ocean90, SergeyBiryukov, adamsilverstein.
Fixes #51871.

Built from https://develop.svn.wordpress.org/trunk@49716


git-svn-id: http://core.svn.wordpress.org/trunk@49439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-01 03:44:05 +00:00
John Blackbourn f4cda1b62f Docs: Upgrade more parameters in docblocks to used typed array notation.
See #51800, #41756

Built from https://develop.svn.wordpress.org/trunk@49693


git-svn-id: http://core.svn.wordpress.org/trunk@49416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-24 21:27:05 +00:00
TimothyBlynJacobs d9b35c8e98 App Passwords: Unify availability language.
Previously App Passwords used a mix of "enabled" and "available". We've now standardized on using "available".

Additionally, we now use a 501 status code when indicating that App Passwords is not available.

Props SergeyBiryukov, ocean90, TimothyBlynJacobs.
Fixes #51513.

Built from https://develop.svn.wordpress.org/trunk@49617


git-svn-id: http://core.svn.wordpress.org/trunk@49355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-16 22:42:04 +00:00
John Blackbourn 753ae723ad Docs: Corrections and improvements to inline docs relating to the REST API.
See #50768

Built from https://develop.svn.wordpress.org/trunk@49610


git-svn-id: http://core.svn.wordpress.org/trunk@49348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-16 11:04:12 +00:00
Helen Hou-Sandí 135c75c396 Editor: Display short description from block directory in results.
Props dd32, ryelle.
Fixes #51212.

Built from https://develop.svn.wordpress.org/trunk@49559


git-svn-id: http://core.svn.wordpress.org/trunk@49297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-10 20:26:08 +00:00
TimothyBlynJacobs 2df94804d4 Site Health, App Passwords: Test if the Authorization header is populated correctly.
App Passwords rely on the Authorization header to transport the Basic Auth credentials. For Apache web servers, WordPress automatically includes a RewriteRule to populate the value for servers running in CGI or FastCGI that wouldn't ordinarily populate the value. 

This tests if the header is being filled with the expected values. For Apache users, we direct the user to visit the Permalinks settings to flush their permalinks. For all other users, we direct them to a help document on developer.wordpress.org.

Props Clorith, marybaum, TimothyBlynJacobs.
Fixes #51638.

Built from https://develop.svn.wordpress.org/trunk@49334


git-svn-id: http://core.svn.wordpress.org/trunk@49095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-27 18:32:07 +00:00
TimothyBlynJacobs 19c72d58e7 REST API, XML-RPC: Synchronise empty comment content checks.
The REST API and XML-RPC now uses the same detection methodology for empty comment content as `wp_handle_comment_submission()`. Specifically, comments now have their content trimmed and '0' is allowed.

Props jaswrks, rmccue, dd32, rachelbaker, Cawa-93, aduth, TimothyBlynJacobs.
Fixes #43177.

Built from https://develop.svn.wordpress.org/trunk@49303


git-svn-id: http://core.svn.wordpress.org/trunk@49065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-24 22:46:09 +00:00
TimothyBlynJacobs 36c4c943ba REST API: Don't validate status if it hasn't changed.
In particular, this allows for sending `status=inherit` to an attachment if it's current status is `inherit`. This status would be rejected because it is an "internal" post status which isn't exposed.

As a general rule, a developer should always be able to PUT back a GET response without error.

Props dfenton, pputzer, TimothyBlynJacobs.
Fixes #40399.


Built from https://develop.svn.wordpress.org/trunk@49302


git-svn-id: http://core.svn.wordpress.org/trunk@49064 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-24 16:04:05 +00:00
TimothyBlynJacobs abbc108d19 REST API: Make template handling resilient against plugins setting the global post.
Plugins shouldn't be setting the global post object during a REST API request, but if they did this could cause unexpected errors when creating a post with a template.

Props Kipperlenny, TimothyBlynJacobs.
Fixes #49695.

Built from https://develop.svn.wordpress.org/trunk@49301


git-svn-id: http://core.svn.wordpress.org/trunk@49063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-24 14:12:05 +00:00
TimothyBlynJacobs 3a01517c90 REST API: Reuse `namespace` property instead of the undeclared `rest_namespace`.
Props itowhid06.
Fixes #48297.

Built from https://develop.svn.wordpress.org/trunk@49300


git-svn-id: http://core.svn.wordpress.org/trunk@49062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-24 13:54:06 +00:00
TimothyBlynJacobs 9baba12f00 REST API: Support generating comment up links to custom posts controllers.
The comments controller now uses the `rest_get_route_for_post` function introduced in WordPress 5.5 to generate the link. This function is filterable to allow for custom controllers to properly define their REST API route.

Props dsifford, TimothyBlynJacobs.
Fixes #44152.

