Skip to content
This repository was archived by the owner on Sep 24, 2018. It is now read-only.

Provide embed and view as public contexts for users #2184

Merged
rmccue merged 8 commits into from
Feb 4, 2016
Merged

Provide embed and view as public contexts for users #2184

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
47672b4
Provide `embed` and `view` as public contexts for users
danielbachhuber Jan 30, 2016
626d1b6
Merge branch 'develop' into 1869-user-context
danielbachhuber Jan 30, 2016
6be1358
Update tests for new user context behavior
danielbachhuber Jan 31, 2016
470e59a
Update `rest_validate_request_arg()` to handle array for `enum`
danielbachhuber Jan 31, 2016
5a87f9d
Merge branch 'develop' into 1869-user-context
danielbachhuber Feb 1, 2016
9fc8248
Revert incorrect enum handling for arrays
danielbachhuber Feb 1, 2016
f3df9a9
Enum can be used with any type
danielbachhuber Feb 1, 2016
7801bff
Merge branch 'develop' into 1869-user-context
danielbachhuber Feb 1, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 10 additions & 17 deletions lib/endpoints/class-wp-rest-users-controller.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ public function register_routes() {
'callback' => array( $this, 'get_item' ),
'permission_callback' => array( $this, 'get_item_permissions_check' ),
'args' => array(
'context' => $this->get_context_param( array( 'default' => 'embed' ) ),
'context' => $this->get_context_param( array( 'default' => 'view' ) ),
),
),
array(
Expand Down Expand Up @@ -104,9 +104,6 @@ public function get_items( $request ) {

if ( ! current_user_can( 'list_users' ) ) {
$prepared_args['has_published_posts'] = true;

// Only display a public subset of information
$request['context'] = 'embed';
}

if ( '' !== $prepared_args['search'] ) {
Expand Down Expand Up @@ -194,13 +191,9 @@ public function get_item_permissions_check( $request ) {
return true;
}

$context = ! empty( $request['context'] ) && in_array( $request['context'], array( 'edit', 'view', 'embed' ) ) ? $request['context'] : 'embed';

if ( 'edit' === $context && ! current_user_can( 'edit_user', $id ) ) {
return new WP_Error( 'rest_user_cannot_view', __( 'Sorry, you cannot view this resource with edit context.' ), array( 'status' => rest_authorization_required_code() ) );
} else if ( 'view' === $context && ! current_user_can( 'list_users' ) ) {
if ( 'edit' === $request['context'] && ! current_user_can( 'list_users' ) ) {
return new WP_Error( 'rest_user_cannot_view', __( 'Sorry, you cannot view this resource with view context.' ), array( 'status' => rest_authorization_required_code() ) );
} else if ( 'embed' === $context && ! count_user_posts( $id, $types ) && ! current_user_can( 'edit_user', $id ) && ! current_user_can( 'list_users' ) ) {
} else if ( ! count_user_posts( $id, $types ) && ! current_user_can( 'edit_user', $id ) && ! current_user_can( 'list_users' ) ) {
return new WP_Error( 'rest_user_cannot_view', __( 'Sorry, you cannot view this resource.' ), array( 'status' => rest_authorization_required_code() ) );
}

