WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
WordPress/wp-includes
History
Gary Pendergast 26f6aeaeea REST API: Declare user capabilities using JSON Hyper Schema's "targetSchema". 
There are a variety of operations a WordPress user can only perform if they have the correct capabilities. A REST API client should only display UI for one of these operations if the WordPress user can perform the operation.

Rather than requiring REST API clients to calculate whether to display UI based on potentially complicated combinations of user capabilities, `targetSchema` allows us to expose a single flag to show whether the corresponding UI should be displayed.

This change also includes flags on post objects for the following actions:

- `action-publish`: The current user can publish this post.
- `action-sticky`: The current user can make this post sticky, and the post type supports sticking.
- `action-assign-author': The current user can change the author on this post.
- `action-assign-{$taxonomy}`: The current user can assign terms from the "$taxonomy" taxonomy to this post.
- `action-create-{$taxonomy}`: The current user can create terms int the "$taxonomy" taxonomy.

Merges [43437] to the 4.9 branch.

Props TimothyBlynJacobs, danielbachhuber.
Fixes #44287.


Built from https://develop.svn.wordpress.org/branches/4.9@43438


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 		2018-07-11 09:21:29 +00:00
..
ID3 Media: update the `getID3` library to version `1.9.14` to avoid fatal errors in PHP7. 2017-07-31 19:50:45 +00:00
IXR XML-RPC: Add default values to IXR_Message for PHP 7.2 compatibility to avoid PHP Warnings. 2018-03-08 19:56:40 +00:00
Requests
SimplePie
Text External Libraries: Remove usage of `each()` from the `Text_Diff_Engine_native` class. 2017-10-26 12:52:53 +00:00
certificates
css Privacy: Reposition pointer to ensure dismiss link is always visible. 2018-05-14 14:00:26 +00:00
customize Customize: Correct closing tag in `WP_Customize_Theme_Control::content_template()`. 2018-05-04 01:05:26 +00:00
fonts
images
js Privacy: add default text for a privacy policy including a tutorial on now to create one. 2018-05-03 17:59:30 +00:00
pomo I18N: Fix a PHP error introduced in [41722]. 2017-10-04 02:12:46 +00:00
random_compat Avoid PHP Linting errors in the Random_Compat library under PHP7. 2017-12-01 03:07:42 +00:00
rest-api REST API: Declare user capabilities using JSON Hyper Schema's "targetSchema". 2018-07-11 09:21:29 +00:00
theme-compat Embeds: Avoid "Division by zero" warning in `embed-content.php` template if a thumbnail has a zero height. 2017-10-18 15:09:48 +00:00
widgets Customize: Ensure media playlists get initialized after selective refresh; expose new `wp.playlist.initialize()` API. 2018-01-30 14:56:41 +00:00
admin-bar.php Users: Remove some links to the dashboard from My Sites for users who cannot access it. 2017-10-09 15:22:46 +00:00
atomlib.php General: Remove most uses of create_function() 2016-12-13 01:49:39 +00:00
author-template.php Editor: Add CodeMirror-powered code editor with syntax highlighting, linting, and auto-completion. 2017-09-13 06:08:47 +00:00
bookmark-template.php
bookmark.php General: Use interpolation instead of concatenation for all dynamic hook names. 2016-12-14 04:18:42 +00:00
cache.php Docs: Standardise the format used for documenting parameters passed by reference. 2017-10-02 22:14:46 +00:00
canonical.php Canonical: Strip trailing punctuation from permalinks. 2017-10-24 14:18:48 +00:00
capabilities.php Privacy: Require `manage_privacy_options` to edit policy page. 2018-05-15 20:59:25 +00:00
category-template.php Taxonomy: Restore deprecated argument to `term_description()` signature. 2017-12-22 02:50:39 +00:00
category.php I18N: Merge similar strings in `_deprecated_argument()` calls. 2017-01-29 11:50:41 +00:00
class-IXR.php
class-feed.php Load: Re-add `class-feed.php`. 2016-12-03 03:30:42 +00:00
