Rachel Baker
d87fe366a9
REST API: Set the comment `type` to a readonly property in the schema.
...
Document the type property as `readonly` and remove the default value. After #38820 it is no longer possible to set the type property on a comment to anything a custom type.
Props jnylen0, rachelbaker.
Fixes #38886 .
Built from https://develop.svn.wordpress.org/trunk@39337
git-svn-id: http://core.svn.wordpress.org/trunk@39277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 22:56:30 +00:00
Ryan McCue
ca9f71e9b2
REST API: Correctly map meta keys to field names.
...
This accidentally assumed $name was the same as $meta_key, which ruined the whole point of $name.
Props tharsheblows, joehoyle.
Fixes #38786 .
Built from https://develop.svn.wordpress.org/trunk@39328
git-svn-id: http://core.svn.wordpress.org/trunk@39268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 05:41:30 +00:00
Ryan McCue
4e05ff6a11
REST API: Disable anonymous commenting by default.
...
Adding a brand new anonymous comment method is a potential conduit for spam. Since it's still useful functionality, we're now hiding it behind a filter to allow plugins and themes to turn it on if they do want it.
Props helen, rachelbaker, joehoyle.
Fixes #38855 .
Built from https://develop.svn.wordpress.org/trunk@39327
git-svn-id: http://core.svn.wordpress.org/trunk@39267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 05:32:33 +00:00
Joe Hoyle
5b97952cab
REST API: Merge two error messages for edit / update.
...
Props ramiy.
Fixes #38879 .
Built from https://develop.svn.wordpress.org/trunk@39322
git-svn-id: http://core.svn.wordpress.org/trunk@39262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-20 22:36:31 +00:00
Sergey Biryukov
9b23ccfc29
REST API: Update error messages in `WP_REST_Comments_Controller` to use the common text for permission errors.
...
Props ramiy.
Fixes #38875 .
Built from https://develop.svn.wordpress.org/trunk@39321
git-svn-id: http://core.svn.wordpress.org/trunk@39261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-20 11:46:34 +00:00
Sergey Biryukov
4811484433
REST API: Merge some more permission error strings missed in [39309].
...
See #38857 .
Built from https://develop.svn.wordpress.org/trunk@39313
git-svn-id: http://core.svn.wordpress.org/trunk@39253 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-19 02:21:31 +00:00
Sergey Biryukov
dca7d8d0ea
Text Changes: Merge strings referring to `list_users` capability.
...
See #38857 .
Built from https://develop.svn.wordpress.org/trunk@39312
git-svn-id: http://core.svn.wordpress.org/trunk@39252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-19 02:16:30 +00:00
Sergey Biryukov
a1f285641f
REST API: After [39306], move `author_ip` argument to the correct place.
...
See #38822 .
Built from https://develop.svn.wordpress.org/trunk@39310
git-svn-id: http://core.svn.wordpress.org/trunk@39250 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-19 01:51:30 +00:00
Sergey Biryukov
5ded4db04c
REST API: Merge and clarify some permission error strings.
...
Fixes #38857 .
Built from https://develop.svn.wordpress.org/trunk@39309
git-svn-id: http://core.svn.wordpress.org/trunk@39249 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-19 01:46:32 +00:00
Sergey Biryukov
4afa19184a
REST API: After [39302], clarify `author_ip` parameter in error message.
...
Properties of objects should not be translated, and therefore are pulled out of the translation strings.
Props ramiy.
Fixes #38822 .
Built from https://develop.svn.wordpress.org/trunk@39306
git-svn-id: http://core.svn.wordpress.org/trunk@39246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-19 01:06:30 +00:00
Sergey Biryukov
0f31b1da72
REST API: Merge two similar permission error strings in `class-wp-rest-comments-controller.php`.
...
We're checking if `current_user_can( 'moderate_comments' )` here, not the specific comment permissions.
See #38857 .
Built from https://develop.svn.wordpress.org/trunk@39305
git-svn-id: http://core.svn.wordpress.org/trunk@39245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-19 00:10:31 +00:00
Sergey Biryukov
9cb0a09d1f
REST API: Merge two similar permission error strings.
