/**
* Prepare a post status object for serialization
*
* @param stdClass $status Post status data
* @param WP_REST_Request $request
* @return WP_REST_Response Post status data
*/
public function prepare_item_for_response($status, $request)
{
if (false === $status->public && !is_user_logged_in() || true === $status->internal && is_user_logged_in()) {
return new WP_Error('rest_cannot_read_status', __('Cannot view status.'), array('status' => rest_authorization_required_code()));
}
$data = array('name' => $status->label, 'private' => (bool) $status->private, 'protected' => (bool) $status->protected, 'public' => (bool) $status->public, 'queryable' => (bool) $status->publicly_queryable, 'show_in_list' => (bool) $status->show_in_admin_all_list, 'slug' => $status->name);
$context = !empty($request['context']) ? $request['context'] : 'view';
$data = $this->add_additional_fields_to_object($data, $request);
$data = $this->filter_response_by_context($data, $context);
$response = rest_ensure_response($data);
$posts_controller = new WP_REST_Posts_Controller('post');
if ('publish' === $status->name) {
$response->add_link('archives', rest_url('/wp/v2/' . $posts_controller->get_post_type_base('post')));
} else {
$response->add_link('archives', add_query_arg('status', $status->name, rest_url('/wp/v2/' . $posts_controller->get_post_type_base('post'))));
}
/**
* Filter a status returned from the API.
*
* Allows modification of the status data right before it is returned.
*
* @param WP_REST_Response $response The response object.
* @param object $status The original status object.
* @param WP_REST_Request $request Request used to generate the response.
*/
return apply_filters('rest_prepare_status', $response, $status, $request);
}
public function setUp()
{
parent::setUp();
$this->has_setup_template = false;
add_filter('theme_page_templates', array($this, 'filter_theme_page_templates'));
// reregister the route as we now have a template available.
$GLOBALS['wp_rest_server']->override_by_default = true;
$controller = new WP_REST_Posts_Controller('page');
$controller->register_routes();
$GLOBALS['wp_rest_server']->override_by_default = false;
}
/**
* Prepare term
* @param WP_REST_Response $response
* @param WP_Term $term
* @param WP_REST_Request $request
* @return WP_REST_Response
*/
function anunang_api_prepare_term($response, $term, $request)
{
$args = array('tax_query' => array(array('taxonomy' => $term->taxonomy, 'field' => 'slug', 'terms' => $term->slug)), 'posts_per_page' => 5);
$posts = get_posts($args);
$posts_arr = array();
foreach ($posts as $p) {
$rest_post = new WP_REST_Posts_Controller($p->post_type);
$posts_arr[] = $rest_post->prepare_item_for_response($p, $request)->data;
}
$response->data['posts'] = $posts_arr;
return $response;
}
/**
* Prepare links for the request.
*
* @param WP_Post $post Post object.
* @return array Links for the given post.
*/
protected function prepare_links($post)
{
$links = parent::prepare_links($post);
$filter_name = "rooftop_prepare_{$post->post_type}_links";
$links = apply_filters($filter_name, $links, $post);
return $links;
}
/**
* Prepare a post status object for serialization
*
* @param stdClass $status Post status data
* @param WP_REST_Request $request
* @return WP_REST_Response Post status data
*/
public function prepare_item_for_response($status, $request)
{
if (false === $status->public && !is_user_logged_in() || true === $status->internal && is_user_logged_in()) {
return new WP_Error('rest_cannot_read_status', __('Cannot view status.'), array('status' => 403));
}
$data = array('name' => $status->label, 'private' => (bool) $status->private, 'protected' => (bool) $status->protected, 'public' => (bool) $status->public, 'queryable' => (bool) $status->publicly_queryable, 'show_in_list' => (bool) $status->show_in_admin_all_list, 'slug' => $status->name);
$context = !empty($request['context']) ? $request['context'] : 'view';
$data = $this->filter_response_by_context($data, $context);
$data = $this->add_additional_fields_to_object($data, $request);
$data = rest_ensure_response($data);
$posts_controller = new WP_REST_Posts_Controller('post');
if ('publish' === $status->name) {
$data->add_link('archives', rest_url('/wp/v2/' . $posts_controller->get_post_type_base('post')));
} else {
$data->add_link('archives', add_query_arg('status', $status->name, rest_url('/wp/v2/' . $posts_controller->get_post_type_base('post'))));
}
return $data;
}
/**
* Convert post objects to formatted objects.
