Commit Graph

2654 Commits

Author SHA1 Message Date
Sergey Biryukov
784d983f59 XML-RPC: Update the string in test_parent_for_nonhierarchical() to match the string added in [41574].
Props netweb.
Fixes #41637.

git-svn-id: https://develop.svn.wordpress.org/trunk@41575 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-23 08:19:54 +00:00
Weston Ruter
a91d3980df Customize: Introduce extensible code editor Customizer control for CodeMirror.
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.

See #12423, #38707, #35395.
Fixes #41897.


git-svn-id: https://develop.svn.wordpress.org/trunk@41558 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 23:03:06 +00:00
Konstantin Obenland
9b7c97af26 Widgets: Improved sidebar mapping on theme switch
Builds on efforts brought forward in #17979.

This will send sidebars through three levels of mapping:

1. If both themes have only one sidebar, that gets mapped.
2. If both themes have sidebars with the same slug, they get mapped.
3. Sidebars that (even partially) match slugs from a similar kind of sidebar will get mapped.

Finally, if the theme has previously been active and we have a record of its 
sidebar configuration then, any unmapped sidebar will be restored to its 
previous state.

Props westonruter, obenland, alexvorn2, timmydcrawford.
See #39693.



git-svn-id: https://develop.svn.wordpress.org/trunk@41555 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 18:45:03 +00:00
Weston Ruter
ebb578b2d9 Widgets: Omit attributes from an Image widget's link when they are empty.
Props subrataemfluence, Nenad Obradovic, westonruter.
See #39993.
Fixes #41919.


git-svn-id: https://develop.svn.wordpress.org/trunk@41549 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-20 19:44:13 +00:00
Aaron D. Campbell
e95dc5a26f Database: Hardening to bring wpdb::prepare() inline with documentation.
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.



git-svn-id: https://develop.svn.wordpress.org/trunk@41496 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 17:55:33 +00:00
aaroncampbell
eb012314d0 Database: Hardening for wpdb::prepare()
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.



git-svn-id: https://develop.svn.wordpress.org/trunk@41470 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 14:47:46 +00:00
Weston Ruter
df1bf4a883 Customize: Add wp_is_uuid() validation function with optional second $version=4 parameter to enforce v4 random UUIDs.
Props jonathanbardo.
Fixes #39778.


git-svn-id: https://develop.svn.wordpress.org/trunk@41388 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-18 23:03:06 +00:00
Felix Arntz
e23004c344 Multisite: Introduce get_main_site_id().
This function can be used to easily get the main site ID of a given network via the optional `$network_id` parameter, which defaults to the current network. The existing `is_main_site()` now uses the new function internally and now accepts an optional `$network_id` parameter as well.

The main purpose of the new function at this point is to ensure that the `WP_Network::$blog_id` property is always set. Magic getters in the class have been adjusted to auto-fill the property when it is accessed and empty. Furthermore the function encapsulates logic that was previously part of `ms_load_current_site_and_network()` and has been replaced with a call to the function now.

Props spacedmonkey, jeremyfelt, johnjamesjacoby, flixos90.
Fixes #29684.


git-svn-id: https://develop.svn.wordpress.org/trunk@41380 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-15 11:14:49 +00:00
Boone Gorges
fb227caed1 Taxonomy: Force a DISTINCT term query when result count matters.
Generally, duplicate terms returned by a term query are eliminated in PHP,
after the database query takes place. This technique doesn't work properly
when the query parameters specify the `number` of results, since the results
of a `SELECT ... LIMIT x...` query may be deduplicated to a count less than
`x`. In these cases, we force the original query to be `DISTINCT`.

Props elvishp2006.
Fixes #41796.

git-svn-id: https://develop.svn.wordpress.org/trunk@41377 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-13 14:47:07 +00:00
Weston Ruter
dbace684e2 Editor: Add CodeMirror-powered code editor with syntax highlighting, linting, and auto-completion.
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.

Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes #12423, #39892.


git-svn-id: https://develop.svn.wordpress.org/trunk@41376 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-13 06:07:48 +00:00
Adam Silverstein
1b7475645a Add wp.hooks - JavaScript actions and filters.
Add a JavaScript hooks library with an API that mirrors the WordPress Plugin API; provides similar functionality and API to PHP hooks.

Called via the global `wp.hooks`, eg: `wp.hooks.addAction()`, etc. Adds:

* `addAction( 'hook', 'vendor/plugin/function', callback, priority )`
* `addFilter( 'hook', 'vendor/plugin/function', callback, priority )`
* `removeAction( 'hook', 'vendor/plugin/function' )`
* `removeFilter( 'hook',  'vendor/plugin/function' )`
* `removeAllActions( 'hook' )`
* `removeAllFilters( 'hook' )`
* `doAction( 'hook', arg1, arg2, moreArgs, finalArg )`
* `applyFilters( 'hook', content, arg1, arg2, moreArgs, finalArg )`
* `doingAction( 'hook' )`
* `doingFilter( 'hook' )`
* `didAction( 'hook' )`
* `didFilter( 'hook' )`
* `hasAction( 'hook' )`
* `hasFilter( 'hook' )`

Props adamsilverstein, jnylen0, aduth, kadamwhite, youknowriad, schlessera, mikeschinkel, azaozz, vhauri, CaptainN, scribu, carldanley, chetanchauhan, mgibbs189, stephenharris, justnorris, koopersmith, gcorne, TV productions, atimmer.