Built from https://develop.svn.wordpress.org/trunk@49299


git-svn-id: http://core.svn.wordpress.org/trunk@49061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-24 13:20:07 +00:00
TimothyBlynJacobs ce34d0ab00 App Passwords: Support an app_id to uniquely identify instances of an app.
Apps may now optionally include an `app_id` parameter when directing the user to the Authorize Application screen. This allows for instances of an application to be identified and potentially revoked or blocked.

Props TimothyBlynJacobs, georgestephanis.
Fixes #51583.

Built from https://develop.svn.wordpress.org/trunk@49276


git-svn-id: http://core.svn.wordpress.org/trunk@49038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-22 15:06:09 +00:00
desrosj d40c365a30 Coding Standards: Correct some minor coding standards issues.
Introduced in [49154], [49212], [49223], and [49224].
Built from https://develop.svn.wordpress.org/trunk@49225


git-svn-id: http://core.svn.wordpress.org/trunk@48987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 13:29:08 +00:00
youknowriad 8fbbd54c40 Block Editor: Expose api_version in the block type and the REST endpoint.
The new block editor included in 5.6 introduces an api_version property
that indicates which block API version the block is using. 
This commits makes this property available on the block type and the endpoint.

Props TimothyBlynJacobs, gziolo.
Fixes #51529.


Built from https://develop.svn.wordpress.org/trunk@49224


git-svn-id: http://core.svn.wordpress.org/trunk@48986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 07:54:10 +00:00
Peter Wilson 32d193f96f REST API, Posts: Add a hook to fire once a post, its terms and meta update.
Introduces the action `wp_after_insert_post` inside a wrapper function of the same name. This hook allows plugin developers to access a posts full data (including its terms and meta data) regardless of the workflow used to save it.

A new parameter is introduced to `wp_insert_post()` to indicate whether the hook should be fired within the function call or will be fired afterward.

Props aristath, Collizo4sky, danielbachhuber, joyously, kadamwhite, kraftbj, markparnell, mikeschroder, noisysocks, peterwilsoncc, SergeyBiryukov, talldanwp, thewebprincess, TimothyBlynJacobs.
Fixes #45114.

Built from https://develop.svn.wordpress.org/trunk@49172


git-svn-id: http://core.svn.wordpress.org/trunk@48934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-16 03:34:08 +00:00
TimothyBlynJacobs 039ce3f16f Site Health, REST API: Move async tests to REST API endpoints.
This provides more flexibility when writing tests and benefits from running in a front-end context which is necessary for some tests like checking that updates are supported. Additionally, this provides a more robust interface for developers who want to integrate with Site Health tests.

Because the `wp/v2` endpoint is reserved for modeling core entities, site health is registered in its own `wp-site-health/v1` namespace.

The existing ajax actions have been maintained for backward compatibility.

Props Clorith, chrisvanpatten, afragen, pokhriyal, TimothyBlynJacobs.
Fixes #48105.

Built from https://develop.svn.wordpress.org/trunk@49154


git-svn-id: http://core.svn.wordpress.org/trunk@48916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-15 02:00:08 +00:00
John Blackbourn 905460bd5e Docs: Standardise the type name for booleans and integers.
This brings these docs inline with the documentation standards.

Props ravipatel, justinahinon

Fixes #51426

Built from https://develop.svn.wordpress.org/trunk@49120


git-svn-id: http://core.svn.wordpress.org/trunk@48882 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-10 20:02:05 +00:00
TimothyBlynJacobs d5ebe12f11 REST API: Introduce Application Passwords for API authentication.
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.

This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.

Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.

Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes #42790.

Built from https://develop.svn.wordpress.org/trunk@49109


git-svn-id: http://core.svn.wordpress.org/trunk@48871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 22:14:06 +00:00
Sergey Biryukov 897f004a9c General: Replace older-style PHP type conversion functions with type casts.
This improves performance, readability, and consistency throughout core.

* `intval()` → `(int)`
* `strval()` → `(string)`
* `floatval()` → `(float)`

Props ayeshrajans.
Fixes #42918.
Built from https://develop.svn.wordpress.org/trunk@49108


git-svn-id: http://core.svn.wordpress.org/trunk@48870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 21:15:13 +00:00
Sergey Biryukov 0f13b2c268 Docs: Add `@since` notes for the `$id` parameter of REST API search controller accepting a string.
Follow-up to [49088].

See #51131.
Built from https://develop.svn.wordpress.org/trunk@49089


git-svn-id: http://core.svn.wordpress.org/trunk@48851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-03 01:22:11 +00:00
TimothyBlynJacobs e9b5b1a5bc REST API: Allow for string ids in the search controller.
Previously, the search controller infrastructure required that the id property was an integer. This prevents data models that use a string id from utilizing the search infrastructure.

