Skip to content
This repository was archived by the owner on Sep 24, 2018. It is now read-only.

Commit b7864fe

Browse files
joehoylejoehoyle
committed
Merge branch 'develop' into settings-endpoint
2 parents 8dd4451 + d9bf7b4 commit b7864fe

15 files changed

Lines changed: 1041 additions & 165 deletions

CHANGELOG.md

Lines changed: 251 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,256 @@
11
# Changelog
22

3+
## 2.0 Beta 14.0 (September 30, 2016)
4+
5+
- Add support for password protected posts
6+
7+
Password protected posts are now fully supported, you can create edit and read password protected posts in the REST API. There is now a `protected` attribute in the `content` and `excerpt` fields in post response.
8+
9+
To view password protected posts via the API, use the `password` query parameter to provide the post's password.
10+
11+
(props @joehoyle, [#2720][gh-2720])
12+
13+
- Allow returning an error from field update callbacks
14+
15+
Fields added via `register_rest_field` can now return an instance of `WP_Error` in the `update_callback`.
16+
17+
(props @rmccue, [#2702][gh-2702])
18+
19+
- Update the wp-api.js client from the client-js repo.
20+
21+
(props @joehoyle, [#2746][gh-2746])
22+
23+
- Add `relevance` `orderby` to posts endpoint
24+
25+
(props @websupporter, [#2579][gh-2579])
26+
27+
- Ability to order by `slug`, `email` and `url` on the users endpoints.
28+
29+
(props @joehoyle, [#2721][gh-2721])
30+
31+
- Add `sticky` parameter to the posts endpoint.
32+
33+
(props @joehoyle, [#2708][gh-2708])
34+
35+
- Add link to comment children, allowing threaded comment querying
36+
37+
(props @BE-Webdesign, [#2662][gh-2662], [#1612][gh-1612])
38+
39+
- Avoid unnecessary SQL query by passing `$user_nicename`
40+
41+
(props @danielbachhuber, [#2435][gh-2435])
42+
43+
- Don't allow reading / creating of posts with no parent
44+
45+
(props @rachelbaker, [#2744][gh-2744])
46+
47+
- Mark Users' `capabilities` property as readonly
48+
49+
(props @danielbachhuber, [#2440][gh-2440])
50+
51+
- Mark some post properties as readonly
52+
53+
(props @danielbachhuber, [#2438][gh-2438], [#2439][gh-2439])
54+
55+
- Use WPINC instead of wp-includes/
56+
57+
(props @websupporter, [#2461][gh-2461])
58+
59+
- Return error, if user can't list users & content=edit
60+
61+
(props @websupporter, [#2463][gh-2463])
62+
63+
- Conditionally model the term response based on its schema
64+
65+
(props @danielbachhuber, [#2470][gh-2470])
66+
67+
- Include Post data on the response object when declared
68+
69+
(props @websupporter, [#2423][gh-2423], [#2416][gh-2416])
70+
71+
- Add boolean type support to rest_validate_request_arg()
72+
73+
(props @westonruter, [#2478][gh-2478])
74+
75+
- Fix create/update requests not processing data included in the schema
76+
77+
(props @websupporter, [#2479][gh-2479])
78+
79+
- Remove Unused Parameter in lib/endpoints/class-wp-rest-controller.php
80+
81+
(props @hideokamoto, [#2500][gh-2500])
82+
83+
- Update post schema status description to reflect csv support.
84+
85+
(props @coderkevin, [#2534][gh-2534])
86+
87+
- Allow Comments to be created with a passed `author_ip`
88+
89+
(props @rachelbaker, [#1880][gh-1880])
90+
91+
- The get_the_excerpt filter expects the post object as of WP 4.5.