class-http.php Docs: Correct type and description for the `$data` parameter in `WP_Http::browser_redirect_compatibility()`. 2017-10-18 16:38:48 +00:00
class-json.php
class-oembed.php Embeds: Add oEmbed support for someecards.com. 2017-10-02 19:10:49 +00:00
class-phpass.php
class-phpmailer.php Update PHPMailer to 5.2.22. 2017-01-11 01:23:41 +00:00
class-pop3.php
class-requests.php
class-simplepie.php
class-smtp.php Update PHPMailer to 5.2.22. 2017-01-11 01:23:41 +00:00
class-snoopy.php
class-walker-category-dropdown.php Docs: Standardise the format used for documenting parameters passed by reference. 2017-10-02 22:14:46 +00:00
class-walker-category.php Docs: Standardise the format used for documenting parameters passed by reference. 2017-10-02 22:14:46 +00:00
class-walker-comment.php Docs: Standardise the format used for documenting parameters passed by reference. 2017-10-02 22:14:46 +00:00
class-walker-nav-menu.php Menus: Remove an extra space in the `<ul>` tag in `Walker_Nav_Menu::start_lvl()`. 2017-10-20 10:40:46 +00:00
class-walker-page-dropdown.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-walker-page.php Docs: Standardise the format used for documenting parameters passed by reference. 2017-10-02 22:14:46 +00:00
class-wp-admin-bar.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-ajax-response.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-comment-query.php Docs: Remove `&` prefixes from parameter documentation to avoid doc parsing errors. 2017-10-02 22:03:33 +00:00
class-wp-comment.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-customize-control.php Customize: Deprecate nav menu classes that are no longer used, instead of removing them immediately. 2017-10-28 05:48:47 +00:00
class-wp-customize-manager.php General: Replace `Cheatin’ uh?` with friendlier error messages. 2018-03-09 00:15:42 +00:00
class-wp-customize-nav-menus.php Customize: Include nav menu item for Home custom link in search results for "Home". 2018-01-30 14:46:40 +00:00
class-wp-customize-panel.php Accessibility: CodeMirror editing areas minor improvements. 2017-09-24 16:00:46 +00:00
class-wp-customize-section.php Customize: Deprecate nav menu classes that are no longer used, instead of removing them immediately. 2017-10-28 05:48:47 +00:00
class-wp-customize-setting.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-customize-widgets.php Widgets: Rename "Custom Menu" widget to "Navigation Menu". 2017-10-15 22:23:47 +00:00
class-wp-dependency.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-editor.php TinyMCE: switch off concatenation when a custom TinyMCE theme is used. Prevents conflict with the default theme as it loads first. 2018-05-10 19:54:25 +00:00
class-wp-embed.php Embeds: Improve consistency of update and refresh logic for oEmbed caching between `oembed_cache` and post meta. 2017-10-24 23:10:48 +00:00
class-wp-error.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-feed-cache-transient.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-feed-cache.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-hook.php Docs: Use correct order of arguments in the DocBlock for `WP_Hook::has_filter()`. 2017-09-21 10:00:48 +00:00
class-wp-http-cookie.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-http-curl.php I18N: Replace function name in error message in `WP_Http_Curl::request()` and `WP_Http_Streams::request()` with a placeholder. 2017-10-18 15:04:51 +00:00
class-wp-http-encoding.php
class-wp-http-ixr-client.php
class-wp-http-proxy.php
class-wp-http-requests-hooks.php Docs: Remove superfluous `@package WordPress` and `@subpackage` notations used outside of file headers in a variety of core files. 2017-07-01 16:58:42 +00:00
class-wp-http-requests-response.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-http-response.php HTTP API: Use `WP_HTTP_Response::set_data()` in `::__construct()` instead of directly accessing the `$data` property. 2017-10-03 15:18:46 +00:00