This commit lifts the restraint that search handlers return integer ids. This will allow for the Post Formats search handler coming in 5.6 to use slugs instead of creating fake ids.

Props stoyangeorgiev.
Fixes #51131.

Built from https://develop.svn.wordpress.org/trunk@49088


git-svn-id: http://core.svn.wordpress.org/trunk@48850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-02 17:47:09 +00:00
Helen Hou-Sandí 75262781d9 i18n: Ensure block type strings in the REST API end with a full stop.
Props ramiy, justinahinon.
Fixes #50805.


Built from https://develop.svn.wordpress.org/trunk@48982


git-svn-id: http://core.svn.wordpress.org/trunk@48744 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-16 19:23:07 +00:00
TimothyBlynJacobs 55c21acc9f REST API: Extract `WP_REST_Controller::get_endpoint_args_for_item_schema()` to a standalone function.
This method is useful whenever a JSON Schema needs to be converted to a format suitable for argument validation with `WP_REST_Request`. Moving the logic into a standalone function allows developers to use it outside of the `WP_REST_Controller` context.

Props pentatonicfunk.
Fixes #50876. 

Built from https://develop.svn.wordpress.org/trunk@48951


git-svn-id: http://core.svn.wordpress.org/trunk@48713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-07 02:37:07 +00:00
Sergey Biryukov ee0943482f REST API: In `WP_REST_Block_Directory_Controller::get_items()`, make sure the blocks data for a plugin is not empty before proceeding.
This avoids a PHP notice if the API returns a plugin with empty data for `blocks` key.

Props khag7, TwentyZeroTwo, justinahinon, TimothyBlynJacobs, dd32, SergeyBiryukov.
Fixes #51018.
Built from https://develop.svn.wordpress.org/trunk@48842


git-svn-id: http://core.svn.wordpress.org/trunk@48604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-22 01:54:11 +00:00
Felix Arntz 5918f7e11d Taxonomy: Allow for `wp_count_terms( $args )` signature, making passing a taxonomy optional.
This brings `wp_count_terms()` in line with other taxonomy functions such as `get_terms()` which technically no longer require a taxonomy. Similar to the previously modified functions, no deprecation warning is triggered when using the legacy signature.

Fixes #36399.

Built from https://develop.svn.wordpress.org/trunk@48840


git-svn-id: http://core.svn.wordpress.org/trunk@48602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-21 22:32:06 +00:00
TimothyBlynJacobs e1da1ae3e4 REST API: Add uniqueItems as a permitted endpoint argument JSON Schema keyword.
Support for the `uniqueItems` keyword was added in [48357], but wasn't included in the list of permitted keywords for `WP_REST_Controller::get_endpoint_args_for_item_schema()`. This prevented the keyword from being automatically supported if specified in a controller's item schema.

Fixes #51021.

Built from https://develop.svn.wordpress.org/trunk@48796


git-svn-id: http://core.svn.wordpress.org/trunk@48558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-15 16:11:07 +00:00
Sergey Biryukov 1f85e7484f Docs: Consistently use third-person singular verbs for various filter descriptions, per the documentation standards.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@48782


git-svn-id: http://core.svn.wordpress.org/trunk@48544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-11 00:34:08 +00:00
Sergey Biryukov 350ad6141e Coding Standards: Use consistent formatting for translator comments in `wp-includes/rest-api.php`.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@48765


git-svn-id: http://core.svn.wordpress.org/trunk@48527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-09 01:46:07 +00:00
Sergey Biryukov bb0630caa9 I18N: Use a placeholder instead of the `\` character in a translatable string in `WP_REST_Users_Controller::check_user_password()`.
Props ramiy.
Fixes #50812.
Built from https://develop.svn.wordpress.org/trunk@48692


git-svn-id: http://core.svn.wordpress.org/trunk@48454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-30 12:28:06 +00:00
TimothyBlynJacobs c461697c31 REST API: Remove assets field from block directory controller.
Gutenberg no longer uses the assets field to fetch the assets for the installed block so this field can be dropped from the endpoint. This allows us to reintroduce it at a later point without needing to worry about backward compatibility.

See #50732.

Built from https://develop.svn.wordpress.org/trunk@48656


git-svn-id: http://core.svn.wordpress.org/trunk@48418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-28 04:10:10 +00:00
whyisjake de5533e56b REST API: Install plugin translations after the plugin install. This only installs for the plugin in question, not all plugins.
Support for retrieving the langauge pack alongside the install API request was added in https://meta.trac.wordpress.org/changeset/10091 to avoid having to make a plugin update check during the REST API check.