* @param array $data Array of post objects. You can pass get_posts() results here
* @param bool $return_json Optional. Whether to return as JSON, the default, or not.
*
* @return array
*/
public static function get_data($data, $return_json = true)
{
$posts = $data;
$data = array();
$request = new \WP_REST_Request();
$request['context'] = 'view';
foreach ($posts as $post) {
if (!is_object($post)) {
if (0 < absint($post)) {
$post = get_post($post);
} else {
continue;
}
}
if (!is_a($post, '\\WP_Post')) {
continue;
}
$controller = new \WP_REST_Posts_Controller($post->post_type);
$data[] = self::prepare_data($controller->prepare_item_for_response($post, $request), $return_json);
}
return $data;
}
/**
* Get all graph data items
* @param WP_REST_Request $request The current request
* @return Array|WP_Error
*/
public function get_items($request)
{
$result = array();
// Fetch all skills
$request->set_param('per_page', -1);
$allSkills = parent::get_items($request);
// Filter all skills to only return the ones tagged as starting skills
foreach ($allSkills->data as $skill) {
if ($skill['starting_skill']) {
$result[] = $skill;
}
}
return $result;
}
/**
* Check if a given request has access to delete meta for a post.
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|boolean
*/
public function delete_item_permissions_check($request)
{
$parent = get_post((int) $request['parent_id']);
if (empty($parent) || empty($parent->ID)) {
return new WP_Error('rest_post_invalid_id', __('Invalid post id.'), array('status' => 404));
}
if (!$this->parent_controller->check_read_permission($parent)) {
return new WP_Error('rest_forbidden', __('Sorry, you cannot view this post.'), array('status' => rest_authorization_required_code()));
}
$post_type = get_post_type_object($parent->post_type);
if (!current_user_can($post_type->cap->delete_post, $parent->ID)) {
return new WP_Error('rest_forbidden', __('Sorry, you cannot delete the meta for this post.'), array('status' => rest_authorization_required_code()));
}
return true;
}
/**
* Get the Attachment's schema, conforming to JSON Schema
*
* @return array
*/
public function get_item_schema()
{
$schema = parent::get_item_schema();
$schema['properties']['alt_text'] = array('description' => 'Alternative text to display when attachment is not displayed.', 'type' => 'string', 'context' => array('view', 'edit', 'embed'), 'arg_options' => array('sanitize_callback' => 'sanitize_text_field'));
$schema['properties']['caption'] = array('description' => 'The caption for the attachment.', 'type' => 'string', 'context' => array('view', 'edit'), 'arg_options' => array('sanitize_callback' => 'wp_filter_post_kses'));
$schema['properties']['description'] = array('description' => 'The description for the attachment.', 'type' => 'string', 'context' => array('view', 'edit'), 'arg_options' => array('sanitize_callback' => 'wp_filter_post_kses'));
$schema['properties']['media_type'] = array('description' => 'Type of attachment.', 'type' => 'string', 'enum' => array('image', 'file'), 'context' => array('view', 'edit', 'embed'), 'readonly' => true);
$schema['properties']['media_details'] = array('description' => 'Details about the attachment file, specific to its type.', 'type' => 'object', 'context' => array('view', 'edit', 'embed'), 'readonly' => true);
$schema['properties']['post'] = array('description' => 'The ID for the associated post of the attachment.', 'type' => 'integer', 'context' => array('view', 'edit'));
$schema['properties']['source_url'] = array('description' => 'URL to the original attachment file.', 'type' => 'string', 'format' => 'uri', 'context' => array('view', 'edit', 'embed'), 'readonly' => true);
return $schema;
}
/**
* Validates whether the user can query private statuses.
*
* @since 4.7.0
* @access public
*
* @param mixed $value Status value.
* @param WP_REST_Request $request Request object.
* @param string $parameter Additional parameter to pass for validation.
* @return WP_Error|bool True if the user may query, WP_Error if not.
*/
public function validate_user_can_query_private_statuses($value, $request, $parameter)
{
if ('inherit' === $value) {
return true;
}
return parent::validate_user_can_query_private_statuses($value, $request, $parameter);
}
function __construct()
{
parent::__construct('post');
}
/**
* Check if we can read a post.
*
* Correctly handles posts with the inherit status.
*
* @param WP_Post $post Post Object.