class-wp-http-streams.php I18N: Replace function name in error message in `WP_Http_Curl::request()` and `WP_Http_Streams::request()` with a placeholder. 2017-10-18 15:04:51 +00:00
class-wp-image-editor-gd.php Media: Rename several attachment related parameters from `$post_id` to `$attachment_id` for clarity, and improve related 2017-08-22 11:12:44 +00:00
class-wp-image-editor-imagick.php Media: Rename several attachment related parameters from `$post_id` to `$attachment_id` for clarity, and improve related 2017-08-22 11:12:44 +00:00
class-wp-image-editor.php Media: Rename several attachment related parameters from `$post_id` to `$attachment_id` for clarity, and improve related 2017-08-22 11:12:44 +00:00
class-wp-list-util.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-locale-switcher.php General: Improve terminology used when referring to installations of WordPress and its extensions. 2017-08-22 11:52:48 +00:00
class-wp-locale.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-matchesmapregex.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-meta-query.php Docs: Standardise the format used for documenting parameters passed by reference. 2017-10-02 22:14:46 +00:00
class-wp-metadata-lazyloader.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-network-query.php Multisite: Document all return types in get_networks(). 2017-10-18 18:13:50 +00:00
class-wp-network.php Multisite: Pass network object instead of ID to `pre_get_main_site_id`. 2017-10-30 19:56:47 +00:00
class-wp-oembed-controller.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-post-type.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-post.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-query.php Query: Fix warning on counting non countable 2018-01-24 21:44:42 +00:00
class-wp-rewrite.php Docs: Standardise the format used for documenting parameters passed by reference. 2017-10-02 22:14:46 +00:00
class-wp-role.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-roles.php Multisite: Improve initializing available roles when switch sites. 2017-09-27 21:44:44 +00:00
class-wp-session-tokens.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-simplepie-file.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-simplepie-sanitize-kses.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-site-query.php Multisite: Document all return types in `get_sites()`. 2017-10-18 17:39:46 +00:00
class-wp-site.php Multisite: Revert [41719]. 2017-10-16 22:29:48 +00:00
class-wp-tax-query.php Docs: Standardise the format used for documenting parameters passed by reference. 2017-10-02 22:14:46 +00:00
class-wp-taxonomy.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-term-query.php Taxonomy: Improve cache handling when querying for terms using `all_with_object_id`. 2018-05-25 01:26:29 +00:00
class-wp-term.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-text-diff-renderer-inline.php
class-wp-text-diff-renderer-table.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-theme.php Themes: Introduce `theme_templates` filter for page templates of all post types. 2018-04-29 22:45:24 +00:00
class-wp-user-meta-session-tokens.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-user-query.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-user.php Multisite: Initialize a user's roles correctly when setting them up for a different site. 2017-09-27 21:10:45 +00:00
class-wp-walker.php Docs: Standardise the format used for documenting parameters passed by reference. 2017-10-02 22:14:46 +00:00
class-wp-widget-factory.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class-wp-widget.php Docs: Standardise the format used for documenting parameters passed by reference. 2017-10-02 22:14:46 +00:00
class-wp-xmlrpc-server.php General: Replace `Cheatin’ uh?` with friendlier error messages. 2018-03-09 00:15:42 +00:00
class-wp.php Docs: Remove `&` prefixes from parameter documentation to avoid doc parsing errors. 2017-10-02 22:03:33 +00:00
class.wp-dependencies.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