Fixes #50732.
Props dd32, ocean90, ryelle, swissspidy, tellyworth, whyisjake, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48641


git-svn-id: http://core.svn.wordpress.org/trunk@48403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-27 18:31:06 +00:00
Sergey Biryukov aa22457754 REST API: Use a consistent description for the `textdomain` schema property between plugins and themes controllers.
Follow-up to [48242], [48627].

Props audrasjb.
Fixes #50776. See #50321.
Built from https://develop.svn.wordpress.org/trunk@48628


git-svn-id: http://core.svn.wordpress.org/trunk@48390 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-26 21:54:03 +00:00
Sergey Biryukov e7eaaa97b1 REST API: Use a consistent name for the `textdomain` schema property between plugins, themes, and block directory controllers.
Follow-up to [48242].

See #50321, #50776.
Built from https://develop.svn.wordpress.org/trunk@48627


git-svn-id: http://core.svn.wordpress.org/trunk@48389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-26 21:49:03 +00:00
Sergey Biryukov 61b2cb7761 Docs: Correct `@since` version for `WP_REST_Plugins_Controller::get_item_schema()`.
Follow-up to [48242].

See #50321.
Built from https://develop.svn.wordpress.org/trunk@48626


git-svn-id: http://core.svn.wordpress.org/trunk@48388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-26 21:42:03 +00:00
Sergey Biryukov ebfe7ca39a I18N: Remove `<code>` tags in an error message in `WP_REST_Posts_Controller::get_item_schema()` for consistency with other strings.
Follow-up to [48610].

See #50759.
Built from https://develop.svn.wordpress.org/trunk@48613


git-svn-id: http://core.svn.wordpress.org/trunk@48375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-25 16:41:02 +00:00
Sergey Biryukov 29b0a259df I18N: Move code out of a translatable string in `WP_REST_Posts_Controller::get_item_schema()`.
Props ramiy.
Fixes #50759.
Built from https://develop.svn.wordpress.org/trunk@48610


git-svn-id: http://core.svn.wordpress.org/trunk@48372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-25 16:28:04 +00:00
Sergey Biryukov 5323fa05e5 REST API: Use consistent error messages when managing network plugins.
Props ramiy.
Fixes #50729.
Built from https://develop.svn.wordpress.org/trunk@48556


git-svn-id: http://core.svn.wordpress.org/trunk@48318 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 22:01:03 +00:00
Sergey Biryukov 3061a680a9 Media: Pass the attachment ID to the `wp_image_file_matches_image_meta` filter.
Props spacedmonkey.
Fixes #50722.
Built from https://develop.svn.wordpress.org/trunk@48547


git-svn-id: http://core.svn.wordpress.org/trunk@48309 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 16:55:08 +00:00
TimothyBlynJacobs b8d5e161eb REST API: Issue a _doing_it_wrong when registering a route without a permission callback.
The REST API treats routes without a permission_callback as public. Because this happens without any warning to the user, if the permission callback is unintentionally omitted or misspelled, the endpoint can end up being available to the public. Such a scenario has happened multiple times in the wild, and the results can be catostrophic when it occurs.

For REST API routes that are intended to be public, it is recommended to set the permission callback to the `__return_true` built in function.

Fixes #50075.
Props rmccue, sorenbronsted, whyisjake, SergeyBiryukov, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48526


git-svn-id: http://core.svn.wordpress.org/trunk@48288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 12:03:05 +00:00
Andrew Ozz 562a59f553 REST API, Media: Add `X-WP-Upload-Attachment-ID` HTTP header to enable retrying of post-processing of edited images if the server runs out of resources. This is the same as after uploading a new image, will do up to five additional requests to let the server create all image sub-sizes.
Fixes #50711.
Built from https://develop.svn.wordpress.org/trunk@48525


git-svn-id: http://core.svn.wordpress.org/trunk@48287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 03:00:04 +00:00
Andrew Ozz c2639c74ff REST API, Media: Fix/improve the inline docs and name of the new `wp_edited_image_metadata` filter.
Props desrosj, azaozz.

See #44405.
Built from https://develop.svn.wordpress.org/trunk@48518


git-svn-id: http://core.svn.wordpress.org/trunk@48280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-20 21:04:03 +00:00
Andrew Ozz 689c224476 Media: Migrate the data from the attachment post of the parent image when saving an edited image. Copy:
- `post_title`,
- `post_content` (image description),
- `post_excerpt` (image caption as saved in the DB),
- `_wp_attachment_image_alt` meta (alt text for the img tag as saved in the DB).

