sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

REST API: Only expose formats supported by the current theme. 

While it's valid to save any format to the database, and WordPress is totally fine with that, we should only include the formats specified by the theme in the schema.

Props danielbachhuber.
Fixes #38610.


git-svn-id: https://develop.svn.wordpress.org/trunk@39084 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan McCue 2016-11-02 03:36:40 +00:00
parent c91b3de690
commit 011e0b99a1
2 changed files with 51 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php
View File

@ -1923,10 +1923,11 @@ class WP_REST_Posts_Controller extends WP_REST_Controller {
break;
case 'post-formats':
$supports_formats = get_theme_support( 'post-formats' );
$schema['properties']['format'] = array(
'description' => __( 'The format for the object.' ),
'type' => 'string',
'enum' => array_values( get_post_format_slugs() ),
'enum' => $supports_formats ? array_values( $supports_formats[0] ) : array(),
'context' => array( 'view', 'edit' ),
);
break;

49
tests/phpunit/tests/rest-api/rest-posts-controller.php
View File

@ -16,6 +16,8 @@ class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te
protected static $author_id;
protected static $contributor_id;
protected static $supported_formats;
public static function wpSetUpBeforeClass( $factory ) {
self::$post_id = $factory->post->create();
@ -28,9 +30,20 @@ class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te
self::$contributor_id = $factory->user->create( array(
'role' => 'contributor',
) );
// Only support 'post' and 'gallery'
self::$supported_formats = get_theme_support( 'post-formats' );
add_theme_support( 'post-formats', array( 'post', 'gallery' ) );
}
public static function wpTearDownAfterClass() {
// Restore theme support for formats.
if ( self::$supported_formats ) {
add_theme_support( 'post-formats', self::$supported_formats );
} else {
remove_theme_support( 'post-formats' );
}
wp_delete_post( self::$post_id, true );
self::delete_user( self::$editor_id );
@ -1078,6 +1091,24 @@ class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te
$this->assertErrorResponse( 'rest_invalid_param', $response, 400 );
}
/**
* Test with a valid format, but one unsupported by the theme.
*
* https://core.trac.wordpress.org/ticket/38610
*/
public function test_create_post_with_unsupported_format() {
wp_set_current_user( self::$editor_id );
$request = new WP_REST_Request( 'POST', '/wp/v2/posts' );
$params = $this->set_post_data( array(
'format' => 'link',
) );
$request->set_body_params( $params );
$response = $this->server->dispatch( $request );
$this->assertErrorResponse( 'rest_invalid_param', $response, 400 );
}
public function test_create_update_post_with_featured_media() {
$file = DIR_TESTDATA . '/images/canola.jpg';
@ -1497,6 +1528,24 @@ class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te
$this->assertErrorResponse( 'rest_invalid_param', $response, 400 );
}
/**
* Test with a valid format, but one unsupported by the theme.
*
* https://core.trac.wordpress.org/ticket/38610
*/
public function test_update_post_with_unsupported_format() {
wp_set_current_user( self::$editor_id );
$request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/posts/%d', self::$post_id ) );
$params = $this->set_post_data( array(
'format' => 'link',
) );
$request->set_body_params( $params );
$response = $this->server->dispatch( $request );
$this->assertErrorResponse( 'rest_invalid_param', $response, 400 );
}
public function test_update_post_ignore_readonly() {
wp_set_current_user( self::$editor_id );