* @return boolean Can we read it?
*/
protected function check_read_post_permission($post)
{
$posts_controller = new WP_REST_Posts_Controller($post->post_type);
return $posts_controller->check_read_permission($post);
}
/**
* Prepare a single post output for response.
*
* @param \WP_Post $post Post object.
* @param \WP_REST_Request $request Request object.
* @return \WP_REST_Response $response Response.
*/
public function prepare_item_for_response($post, $request)
{
$response = parent::prepare_item_for_response($post, $request);
$response->data['content'] = $this->snapshot_post_type->get_post_content($post);
return $response;
}
/**
* @ticket 38877
*/
public function test_update_item_with_template_none()
{
wp_set_current_user(self::$editor_id);
add_filter('theme_post_templates', array($this, 'filter_theme_post_templates'));
update_post_meta(self::$post_id, '_wp_page_template', 'post-my-test-template.php');
// reregister the route as we now have a template available.
$GLOBALS['wp_rest_server']->override_by_default = true;
$controller = new WP_REST_Posts_Controller('post');
$controller->register_routes();
$GLOBALS['wp_rest_server']->override_by_default = false;
$request = new WP_REST_Request('PUT', sprintf('/wp/v2/posts/%d', self::$post_id));
$params = $this->set_post_data(array('template' => ''));
$request->set_body_params($params);
$response = $this->server->dispatch($request);
$data = $response->get_data();
$post_template = get_page_template_slug(get_post($data['id']));
$this->assertEquals('', $data['template']);
$this->assertEquals('', $post_template);
}
/**
* Get the query params for collections of attachments.
*
* @return array
*/
public function get_collection_params()
{
$params = parent::get_collection_params();
$params['parent'] = array('description' => 'Limit results to attachments from a specified parent.', 'type' => 'integer', 'default' => null, 'sanitize_callback' => 'absint');
return $params;
}
protected function check_get_revision_response($response, $revision)
{
if ($response instanceof WP_REST_Response) {
$links = $response->get_links();
$response = $response->get_data();
} else {
$this->assertArrayHasKey('_links', $response);
$links = $response['_links'];
}
$this->assertEquals($revision->post_author, $response['author']);
$this->assertEquals($revision->post_content, $response['content']);
$this->assertEquals(rest_mysql_to_rfc3339($revision->post_date), $response['date']);
$this->assertEquals(rest_mysql_to_rfc3339($revision->post_date_gmt), $response['date_gmt']);
$this->assertEquals($revision->post_excerpt, $response['excerpt']);
$this->assertEquals($revision->guid, $response['guid']);
$this->assertEquals($revision->ID, $response['id']);
$this->assertEquals(rest_mysql_to_rfc3339($revision->post_modified), $response['modified']);
$this->assertEquals(rest_mysql_to_rfc3339($revision->post_modified_gmt), $response['modified_gmt']);
$this->assertEquals($revision->post_name, $response['slug']);
$this->assertEquals($revision->post_title, $response['title']);
$parent = get_post($revision->post_parent);
$parent_controller = new WP_REST_Posts_Controller($parent->post_type);
$parent_base = $parent_controller->get_post_type_base($parent->post_type);
$this->assertEquals(rest_url('wp/' . $parent_base . '/' . $revision->post_parent), $links['parent'][0]['href']);
}
/**
* Checks if the post can be read.
*
* Correctly handles posts with the inherit status.
*
* @since 4.7.0
* @access protected
*
* @param WP_Post $post Post object.
* @param WP_REST_Request $request Request data to check.
* @return bool Whether post can be read.
*/
protected function check_read_post_permission($post, $request)
{
$posts_controller = new WP_REST_Posts_Controller($post->post_type);
$post_type = get_post_type_object($post->post_type);
$has_password_filter = false;
// Only check password if a specific post was queried for or a single comment
$requested_post = !empty($request['post']) && 1 === count($request['post']);
$requested_comment = !empty($request['id']);
if (($requested_post || $requested_comment) && $posts_controller->can_access_password_content($post, $request)) {
add_filter('post_password_required', '__return_false');
$has_password_filter = true;
}
if (post_password_required($post)) {
$result = current_user_can($post_type->cap->edit_post, $post->ID);
} else {
$result = $posts_controller->check_read_permission($post);
}
if ($has_password_filter) {
remove_filter('post_password_required', '__return_false');
}
return $result;
}