Props spacedmonkey, joedolson, TimothyBlynJacobs, azaozz.
Fixes #50675.
Built from https://develop.svn.wordpress.org/trunk@48510


git-svn-id: http://core.svn.wordpress.org/trunk@48272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-19 21:19:04 +00:00
Andrew Ozz 2d728713ac REST API: Prevent attachment ID/image source mismatch when editing an image.
Fixes #50565.
Built from https://develop.svn.wordpress.org/trunk@48498


git-svn-id: http://core.svn.wordpress.org/trunk@48260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-16 21:56:08 +00:00
TimothyBlynJacobs a59fb4e50f REST API: Sanitize block renderer attributes.
In [48069] the Block Renderer was changed to register a single route for all dynamic blocks. Validation was dynamically applied based on the requested block, but sanitization was not. This commit adds the same sanitization back to the block attributes.

Props manooweb.
Fixes #50620. See #48079.

Built from https://develop.svn.wordpress.org/trunk@48437


git-svn-id: http://core.svn.wordpress.org/trunk@48206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-11 20:34:05 +00:00
Sergey Biryukov 6bf6bc451f Docs: Miscellaneous DocBlock corrections.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48408


git-svn-id: http://core.svn.wordpress.org/trunk@48177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-08 13:15:03 +00:00
Andrew Ozz d1dc207128 Media, REST API: Allow media edit endpoint to find remote files.
Props jonsurrell.
Fixes #50595.
Built from https://develop.svn.wordpress.org/trunk@48386


git-svn-id: http://core.svn.wordpress.org/trunk@48155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 16:51:04 +00:00
TimothyBlynJacobs 0386c0ae6c REST API: Remove specific multi-type schema handling from the themes controller.
Multi-type schema handling was improved in [48306]. In particular, it now allows for sanitizing a multi-typed value that wouldn't validate. Removing this handling will make 3rd party registered theme features more robust.

Fixes #50562.

Built from https://develop.svn.wordpress.org/trunk@48308


git-svn-id: http://core.svn.wordpress.org/trunk@48077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-05 01:06:02 +00:00
TimothyBlynJacobs 5af864369c REST API: Introduce endpoint for editing images.
To facilitate inline image editing in Gutenberg, a new endpoint at wp/v2/media/<id>/edit has been introduced. This is functionally similar to the existing ajax image editor, however the REST API editor creates a new attachment record instead of updating an existing attachment.

Fixes #44405.
Props ajlende, ellatrix, spacedmonkey, azaozz.


Built from https://develop.svn.wordpress.org/trunk@48291


git-svn-id: http://core.svn.wordpress.org/trunk@48060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-04 04:15:05 +00:00
Sergey Biryukov ec571bdcf6 Docs: Spell "falsey" in a consistent way.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48275


git-svn-id: http://core.svn.wordpress.org/trunk@48044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-02 11:30:02 +00:00
TimothyBlynJacobs 083134f694 REST API: Introduce plugin management and block directory endpoints.
These endpoints facilitate the Block Directory Inserter feature in Gutenberg. Users can now install, activate, deactivate, and delete plugins over the REST API. The block directoryendpoint allows searching for available blocks from the WordPress.org block directory.

Props cklee, talldanwp, noisysocks, joen, soean, youknowriad, dufresnesteven, gziolo, dd32, tellyworth, ryelle, spacedmonkey, TimothyBlynJacobs.
Fixes #50321.


Built from https://develop.svn.wordpress.org/trunk@48242


git-svn-id: http://core.svn.wordpress.org/trunk@48011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-01 04:24:03 +00:00
Sergey Biryukov f5942603c0 Comments: Make `wp_update_comment()` return a `WP_Error` object for a canceled update, if `$wp_error` parameter is true.
Remove redundant checks for `wp_update_comment()` results being `false`, as the function always returns a `WP_Error` object now if `$wp_error` is true.

Follow-up to [48154], [48215], [48216].

See #39732.
Built from https://develop.svn.wordpress.org/trunk@48218


git-svn-id: http://core.svn.wordpress.org/trunk@47987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-29 23:42:03 +00:00
Sergey Biryukov 37d48e2f2e Users: Merge two similar error messages about usernames with invalid characters.
Props ramiy, garrett-eclipse, chetan200891.
Fixes #47003.
Built from https://develop.svn.wordpress.org/trunk@48195


git-svn-id: http://core.svn.wordpress.org/trunk@47964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-27 23:44:09 +00:00
Sergey Biryukov 5aa7f46a4f Docs: Improve DocBlocks in `wp-includes/theme.php` per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48189


git-svn-id: http://core.svn.wordpress.org/trunk@47958 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-27 12:02:03 +00:00
Sergey Biryukov 40c389c95e Docs: Standardize on "Returning a value from the filter" vs. "Passing a value to the filter".
The filter is the callback function added with `add_filter()`, therefore the hook passes a value to the filter, and the filter returns a value to change its behaviour.