92+
93+
(props @lgedeon, [#2553][gh-2553])
94+
95+
- Introduce WP_REST_Controller::get_post() for allowing plugins to mutate
96+
get_post()'s return value
97+
98+
(props @westonruter, [#2535][gh-2535])
99+
100+
- Use `show_in_rest` to determine "public" post types to check
101+
102+
(props @danielbachhuber, [#2384][gh-2384])
103+
104+
- #2426 Fix inconsistent type for user caps
105+
106+
(props @BE-Webdesign, [#2429][gh-2429], [#2426][gh-2426])
107+
108+
- Define user `type` as a string, not an array
109+
110+
(props @danielbachhuber, [#2556][gh-2556])
111+
112+
- Fix failing test: Typecast the user_id in search to a string
113+
114+
(props @rachelbaker, [#2617][gh-2617])
115+
116+
- #2587 Fix registered date schema
117+
118+
(props @BE-Webdesign, [#2628][gh-2628], [#2587][gh-2587])
119+
120+
- Fix forum url and installer-name in readme
121+
122+
(props @torounit, [#2656][gh-2656])
123+
124+
- Document options of the "status" parameter for Post collection GETs
125+
126+
(props @kadamwhite, [#2645][gh-2645])
127+
128+
- Improve WP_REST_Controller::filter_response_by_context().
129+
130+
(props @tfrommen, [#2641][gh-2641])
131+
132+
- #2424 Consistent slashes in rest_url() usage
133+
134+
(props @BE-Webdesign, [#2428][gh-2428], [#2424][gh-2424])
135+
136+
- Add filters to allow for relevance search
137+
138+
(props @websupporter, [#2665][gh-2665])
139+
140+
- Alter default comment sort order to be "desc"
141+
142+
(props @kadamwhite, [#2684][gh-2684])
143+
144+
- Add raw and rendered to revisions schema
145+
146+
(props @websupporter, [#2693][gh-2693])
147+
148+
- "WP API" -> "WordPress REST API" in README files
149+
150+
(props @kadamwhite, [#2697][gh-2697])
151+
152+
- Improve boolean validation from schema
153+
154+
(props @BE-Webdesign, [#2704][gh-2704], [#2616][gh-2616])
155+
156+
- Fix typo (PUT vs POST) in readme.md
157+
158+
(props @kadamwhite, [#2716][gh-2716])
159+
160+
- Add Codecov configuration
161+
162+
(props @danielbachhuber, [#2718][gh-2718])
163+
164+
- Fix inefficiency in users endpoint using `search => **`
165+
166+
(props @joehoyle, [#2722][gh-2722])
167+
168+
- Ensure the terms list is a list
169+
170+
(props @joehoyle, [#2724][gh-2724])
171+
172+
- Added @return on handle_featured_media() doc
173+
174+
(props @vishalkakadiya, [#2725][gh-2725])
175+
176+
- #2730 Update attachments fields added with `register_rest_field`
177+
178+
(props @BE-Webdesign, [#2731][gh-2731], [#2730][gh-2730])
179+
180+
- #2582 Ensure the `roles` property is always an array
181+
182+
(props @BE-Webdesign, [#2728][gh-2728], [#2582][gh-2582])
183+
184+
- Move post_password_required filtering to preparation
185+
186+
(props @rmccue, [#2735][gh-2735])
187+
188+
- Use wrapper for `sanitize_title` to avoid messed up slugs.
189+
190+
(props @joehoyle, [#2723][gh-2723])
191+
192+
- Force per_page to override the filter variable
193+
194+
(props @rmccue, [#2699][gh-2699])
195+
196+
[gh-1612]: https://github.com/WP-API/WP-API/issues/1612
197+
[gh-1880]: https://github.com/WP-API/WP-API/issues/1880
198+
[gh-2384]: https://github.com/WP-API/WP-API/issues/2384
199+
[gh-2416]: https://github.com/WP-API/WP-API/issues/2416
200+
[gh-2423]: https://github.com/WP-API/WP-API/issues/2423