...
Props ramiy.
Fixes #38857 .
Built from https://develop.svn.wordpress.org/trunk@39304
git-svn-id: http://core.svn.wordpress.org/trunk@39244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 23:53:30 +00:00
Rachel Baker
0fdb955ce8
REST API: On Comment create, limit the ability to set the `author_ip` value directly.
...
Users without the moderate_comments capability can no longer set the `author_ip` property directly, and instead receive a `WP_Error` if they attempt to do so. Otherwise, the `author_ip property` is populated from `$_SERVER['REMOTE_ADDR']` if present and a valid IP value. Finally, fallback to 127.0.0.1 as a last resort.
Props dd32, rachelbaker, joehoyle.
Fixes #38819 .
Built from https://develop.svn.wordpress.org/trunk@39302
git-svn-id: http://core.svn.wordpress.org/trunk@39242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 21:13:32 +00:00
Joe Hoyle
0c14c16ced
REST API: Clarify parameters when used in error strings.
...
Properties of objects should not be translated, and therefore are pulled out of the translation strings.
Props ocean90, ramiy, danielbachhuber.
Fixes #38822 .
Built from https://develop.svn.wordpress.org/trunk@39298
git-svn-id: http://core.svn.wordpress.org/trunk@39238 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 20:20:32 +00:00
Joe Hoyle
a38b863ae4
REST API: Change “ipv4” types to “ip” to support ipv6.
...
Stop presuming IP address are IPv4, instead make the type “ip” to be agnostic of IP version. This fixes requests with ipv6 addresses for comments in core.
Props dd32, schlessera, danielbachhuber.
Fixes #38818 .
Built from https://develop.svn.wordpress.org/trunk@39296
git-svn-id: http://core.svn.wordpress.org/trunk@39236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 19:33:31 +00:00
Joe Hoyle
81c5b03029
REST API: Check read permissions on posts when viewing comments.
...
With a few tests for getting / creating comments to reflect core behaviour.
Props timmyc.
Built from https://develop.svn.wordpress.org/trunk@39295
git-svn-id: http://core.svn.wordpress.org/trunk@39235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 19:07:30 +00:00
Rachel Baker
3f6131c2e6
REST API: Remove the `karma` property and query parameter from the Comments endpoints.
...
WordPress has not used the `karma` property internally for the past 8 years. There is no need to expose it in the REST API endpoints. Sites that use `karma` can include it using the `register_rest_field()` function.
Props dd32, danielbachhuber.
Fixes #38821 .
Built from https://develop.svn.wordpress.org/trunk@39292
git-svn-id: http://core.svn.wordpress.org/trunk@39232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 18:53:29 +00:00
Rachel Baker
191e085fa3
REST API: On comment create, return an error if the `type` property is set to anything other than `comment`.
...
Of the default comment_types, only comments are expected to be created via the REST API endpoint. Comments do not have registered types the way that Posts do, so we do not have a method to accurately check permissions for arbitrary comment types.
Props dd32, boonebgorges, rachelbaker.
Fixes #38820 .
Built from https://develop.svn.wordpress.org/trunk@39290
git-svn-id: http://core.svn.wordpress.org/trunk@39230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 18:37:30 +00:00
Rachel Baker
ccb4c7c8b9
REST API: Allow `parent` property to be explicitly set to `0` when creating or updating a Post.
...
Props lucasstark, danielbachhuber.
Fixes #38852 .
Built from https://develop.svn.wordpress.org/trunk@39289
git-svn-id: http://core.svn.wordpress.org/trunk@39229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 18:12:31 +00:00
Rachel Baker
735fa34d42
REST API: On comment create, return an error if the `post` parameter does not relate to a valid WP_Post object.
...
Return a `WP_Error` object for attempts to create a comment without an empty or invalid `post` ID.
Props dd32, jnylen0, rachelbaker.
Fixes #38816 .
Built from https://develop.svn.wordpress.org/trunk@39288
git-svn-id: http://core.svn.wordpress.org/trunk@39228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 16:56:30 +00:00
Rachel Baker
10bddfac39
REST API: On comment create, fallback to the `user_agent` header value.