The documentation is referring to the latter.

Props johnbillion.
See #49572, #16557.
Built from https://develop.svn.wordpress.org/trunk@48185


git-svn-id: http://core.svn.wordpress.org/trunk@47954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 18:49:09 +00:00
TimothyBlynJacobs 9f14967ff0 REST API: Introduce Block Types endpoint.
This endpoint allows a user to retrieve the block type definition for all server-side registered block types.

Props spacedmonkey, aduth, gziolo, ocean90, TimothyBlynJacobs.
Fixes #47620.

Built from https://develop.svn.wordpress.org/trunk@48173


git-svn-id: http://core.svn.wordpress.org/trunk@47942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 00:46:07 +00:00
TimothyBlynJacobs 9dc7058be9 Themes: Introduce register_theme_feature API.
Currently themes can declare support for a given feature by using add_theme_support(). This commit adds a register_theme_feature() API that allows plugins and WordPress Core to declare a list of available features that themes can support.

The REST API uses this to expose a theme's supported features if the feature has been registered with "show_in_rest" set to true.

Props kadamwhite, spacedmonkey, williampatton, desrosj, TimothyBlynJacobs.
Fixes #49406.

Built from https://develop.svn.wordpress.org/trunk@48171


git-svn-id: http://core.svn.wordpress.org/trunk@47940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 22:13:10 +00:00
whyisjake bb7601f6d0 Comments: Allow `wp_update_comment()` to return `WP_Error()`.
The `wp_update_comment_data` filter introduced in 4.7 allows comment data to be filtered before it is updated in the database.

The patch aims to handle `WP_Error` as the filter above return value in a similar manner as is done for `wp_new_comment()`.


Fixes #39732.

Props: enricosorcinelli, swissspidy, gkloveweb, jnylen0, jbpaul17, afercia, SergeyBiryukov, audrasjb, imath, davidbaumwald.

Built from https://develop.svn.wordpress.org/trunk@48154


git-svn-id: http://core.svn.wordpress.org/trunk@47923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-24 00:05:12 +00:00
desrosj 4b60af1a6a General: Remove “whitelist” and “blacklist” in favor of more clear and inclusive language.
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”

With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).

Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.

Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.

Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes #50413.
Built from https://develop.svn.wordpress.org/trunk@48121


git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-22 17:26:13 +00:00
Sergey Biryukov e13c363b17 Docs: Capitalize "ID", when referring to a post ID, term ID, etc. in a more consistent way.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48104


git-svn-id: http://core.svn.wordpress.org/trunk@47873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 12:02:12 +00:00
Sergey Biryukov a576a13246 Docs: Remove an empty line between `@param` and `@return` tags, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48102


git-svn-id: http://core.svn.wordpress.org/trunk@47871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 11:18:09 +00:00
John Blackbourn 1a77bb81d8 Docs: Remove unnecessary variables names from `@return` tags.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48100


git-svn-id: http://core.svn.wordpress.org/trunk@47869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-19 22:55:12 +00:00
TimothyBlynJacobs 41f70ae5f8 REST API: Only register one block renderer route.
Every block has a different set of attributes. These attributes are specified as a JSON Schema object. Previously, every block registered its own block renderer route using its attributes for the schema. This allowed for the attributes to be validated using the built in endpoint validation rules. It had the unfortunate side effect, however, of creating a large number of nearly identical REST API routes, one for each dynamic block. Each registered route has a performance impact. As the number of server side blocks goes up, this becomes more and more of an issue.

Now, we register a single block renderer route and dynamically validate the attributes based on the selected block.

Fixes #48079.
Props gziolo, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48069


git-svn-id: http://core.svn.wordpress.org/trunk@47836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-17 03:22:12 +00:00
desrosj 784908ae5f Coding Standards: PHP short ternary operator syntax is not allowed.
WPCS 2.2.0 added a sniff for detecting short ternary operator syntax, which is not allowed per the Core handbook.

Follow up of [47927].
Fixes #50258.
Built from https://develop.svn.wordpress.org/trunk@47929


git-svn-id: http://core.svn.wordpress.org/trunk@47702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-08 21:27:10 +00:00
TimothyBlynJacobs 5efaf888a5 REST API: Support the (min|max)Items JSON Schema keywords.
A future commit will add support for the uniqueItems keyword.

Props sorenbronsted.
See #48821.

Built from https://develop.svn.wordpress.org/trunk@47923


git-svn-id: http://core.svn.wordpress.org/trunk@47697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-07 22:42:13 +00:00
TimothyBlynJacobs 171356a890 REST API: Add additional fields to the themes controller.
When the themes controller was introduced it only returned a theme's supported features. This adds the majority of a theme's header information to the response.

Props ockham, spacedmonkey.
Fixes #49906.