Expand Down Expand Up @@ -690,15 +683,15 @@ public function get_item_schema() {
'first_name' => array(
'description' => __( 'First name for the resource.' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
'context' => array( 'edit' ),
'arg_options' => array(
'sanitize_callback' => 'sanitize_text_field',
),
),
'last_name' => array(
'description' => __( 'Last name for the resource.' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
'context' => array( 'edit' ),
'arg_options' => array(
'sanitize_callback' => 'sanitize_text_field',
),
Expand All @@ -707,7 +700,7 @@ public function get_item_schema() {
'description' => __( 'The email address for the resource.' ),
'type' => 'string',
'format' => 'email',
'context' => array( 'view', 'edit' ),
'context' => array( 'edit' ),
'required' => true,
),
'url' => array(
Expand All @@ -734,7 +727,7 @@ public function get_item_schema() {
'nickname' => array(
'description' => __( 'The nickname for the resource.' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
'context' => array( 'edit' ),
'arg_options' => array(
'sanitize_callback' => 'sanitize_text_field',
),
Expand All @@ -750,18 +743,18 @@ public function get_item_schema() {
'registered_date' => array(
'description' => __( 'Registration date for the resource.' ),
'type' => 'date-time',
'context' => array( 'view', 'edit' ),
'context' => array( 'edit' ),
'readonly' => true,
),
'roles' => array(
'description' => __( 'Roles assigned to the resource.' ),
'type' => 'array',
'context' => array( 'view', 'edit' ),
'context' => array( 'edit' ),
),
'capabilities' => array(
'description' => __( 'All capabilities assigned to the resource.' ),
'type' => 'object',
'context' => array( 'view', 'edit' ),
'context' => array( 'edit' ),
),
'extra_capabilities' => array(
'description' => __( 'Any extra capabilities assigned to the resource.' ),
Expand Down
30 changes: 9 additions & 21 deletions tests/test-rest-users-controller.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ public function test_context_param() {
$request = new WP_REST_Request( 'OPTIONS', '/wp/v2/users/' . $this->user );
$response = $this->server->dispatch( $request );
$data = $response->get_data();
$this->assertEquals( 'embed', $data['endpoints'][0]['args']['context']['default'] );
$this->assertEquals( 'view', $data['endpoints'][0]['args']['context']['default'] );
$this->assertEquals( array( 'view', 'embed', 'edit' ), $data['endpoints'][0]['args']['context']['enum'] );
}

Expand Down Expand Up @@ -1028,37 +1028,25 @@ protected function check_user_data( $user, $data, $context ) {
$this->assertArrayHasKey( 'avatar_urls', $data );
$this->assertEquals( $user->user_nicename, $data['slug'] );

if ( 'view' === $context || 'edit' === $context ) {
if ( 'edit' === $context ) {
$this->assertEquals( $user->first_name, $data['first_name'] );
$this->assertEquals( $user->last_name, $data['last_name'] );
$this->assertEquals( $user->nickname, $data['nickname'] );
$this->assertEquals( $user->user_email, $data['email'] );
$this->assertEquals( $user->allcaps, $data['capabilities'] );
$this->assertEquals( $user->caps, $data['extra_capabilities'] );
$this->assertEquals( date( 'c', strtotime( $user->user_registered ) ), $data['registered_date'] );
$this->assertEquals( $user->user_login, $data['username'] );
$this->assertEquals( $user->roles, $data['roles'] );
}

if ( 'view' !== $context && 'edit' !== $context ) {
if ( 'edit' !== $context ) {
$this->assertArrayNotHasKey( 'roles', $data );
$this->assertArrayNotHasKey( 'capabilities', $data );
$this->assertArrayNotHasKey( 'registered', $data );
$this->assertArrayNotHasKey( 'first_name', $data );
$this->assertArrayNotHasKey( 'last_name', $data );
$this->assertArrayNotHasKey( 'nickname', $data );
}

if ( 'view' === $context ) {
$this->assertEquals( $user->roles, $data['roles'] );
$this->assertEquals( $user->allcaps, $data['capabilities'] );
$this->assertEquals( date( 'c', strtotime( $user->user_registered ) ), $data['registered_date'] );
$this->assertEquals( $user->user_email, $data['email'] );
$this->assertArrayNotHasKey( 'extra_capabilities', $data );
}

if ( 'edit' === $context ) {
$this->assertEquals( $user->user_email, $data['email'] );
$this->assertEquals( $user->caps, $data['extra_capabilities'] );
$this->assertEquals( $user->user_login, $data['username'] );
$this->assertEquals( $user->roles, $data['roles'] );
}

if ( 'edit' !== $context ) {
$this->assertArrayNotHasKey( 'extra_capabilities', $data );
$this->assertArrayNotHasKey( 'username', $data );
}
Expand Down