Add a REST API endpoint for wporg users#184
Conversation
* Changes the single user endpoint to use a slug argument instead of a numeric ID argument. * Adds a limited collection endpoint for retrieving multiple users at once, but you still have to specify their slugs.
ryelle
left a comment
ryelle
left a comment
There was a problem hiding this comment.
Changing embed to edit or anything else should give you an error message.
I tried view first, and view is allowed (that seems intentional though) — edit and other arbitrary strings do error. I noticed view (or no context) gives me an extra property on each user, meta. It's an empty array for the few users I tested. I assume it's because we don't have any registered meta on users.
Also tried querying on other properties with a slug, and it worked as expected— I couldn't include or exclude users, or query by anything but the slug. Order by name worked. I was able to restrict the fields with _fields=id,name, but couldn't add extra fields.
TIL there are users with the names "1" and "2". Otherwise trying to pass random IDs correctly errors 🙂
Overall, I like this as a first iteration - we might want to add onto it later, but it's set up so we can. 💯
🤦 |
|
How valuable is it to extend If you want to err on the side of caution you could remove that and make this only return the specific fields that we currently have use cases for. I haven't seen any tangible problems as a result of extending, though. |
Good question. The use cases we have for this endpoint right now (pattern directory, internal notes) expect responses to use the normal users endpoint schema, and have (some of) the same collection parameters. It would be simplest to ensure any future use cases also expect the same schema, so that if this endpoint ever gets supplanted by something in Core, everything would probably still work seamlessly. So, with that in mind, I think it makes sense to extend |
|
Yeah, that probably outweighs the risks 👍🏻 |
iandunn
left a comment
iandunn
left a comment
There was a problem hiding this comment.
I couldn't find any way to get private data 👍🏻
3 participants
This is a proof-of-concept for #182. It simply clones the Core users controller, but then strips out all the endpoints except the read access ones. The single user endpoint takes a slug instead of a numerical ID. The multiple users endpoint requires adding the
slugquery parameter and listing the specific user slugs you want to retrieve.Additionally this controller limits the request context to either
vieworembed(omittingedit) so that only data fields that are already public are available in the response.Another thing we could do here is add in some fields specifically from profiles.wordpress.org. Things that are viewable at a user's public profile page, like their bio, whether they are sponsored, maybe their badges?
To test
https://wordpress.org/wp-json/wporg/v1/users/{your wporg user slug}in your browser.?context=embed. That should show identical info to the default response. Changingembedtoeditor anything else should give you an error message.https://wordpress.org/wp-json/wporg/v1/users?slug={your wporg user slug}https://wordpress.org/wp-json/wp/v2/users. It should be all the same fields.