Built from https://develop.svn.wordpress.org/trunk@47921


git-svn-id: http://core.svn.wordpress.org/trunk@47695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-07 06:46:10 +00:00
whyisjake 00df557404 REST API: Ensure that all properties of `get_endpoint_args_for_item_schema` are listed.
* Add new var $valid_schema_properties to match rest_validate_value_from_schema()
* Unit test to ensure all valid properties exists, and non-valid properties are ignored

Fixes: #50301.
Props: pentatonicfunk, TimothyBlynJacobs.


Built from https://develop.svn.wordpress.org/trunk@47911


git-svn-id: http://core.svn.wordpress.org/trunk@47685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-04 16:43:08 +00:00
Dominik Schilling ed71319421 Role/Capability: Use meta caps `edit_post`, `read_post`, and `delete_post` directly.
Rather than consulting the post type object, let `map_meta_cap()` handle that for us.

Props peterwilsoncc, ocean90.
Fixes #50128.
See #23226.
Built from https://develop.svn.wordpress.org/trunk@47850


git-svn-id: http://core.svn.wordpress.org/trunk@47626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-23 15:24:07 +00:00
TimothyBlynJacobs 46854d7322 REST API: Support more JSON Schemas when filtering a response by context.
The array type, multi-types, and the additional properties keyword are now supported. Additionally, the filter recurses to an infinite depth.

Fixes #48819.

Built from https://develop.svn.wordpress.org/trunk@47758


git-svn-id: http://core.svn.wordpress.org/trunk@47534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-04 02:46:05 +00:00
TimothyBlynJacobs 7023be21f5 REST API: Accept POST requests in the block renderer endpoint.
Rendering a block is idempotent, so a GET is the most natural request method. However, the maximum length of URLs prevented blocks with large attributes from being rendered.

Props ryankienstra.
Fixes #49680.

Built from https://develop.svn.wordpress.org/trunk@47756


git-svn-id: http://core.svn.wordpress.org/trunk@47532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-03 22:58:05 +00:00
Sergey Biryukov 61a2f62ffd Comments: Use `comment` instead of an empty string for the `comment_type` DB field value in comments table.
This is the first step to bring support for custom comment types into WordPress.

Add a scheduled upgrade routine to update the type value for existing comments, in batches of 100 at a time.

Props imath, aaroncampbell, jeremyfelt, dshanske.
Fixes #49236.
Built from https://develop.svn.wordpress.org/trunk@47597


git-svn-id: http://core.svn.wordpress.org/trunk@47372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-17 19:35:06 +00:00
K. Adam White 51619c00a4 REST API: Fix revisions controller get_item permission check.
r45812 incorrectly introduced a delete_post permissions check into the get_item method, breaking some plugins which requested revisions when generating previews.

Props sorenbronsted, yohannp, TimothyBlynJacobs.
Fixes #49645.

Built from https://develop.svn.wordpress.org/trunk@47547


git-svn-id: http://core.svn.wordpress.org/trunk@47322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-03 19:40:08 +00:00
K. Adam White 58d5aad2a3 REST API: Fix _fields filtering of registered rest fields.
Use rest_is_field_included when determining which additional fields to include to permit filtering by nested field properties.

Props Dudo, kadamwhite, TimothyBlynJacobs.
Fixes #49648.

Built from https://develop.svn.wordpress.org/trunk@47511


git-svn-id: http://core.svn.wordpress.org/trunk@47286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-26 17:52:16 +00:00
Sergey Biryukov d6178e1dcf REST API: Fix typo in `disable-custom-gradients` theme feature description.
Props Ipstenu, tobifjellner, pixelverbieger.
Reviewed by ocean90, johnbillion, SergeyBiryukov.
Fixes #49585.
Built from https://develop.svn.wordpress.org/trunk@47432


git-svn-id: http://core.svn.wordpress.org/trunk@47219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-06 00:17:05 +00:00
John Blackbourn 056dad9c2c Docs: Use more specific types in parameter descriptions in place of `mixed`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47397


git-svn-id: http://core.svn.wordpress.org/trunk@47184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 10:38:07 +00:00
Sergey Biryukov cbe5f9963a Docs: Improve documentation for `WP_REST_Attachments_Controller`.
This adds a missing DocBlock for `::register_routes()` and parameter descriptions for `::post_process_item()`.

Includes minor documenation fixes in other REST API classes for consistency.