class.wp-scripts.php Docs: Remove `&` prefixes from parameter documentation to avoid doc parsing errors. 2017-10-02 22:03:33 +00:00
class.wp-styles.php Docs: Remove `&` prefixes from parameter documentation to avoid doc parsing errors. 2017-10-02 22:03:33 +00:00
comment-template.php Docs: Document the `cookies` default comment field added in [42772]. 2018-05-21 13:17:25 +00:00
comment.php Privacy: Escape comment URLs in personal export file to prevent XSS. 2018-05-15 14:08:29 +00:00
compat.php General: In the `is_countable()` polyfill, if the provided object implements `SimpleXMLElement` or `ResourceBundle`, consider it countable. 2018-05-10 17:59:25 +00:00
cron.php Docs: Use third-person singular verbs in the summaries for `wp_unschedule_hook()` and `wp_clear_scheduled_hook()`. 2017-06-30 04:54:41 +00:00
date.php Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes. 2017-07-27 00:41:44 +00:00
default-constants.php Docs: Document `$wp_version` global in `wp_initial_constants()`. 2017-10-20 22:04:56 +00:00
default-filters.php Privacy: Update request confirmation notice text for clarity. 2018-05-10 21:05:26 +00:00
default-widgets.php Widgets: Introduce Gallery widget for displaying image galleries. 2017-09-25 06:28:45 +00:00
deprecated.php General: Correct `_deprecated_function()` calls in `debug_fopen()`, `debug_fwrite()`, and `debug_fclose()`. 2017-10-07 00:40:52 +00:00
embed-template.php
embed.php Customize: Introduce a new experience for discovering, installing, and previewing themes within the customizer. 2017-09-29 20:13:50 +00:00
feed-atom-comments.php Feeds: Do not translate the `lastBuildDate` field in RSS feeds. 2016-12-16 06:39:41 +00:00
feed-atom.php Feeds: Do not translate the `lastBuildDate` field in RSS feeds. 2016-12-16 06:39:41 +00:00
feed-rdf.php
feed-rss.php
feed-rss2-comments.php Feeds: Do not translate the `lastBuildDate` field in RSS feeds. 2016-12-16 06:39:41 +00:00
feed-rss2.php Feeds: Replace the RSS2 `lastBuildDate` date field with the `r` date specifier. 2016-12-16 06:42:40 +00:00
feed.php Hardening: Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds. 2017-11-29 16:11:38 +00:00
formatting.php Emoji: Update Emoji browser support tests for Twemoji v2.4.0 2018-01-24 22:05:39 +00:00
functions.php Media: Limit thumbnail file deletions to the same directory as the original file. 2018-07-05 14:45:31 +00:00
functions.wp-scripts.php
functions.wp-styles.php
general-template.php Template: Make sure the version string is correctly escaped for use in attributes. 2018-04-03 16:05:39 +00:00
http.php HTTP: Don't treat `localhost` as same host by default. 2018-04-03 15:35:41 +00:00
kses.php Formatting: Avoid a PHP 7.2 warning in `wp_kses_attr()` when one of `$allowedtags` elements is an uncountable value. 2018-03-20 21:37:41 +00:00
l10n.php I18N: Make sure `wp_dropdown_languages()` does not print out empty `name` and `id` attributes. 2017-10-04 15:23:46 +00:00
link-template.php Privacy: Add template tags for building link to privacy policy page. 2018-05-02 03:39:27 +00:00
load.php Docs: Document `$ini_all` staticvar in `wp_is_ini_value_changeable()`. 2017-10-18 19:54:48 +00:00
locale.php Load: No-op `locale.php` 2016-12-03 04:16:38 +00:00
media-template.php Media: avoid page scrolling when opening the media modal. 2018-01-31 23:55:41 +00:00
media.php Privacy: Store plugin callbacks in associative array for flexibility. 2018-05-03 19:38:27 +00:00
meta.php Database: Restore numbered placeholders in `wpdb::prepare()`. 2017-10-31 12:00:49 +00:00
ms-blogs.php Multisite: Document all return types in get_networks(). 2017-10-18 18:13:50 +00:00
ms-default-constants.php Multisite: Use `get_current_blog_id()` instead of `$wpdb->blogid`. 2017-10-02 01:44:47 +00:00
ms-default-filters.php Multisite: Only update a site's `post` count when post types of `post` are updated. 2017-10-02 03:09:44 +00:00
ms-deprecated.php Docs: Correct some `@since MU` notation that was broken in [41200]. 2017-10-03 17:44:48 +00:00