201+
[gh-2424]: https://github.com/WP-API/WP-API/issues/2424
202+
[gh-2426]: https://github.com/WP-API/WP-API/issues/2426
203+
[gh-2428]: https://github.com/WP-API/WP-API/issues/2428
204+
[gh-2429]: https://github.com/WP-API/WP-API/issues/2429
205+
[gh-2435]: https://github.com/WP-API/WP-API/issues/2435
206+
[gh-2436]: https://github.com/WP-API/WP-API/issues/2436
207+
[gh-2438]: https://github.com/WP-API/WP-API/issues/2438
208+
[gh-2439]: https://github.com/WP-API/WP-API/issues/2439
209+
[gh-2440]: https://github.com/WP-API/WP-API/issues/2440
210+
[gh-2441]: https://github.com/WP-API/WP-API/issues/2441
211+
[gh-2461]: https://github.com/WP-API/WP-API/issues/2461
212+
[gh-2463]: https://github.com/WP-API/WP-API/issues/2463
213+
[gh-2470]: https://github.com/WP-API/WP-API/issues/2470
214+
[gh-2478]: https://github.com/WP-API/WP-API/issues/2478
215+
[gh-2479]: https://github.com/WP-API/WP-API/issues/2479
216+
[gh-2500]: https://github.com/WP-API/WP-API/issues/2500
217+
[gh-2534]: https://github.com/WP-API/WP-API/issues/2534
218+
[gh-2535]: https://github.com/WP-API/WP-API/issues/2535
219+
[gh-2553]: https://github.com/WP-API/WP-API/issues/2553
220+
[gh-2556]: https://github.com/WP-API/WP-API/issues/2556
221+
[gh-2579]: https://github.com/WP-API/WP-API/issues/2579
222+
[gh-2582]: https://github.com/WP-API/WP-API/issues/2582
223+
[gh-2587]: https://github.com/WP-API/WP-API/issues/2587
224+
[gh-2616]: https://github.com/WP-API/WP-API/issues/2616
225+
[gh-2617]: https://github.com/WP-API/WP-API/issues/2617
226+
[gh-2628]: https://github.com/WP-API/WP-API/issues/2628
227+
[gh-2641]: https://github.com/WP-API/WP-API/issues/2641
228+
[gh-2645]: https://github.com/WP-API/WP-API/issues/2645
229+
[gh-2656]: https://github.com/WP-API/WP-API/issues/2656
230+
[gh-2662]: https://github.com/WP-API/WP-API/issues/2662
231+
[gh-2665]: https://github.com/WP-API/WP-API/issues/2665
232+
[gh-2684]: https://github.com/WP-API/WP-API/issues/2684
233+
[gh-2693]: https://github.com/WP-API/WP-API/issues/2693
234+
[gh-2697]: https://github.com/WP-API/WP-API/issues/2697
235+
[gh-2699]: https://github.com/WP-API/WP-API/issues/2699
236+
[gh-2702]: https://github.com/WP-API/WP-API/issues/2702
237+
[gh-2704]: https://github.com/WP-API/WP-API/issues/2704
238+
[gh-2708]: https://github.com/WP-API/WP-API/issues/2708
239+
[gh-2716]: https://github.com/WP-API/WP-API/issues/2716
240+
[gh-2718]: https://github.com/WP-API/WP-API/issues/2718
241+
[gh-2720]: https://github.com/WP-API/WP-API/issues/2720
242+
[gh-2721]: https://github.com/WP-API/WP-API/issues/2721
243+
[gh-2722]: https://github.com/WP-API/WP-API/issues/2722
244+
[gh-2723]: https://github.com/WP-API/WP-API/issues/2723
245+
[gh-2724]: https://github.com/WP-API/WP-API/issues/2724
246+
[gh-2725]: https://github.com/WP-API/WP-API/issues/2725
247+
[gh-2728]: https://github.com/WP-API/WP-API/issues/2728
248+
[gh-2730]: https://github.com/WP-API/WP-API/issues/2730
249+
[gh-2731]: https://github.com/WP-API/WP-API/issues/2731
250+
[gh-2735]: https://github.com/WP-API/WP-API/issues/2735
251+
[gh-2744]: https://github.com/WP-API/WP-API/issues/2744
252+
[gh-2746]: https://github.com/WP-API/WP-API/issues/2746
253+
3254
## 2.0 Beta 13.0 (March 29, 2016)
4255