...
If a user-agent is not explicitly provided in the `author_user_agent` parameter, fallback to the `user_agent` value in the request header.
Props dd32, jnylen0, rachelbaker.
Fixes #38817 .
Built from https://develop.svn.wordpress.org/trunk@39287
git-svn-id: http://core.svn.wordpress.org/trunk@39227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 16:22:33 +00:00
Sergey Biryukov
acc30b09d7
Text Changes: Merge some duplicate strings with the same meaning in error messages, adjust some other strings for consistency and accuracy.
...
Props ramiy, SergeyBiryukov.
Fixes #38808 .
Built from https://develop.svn.wordpress.org/trunk@39278
git-svn-id: http://core.svn.wordpress.org/trunk@39218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-17 15:53:33 +00:00
Sergey Biryukov
b92266a72b
REST API: After [39252] and [39264], uppercase some more 'ID' references in translatable strings.
...
See #38791 .
Built from https://develop.svn.wordpress.org/trunk@39266
git-svn-id: http://core.svn.wordpress.org/trunk@39206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-16 13:28:37 +00:00
Sergey Biryukov
ce74afdae2
REST API: Uppercase 'ID' in endpoint descriptions and error messages for consistency with other strings.
...
See #38791 .
Built from https://develop.svn.wordpress.org/trunk@39264
git-svn-id: http://core.svn.wordpress.org/trunk@39204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-16 12:18:33 +00:00
Sergey Biryukov
74c9f82ef2
REST API: Unify some more permission error messages.
...
Props ramiy.
Fixes #38803 .
Built from https://develop.svn.wordpress.org/trunk@39259
git-svn-id: http://core.svn.wordpress.org/trunk@39199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 23:36:31 +00:00
Sergey Biryukov
07cf16f7ba
REST API: Unify permission error messages.
...
Props ramiy.
Fixes #38803 .
Built from https://develop.svn.wordpress.org/trunk@39257
git-svn-id: http://core.svn.wordpress.org/trunk@39197 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 22:23:30 +00:00
Sergey Biryukov
9c2ea0b8c7
REST API: Remove two duplicate strings, use the ones we already have.
...
See #38791 .
Built from https://develop.svn.wordpress.org/trunk@39252
git-svn-id: http://core.svn.wordpress.org/trunk@39192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 20:40:29 +00:00
Sergey Biryukov
cc14606094
REST API: Unify permission error messages.
...
Props ramiy.
See #38791 , #34521 .
Built from https://develop.svn.wordpress.org/trunk@39251
git-svn-id: http://core.svn.wordpress.org/trunk@39191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 20:37:32 +00:00
Joe Hoyle
d049f72459
REST API: Clean up argument and property types.
...
There's a couple of places where we were missing type notes for arguments, which mainly affects documentation.
Props jnylen0.
Fixes #38792 .
Built from https://develop.svn.wordpress.org/trunk@39250
git-svn-id: http://core.svn.wordpress.org/trunk@39190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 18:16:30 +00:00
Sergey Biryukov
65fb74561b
REST API: After [39238] and [39239], move the remaining translator comments to preceding line.
...
See #38791 .
Built from https://develop.svn.wordpress.org/trunk@39245
git-svn-id: http://core.svn.wordpress.org/trunk@39185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 13:07:33 +00:00
Ryan McCue
0f5a44e093
REST API: Move translator comments to preceding line.
...
Inline translator comments break POT file generation.
Props dd32.
See #38791 .
Built from https://develop.svn.wordpress.org/trunk@39239
git-svn-id: http://core.svn.wordpress.org/trunk@39179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 05:39:32 +00:00
Ryan McCue
705f17cea2
REST API: Add translator comments to text with placeholders.
...
Props dimadin.
Fixes #38791 .
Built from https://develop.svn.wordpress.org/trunk@39238
git-svn-id: http://core.svn.wordpress.org/trunk@39178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 04:28:31 +00:00
Joe Hoyle
a4fa8c528f
REST API: Make all collection params filterable.
...