Props dkarfa, mukesh27, SergeyBiryukov.
Fixes #48841.
Built from https://develop.svn.wordpress.org/trunk@47391


git-svn-id: http://core.svn.wordpress.org/trunk@47178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-28 12:31:08 +00:00
Sergey Biryukov 3a333ef030 Coding Standards: Use strict comparison for `normalize_whitespace()` checks when comparing revisions or autosaves.
Props dkarfa, itowhid06, TimothyBlynJacobs.
Fixes #47965.
Built from https://develop.svn.wordpress.org/trunk@47372


git-svn-id: http://core.svn.wordpress.org/trunk@47159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 19:35:09 +00:00
K. Adam White a5f16272dd REST API: Permit access to the themes controller if user can edit any post type.
Check a more exhaustive list of post type editing caps beyond "edit_post" to ensure custom user roles with access to to specific post types may still use block editor functionality depending on theme features.

Props miyauchi, TimothyBlynJacobs.
Fixes #46723.

Built from https://develop.svn.wordpress.org/trunk@47361


git-svn-id: http://core.svn.wordpress.org/trunk@47148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 15:20:08 +00:00
K. Adam White 8faf366ab9 REST API: Apply all relevant block rendering filters when rendering block previews.
Several filters were introduced to the render_block method since the initial implementation of the block-renderer/ endpoints, causing the output of those endpoints to diverge from the rendered content of blocks on the frontend.

Props kadamwhite, TimothyBlynJacobs, miinasikk.
Fixes #49387.

Built from https://develop.svn.wordpress.org/trunk@47360


git-svn-id: http://core.svn.wordpress.org/trunk@47147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 15:05:06 +00:00
TimothyBlynJacobs 5031baa32b REST API: Don't assume all item schemas have properties.
All schema types, not just objects, are permitted as the base type of a resource. A future patch could add validation support for those types, but this fix only prevents a PHP warning from being issued.

Props dhavalkasvala, johnwatkins0, birgire.
Fixes #48785.

Built from https://develop.svn.wordpress.org/trunk@47328


git-svn-id: http://core.svn.wordpress.org/trunk@47122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-20 16:58:06 +00:00
Sergey Biryukov 61986acde9 Users: Limit the scope of admin files required in `WP_REST_Users_Controller`.
This requires only `wp-admin/includes/user.php` for `get_editable_roles()`, instead of `wp-admin/includes/admin.php`.

Follow-up to [43589].

Props johnwatkins0.
Fixes #49450.
Built from https://develop.svn.wordpress.org/trunk@47299


git-svn-id: http://core.svn.wordpress.org/trunk@47099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 05:33:06 +00:00
Sergey Biryukov 8f877dc875 Docs: Improve inline comments for `require_once` calls in `WP_REST_Users_Controller` per the documentation standards.
Follow-up to [47295].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47298


git-svn-id: http://core.svn.wordpress.org/trunk@47098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:56:06 +00:00
Sergey Biryukov 97380ec1ce Docs: Fix typo in a comment in `WP_REST_Attachments_Controller::create_item()`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47297


git-svn-id: http://core.svn.wordpress.org/trunk@47097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:30:04 +00:00
Sergey Biryukov 1d5d5b3e87 REST API: Restore `wp-admin/includes/image.php` requirement in `WP_REST_Attachments_Controller::create_item()`.
Although the file is already included via the `::insert_attachment()` method, this addresses an inconsistency and corrects a misleading comment.

It also reduces the possibility of a future error in case `::insert_attachment()` is no longer called earlier in `::create_item()` at some point.

Follow-up to [43850] and [44206].

Props luisrivera.
Fixes #49449.
Built from https://develop.svn.wordpress.org/trunk@47296


git-svn-id: http://core.svn.wordpress.org/trunk@47096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:24:07 +00:00
Sergey Biryukov 445e2859ab Docs: Improve inline comments for `require_once()` calls in `WP_REST_Attachments_Controller`.
See #49449, #48303.
Built from https://develop.svn.wordpress.org/trunk@47295


git-svn-id: http://core.svn.wordpress.org/trunk@47095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:13:05 +00:00
K. Adam White c85c8f5235 REST API: Introduce rest_{$this->post_type}_item_schema filter to enable manipulation of schema values.
register_rest_field can be used to add properties to a schema, but no mechanism existed to alter existing properties like "content".
Running the schema through this filter lets plugins append additional sub-properties to existing schema definitions.

Props luisherranz, TimothyBlynJacobs, swissspidy, westonruter, kadamwhite.
Fixes #47779.


Built from https://develop.svn.wordpress.org/trunk@47265


git-svn-id: http://core.svn.wordpress.org/trunk@47065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 16:28:06 +00:00
K. Adam White 12709269c1 REST API: Allow meta to be set when creating a new media record via REST.
Props TimothyBlynJacobs, apermo.
Fixes #44567.

Built from https://develop.svn.wordpress.org/trunk@47261


git-svn-id: http://core.svn.wordpress.org/trunk@47061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 03:39:06 +00:00