5256
- BREAKING CHANGE: Fix Content-Disposition header parsing.

README.md

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -6,15 +6,12 @@ Access your WordPress site's data through an easy-to-use HTTP REST API.
66
[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/WP-API/WP-API/badges/quality-score.png?b=develop)](https://scrutinizer-ci.com/g/WP-API/WP-API/?branch=develop)
77
[![codecov.io](http://codecov.io/github/WP-API/WP-API/coverage.svg?branch=develop)](http://codecov.io/github/WP-API/WP-API?branch=develop)
88

9-
## WARNING
10-
11-
The **"develop"** branch is undergoing substantial changes and is **NOT
12-
COMPLETE OR STABLE**. [Read the in-progress documentation](http://v2.wp-api.org/)
9+
The **"develop"** branch is version 2 which is "beta" but stable and recommended for production. [Read the documentation](http://v2.wp-api.org/)
1310
to introduce yourself to endpoints, internal patterns, and implementation details.
1411

15-
The **"master"** branch represents a **BETA** of our next version release.
12+
The **"master"** branch represents the **legacy** version of the REST API.
1613

17-
The latest **stable** version is available from the [WordPress Plugin Directory](https://wordpress.org/plugins/rest-api/).
14+
The latest **stable** version is also available from the [WordPress Plugin Directory](https://wordpress.org/plugins/rest-api/).
1815

1916
## About
2017

lib/endpoints/class-wp-rest-comments-controller.php

Lines changed: 22 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -293,6 +293,10 @@ public function create_item_permissions_check( $request ) {
293293
return new WP_Error( 'rest_comment_invalid_status', __( 'Sorry, you cannot set status for comments.' ), array( 'status' => rest_authorization_required_code() ) );
294294
}
295295

296+
if ( empty( $request['post'] ) && ! current_user_can( 'moderate_comments' ) ) {
297+
return new WP_Error( 'rest_comment_invalid_post_id', __( 'Sorry, you cannot create this comment without a post' ), array( 'status' => rest_authorization_required_code() ) );
298+
}
299+
296300
if ( ! empty( $request['post'] ) && $post = $this->get_post( (int) $request['post'] ) ) {
297301

298302
if ( ! $this->check_read_post_permission( $post ) ) {
@@ -646,6 +650,17 @@ protected function prepare_links( $comment ) {
646650
);
647651
}
648652

653+
// Only grab one comment to verify the comment has children.
654+
$comment_children = $comment->get_children( array( 'number' => 1, 'count' => true ) );
655+
if ( ! empty( $comment_children ) ) {
656+
$args = array( 'parent' => $comment->comment_ID );
657+
$rest_url = add_query_arg( $args, rest_url( $this->namespace . '/' . $this->rest_base ) );
658+
659+
$links['children'] = array(
660+
'href' => $rest_url,
661+
);
662+
}
663+
649664
return $links;
650665
}
651666

@@ -1137,9 +1152,13 @@ protected function check_read_post_permission( $post ) {
11371152
* @return boolean Can we read it?
11381153
*/
11391154
protected function check_read_permission( $comment ) {
1140-
1141-
if ( 1 === (int) $comment->comment_approved ) {
1142-
return true;
1155+
if ( ! empty( $comment->comment_post_ID ) ) {
1156+
$post = get_post( $comment->comment_post_ID );
1157+
if ( $post ) {
1158+
if ( $this->check_read_post_permission( $post ) && 1 === (int) $comment->comment_approved ) {
1159+
return true;
1160+
}
1161+
}
11431162
}
11441163

11451164
if ( 0 === get_current_user_id() ) {
@@ -1150,13 +1169,6 @@ protected function check_read_permission( $comment ) {
11501169
return false;
11511170
}
11521171

1153-
$post = $this->get_post( $comment->comment_post_ID );
1154-
if ( $comment->comment_post_ID && $post ) {
1155-
if ( ! $this->check_read_post_permission( $post ) ) {
1156-
return false;
1157-
}
1158-
}
1159-
11601172
if ( ! empty( $comment->user_id ) && get_current_user_id() === (int) $comment->user_id ) {
11611173
return true;
11621174
}

0 commit comments

Comments
 (0)