For developers wanting to add their own registered collection parameters, they can now use the `rest_$type_collection_params` filter. This brings consistency with the already existing `rest_$post_type_collection_params`.
Fixes #38710 .
Props jnylen0.
Built from https://develop.svn.wordpress.org/trunk@39223
git-svn-id: http://core.svn.wordpress.org/trunk@39163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-14 16:42:31 +00:00
Joe Hoyle
5c90d9ed8e
REST API: Validate and Sanitize registered meta based off the schema.
...
With the addition of Array support in our schema validation functions, it's now possible to use these in the meta validation and sanitization steps. Also, this increases the test coverage of using registered via meta the API significantly.
Fixes #38531 .
Props rachelbaker, tharsheblows.
Built from https://develop.svn.wordpress.org/trunk@39222
git-svn-id: http://core.svn.wordpress.org/trunk@39162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-14 16:36:33 +00:00
Ryan McCue
65664731e9
REST API: Improve validation for usernames and passwords.
...
Also improves the slashing of user data in the REST API to avoid data loss.
Props jnylen0.
Fixes #38739 .
Built from https://develop.svn.wordpress.org/trunk@39219
git-svn-id: http://core.svn.wordpress.org/trunk@39159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-14 07:13:31 +00:00
Joe Hoyle
f325af9caa
REST API: Allow updating a comment without the content present.
...
For all resources in the REST API, sending partial updates is supported. This fixes needing to _always_ specify comment content.
Props jnylen.
Fixes #38720 .
Built from https://develop.svn.wordpress.org/trunk@39196
git-svn-id: http://core.svn.wordpress.org/trunk@39136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-10 03:35:30 +00:00
Joe Hoyle
3138878aa5
REST API: Use wp_slash rather than addslashes.
...
See #38726 .
Props dd32.
Built from https://develop.svn.wordpress.org/trunk@39192
git-svn-id: http://core.svn.wordpress.org/trunk@39132 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-10 02:39:30 +00:00
Joe Hoyle
67da42825e
REST API: Add `rest_base` to response objects of `wp/v2/taxonomies` and `wp/v2/types`
...
Though we have the `_links.collection` available, having this value can be useful to know post type / taxonomy urls if you need to build them another way.
Props youknowriad, jnylen0.
Fixes #38607 .
Built from https://develop.svn.wordpress.org/trunk@39191
git-svn-id: http://core.svn.wordpress.org/trunk@39131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-10 02:21:30 +00:00
Joe Hoyle
e66d2478ee
REST API: `unfiltered_html` and slashing: terms.
...
Follow-up to #38609 and #38704 ; handle slashes correctly for taxonomy terms.
Props westonruter, jnylen0.
Fixes #38726 , see #38609 .
Built from https://develop.svn.wordpress.org/trunk@39190
git-svn-id: http://core.svn.wordpress.org/trunk@39130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-10 02:10:30 +00:00
Ryan McCue
a2bbbddb9e
REST API: Include template in all post type schemas.
...
[38951] added templates to all post types, but didn't add them to the schema.
Props swissspidy.
Fixes #38698 .
Built from https://develop.svn.wordpress.org/trunk@39182
git-svn-id: http://core.svn.wordpress.org/trunk@39122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-09 07:12:32 +00:00
Ryan McCue
3a449ea543
Roles/Capabilities: Add meta-caps for comment, term, and user meta.
...
Additionally, use these meta-caps in the REST API endpoints.
Previously, register_meta()'s auth_callback had no effect for non-post meta. This introduces `{add,edit,delete}_{comment,term,user}_meta` meta-caps to match the existing post meta capabilities. These are currently only used in the REST API.
Props tharsheblows, boonebgorges.
Fixes #38303 , fixes #38412 .
Built from https://develop.svn.wordpress.org/trunk@39179
git-svn-id: http://core.svn.wordpress.org/trunk@39119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-09 03:42:30 +00:00
Ryan McCue
4060c68f85
REST API: Fire correct hooks when creating users on multiste.
...
`add_user_to_blog()` is now called, ensuring the correct hooks are called, along with setting the primary blog and clearing relevant caches.