ms-files.php
ms-functions.php Email: Don't send notifications for site or network admin email address change to the default 'admin_email' value. 2018-01-23 13:47:40 +00:00
ms-load.php Multisite: Use `WP_Network_Query` in `ms_load_current_site_and_network()`. 2017-10-03 19:26:49 +00:00
ms-settings.php Multisite: Explicitly globalize global variables in `ms-settings.php`. 2017-10-16 17:06:48 +00:00
nav-menu-template.php Menus: Make sure `current-menu-parent` and `current-menu-ancestor` classes are properly set for parent items of post type archive submenu items. 2017-07-05 21:31:44 +00:00
nav-menu.php Menus: Add `menu-$i` slugs to mapping groups 2017-10-25 22:29:49 +00:00
option.php Transients: After [41963], add missing cron task for `delete_expired_transients()`. 2017-10-24 23:00:47 +00:00
pluggable-deprecated.php
pluggable.php Posts, Post Types: Clear post password cookie when logging out. 2018-06-28 02:31:05 +00:00
plugin.php Revert "Add `wp.hooks` - JavaScript actions and filters." 2017-10-04 20:25:49 +00:00
post-formats.php Docs: Improve the return description for `get_post_format_slugs()` to note that the array contains slugs as both keys and values. 2017-08-20 20:03:54 +00:00
post-template.php I18N: Allow for post custom field name in `the_meta()` to be translated, e.g. to insert a non-breaking space before the colon. 2017-09-24 11:28:46 +00:00
post-thumbnail-template.php Post Thumbnails: Pass post ID to `post_thumbnail_size` filter. 2017-08-18 18:19:44 +00:00
post.php Media: Limit thumbnail file deletions to the same directory as the original file. 2018-07-05 14:45:31 +00:00
query.php Docs: Correct $id parameter type for old_slug_redirect_post_id filter. 2018-04-29 22:37:28 +00:00
registration-functions.php
registration.php
rest-api.php REST API: Don’t remove unregistered properties from objects in schema. 2017-10-24 21:05:49 +00:00
revision.php Docs: Improve the documentation for parameters which accept `OBJECT`, `ARRAY_A`, and `ARRAY_N` as parameters. 2016-11-09 23:00:32 +00:00
rewrite.php Rewrite: In `url_to_postid()`, bail early if the URL does not belong to the site. 2017-10-06 23:29:51 +00:00
rss-functions.php
rss.php
script-loader.php Privacy: Use the terms "erase"/"erasure" instead of "remove"/"removal" for personal data. 2018-05-07 16:46:26 +00:00
session.php Load: Re-add `session.php`. 2016-12-03 03:51:41 +00:00
shortcodes.php Docs: Fix a typo in the DocBlock description for `add_shortcode()` introduced in [41281]. 2017-08-20 20:38:42 +00:00
spl-autoload-compat.php General: Move the `__autoload()` compat function into its own file to prevent deprecated notices being thrown by the compiler in PHP 7.2. 2017-07-28 01:15:52 +00:00
taxonomy.php Taxonomy: After [40984], add the `most_used` label for non-hierarchical taxonomies too, and use it on the Menus screen. 2017-10-24 11:23:24 +00:00
template-loader.php
template.php Docs: Don't reference non-existent hooks inline in the DocBlock descriptions for the following template functions: 2017-06-29 16:05:41 +00:00
theme.php Themes: Avoid a PHP 7.2 warning in `get_theme_roots()` when `$wp_theme_directories` is an uncountable value. 2018-04-30 04:55:26 +00:00
update.php Updates: Partially revert [42584], as this branch of code should always be run after a core update check. 2018-02-06 12:47:42 +00:00
user.php Security: Harden the random aspect of the hash used for user profile and admin email address changes. 2018-06-28 02:39:07 +00:00
vars.php General: Introduce a `wp_is_mobile` filter for controlling whether a request should be treated as coming from a mobile device. 2017-06-15 12:05:42 +00:00
version.php REST API: Declare user capabilities using JSON Hyper Schema's "targetSchema". 2018-07-11 09:21:29 +00:00
widgets.php Widgets: Allow basic inline tags in `wp_sidebar_description()`. 2018-05-21 12:43:27 +00:00
wlwmanifest.xml
wp-db.php WPDB: Use a PCRE syntax which supports PCRE compiled between 2003 and 2006. 2018-01-23 03:40:42 +00:00
wp-diff.php