Props jeremyfelt.
Fixes #38526 .
Built from https://develop.svn.wordpress.org/trunk@39177
git-svn-id: http://core.svn.wordpress.org/trunk@39117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-09 01:35:30 +00:00
Pascal Birchler
548ac82b06
I18N: Add ability to change user's locale back to site's locale.
...
Previously there was no way to remove the user locale setting again, even though that might be desirable.
This adds a new 'Site Default' option to the user-specific language setting by introducing a new `show_site_locale_default` argument to `wp_dropdown_languages()`.
Props ocean90.
See #29783 .
Fixes #38632 .
Built from https://develop.svn.wordpress.org/trunk@39169
git-svn-id: http://core.svn.wordpress.org/trunk@39109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 23:01:31 +00:00
Joe Hoyle
c15065dddf
REST API: Remove get_allowed_query_vars() now `filter` is gone.
...
Now all public query vars are not supoprted via `?filter` in the REST API, we can remove the get_allowed_query_vars() method and filter. To provide developers with a good altnerative to `filter`, the `"rest_{$this->post_type}_collection_params"` filter has been added.
Props rmccue, rachelbacker, danielbachhuber.
Fixes #38629 .
Built from https://develop.svn.wordpress.org/trunk@39162
git-svn-id: http://core.svn.wordpress.org/trunk@39102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 14:08:32 +00:00
Joe Hoyle
8de95582e2
REST API: Remove rest_get_post filter and `get_post` abstraction.
...
This filter was originally introduced in https://github.com/WP-API/WP-API/pull/2535 to support Customizer Changesets (née Transactions). This is a super broad filter and doesn't really fit with the design of the API, nor is it (arguably) the right level to do this.
Props rmccue.
Fixes #38701 .
Built from https://develop.svn.wordpress.org/trunk@39161
git-svn-id: http://core.svn.wordpress.org/trunk@39101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 13:09:33 +00:00
Ryan McCue
caabc52753
REST API: Respect unfiltered_html for HTML comment fields.
...
Same as [39155], but for comments, natch.
Props jnylen0.
Fixes #38704 , see #38609 .
Built from https://develop.svn.wordpress.org/trunk@39157
git-svn-id: http://core.svn.wordpress.org/trunk@39097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 06:36:31 +00:00
Ryan McCue
f1975b18ea
REST API: Respect unfiltered_html for HTML post fields.
...
This necessitates a change to our slashing code as well. Ah slashing, the cause of, and solution to, all of life's problems.
Props jnylen0.
Fixes #38609 .
Built from https://develop.svn.wordpress.org/trunk@39155
git-svn-id: http://core.svn.wordpress.org/trunk@39095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 05:55:32 +00:00
Ryan McCue
8760c9a91d
REST API: Change attachment caption & description to objects.
...
Just like excerpt and content for regular posts, these have transformations applied that can make the content significantly different from the raw value.
Props jnylen0.
Fixes #38679 .
Built from https://develop.svn.wordpress.org/trunk@39154
git-svn-id: http://core.svn.wordpress.org/trunk@39094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 04:29:32 +00:00
Rachel Baker
5564716a07
REST API: Modify the structure of our DELETE responses to be more explicit.
...
Add the `deleted` property to the root of the Response object to communicate if the delete action was successful. Move the state of the resource prior to the delete request under a new `previous` property. As a result DELETE responses are now structured like so:
`{ deleted: true, previous: { ... } }`
Also includes helpful information to DELETE requests for resources that are not trashable.
Props timmydcrawford, rmccue, jnylen0.
Fixes #38494 .
Built from https://develop.svn.wordpress.org/trunk@39126
git-svn-id: http://core.svn.wordpress.org/trunk@39066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-04 17:11:29 +00:00
Ryan McCue
721cf281a3
REST API: Only provide JSON error code on PHP 5.3+.
...
json_last_error() was only added to PHP 5.3.0, so we can't provide the information for older versions.
See #38547 .
Built from https://develop.svn.wordpress.org/trunk@39111
git-svn-id: http://core.svn.wordpress.org/trunk@39053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 04:57:30 +00:00