Fixes #21170.



git-svn-id: https://develop.svn.wordpress.org/trunk@41375 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-12 12:53:21 +00:00
Weston Ruter
594a41666b Customize: Add global notifications area.
* Displays an error notification in the global area when a save attempt is rejected due to invalid settings. An error notification is also displayed when saving fails due to a network error or server error.
* Introduces `wp.customize.Notifications` subclass of `wp.customize.Values` to contain instances of `wp.customize.Notification` and manage their rendering into a container.
* Exposes the global notification area as `wp.customize.notifications` collection instance.
* Updates the `notifications` object on `Control` to use `Notifications` rather than `Values` and to re-use the rendering logic from the former. The old `Control#renderNotifications` method is deprecated.
* Allows notifications to be dismissed by instantiating them with a `dismissible` property.
* Allows `wp.customize.Notification` to be extended with custom templates and `render` functions.
* Triggers a `removed` event on `wp.customize.Values` instances _after_ a value has been removed from the collection.

Props delawski, westonruter, karmatosed, celloexpressions, Fab1en, melchoyce, Kelderic, afercia, adamsilverstein.
See #34893, #39896.
Fixes #35210, #31582, #37727, #37269.


git-svn-id: https://develop.svn.wordpress.org/trunk@41374 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-12 07:02:49 +00:00
Weston Ruter
4fbb54ca8c Customize: Align behavior of WP_Customize_Manager::save_changeset_post() with wp_insert_post() by setting status to future if supplied status is publish but date is future.
Props dlh.
Fixes #41336.


git-svn-id: https://develop.svn.wordpress.org/trunk@41372 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-11 17:49:58 +00:00
Andrea Fercia
34df35a414 Allow usage of aria-current in paginate_links().
The `aria-current` attribute is a simple, effective way to help assistive
technology users orientate themselves within a list of items.

Props GrahamArmfield, palmiak.
Fixes #40833.


git-svn-id: https://develop.svn.wordpress.org/trunk@41371 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-11 14:28:59 +00:00
John Blackbourn
b422c7e45f Build/Test Tools: Convert more test skipping into hard failures.
See #41851


git-svn-id: https://develop.svn.wordpress.org/trunk@41367 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-11 00:37:55 +00:00
Weston Ruter
6327832abe Widgets: Add shortcode support inside Text widgets.
* Used now in core to facilitate displaying inserted media. See #40854.
* The `[embed]` shortcode is not supported because there is no post context for caching oEmbed responses. This depends on #34115.
* Add `do_shortcode()` to the `widget_text_content` filter in the same way it is added for `the_content` at priority 11, with `shortcode_unautop()` called at priority 10 after `wpautop()`.
* For Text widget in legacy mode, manually apply `do_shortcode()` (and `shortcode_unautop()` if auto-paragraph checked) if the core-added `widget_text_content` filter remains, unless a plugin added `do_shortcode()` to `widget_text` to prevent applying shortcodes twice.
* Ensure that global `$post` is `null` while filters apply in the Text widget so shortcode handlers won't run with unexpected contexts.

Props westonruter, nacin, aaroncampbell.
See #40854, #34115.
Fixes #10457.


git-svn-id: https://develop.svn.wordpress.org/trunk@41361 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-10 06:32:34 +00:00
Pascal Birchler
804fc41181 Editor: In _WP_Editors::wp_link_query, allow filtering empty results.
Previously, it was not possible to hook into the `wp_link_query` filter to add custom entries when the 
query returned no posts.

Props mitraval192, msebel.
Fixes #41825.


git-svn-id: https://develop.svn.wordpress.org/trunk@41346 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-08 14:02:43 +00:00
Adam Silverstein
399db7ac03 WP-API JS Client: Add helpers to get a model or collection by route.
Add two new helper functions, `wp.api.getModelByRoute` and `wp.api.getCollectionByRoute`. Passed a route, they return the matching model or collection, or `undefined` if none is found.

Also adds tests to verify these functions work as expected.

Props rcutmore.
Fixes #41111.


git-svn-id: https://develop.svn.wordpress.org/trunk@41334 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-04 16:00:28 +00:00
Konstantin Obenland
09182448e7 Widgets: Add nudge for registered widgets
Informs developers that widgets need to be registered before they can be
displayed through `the_widget()`. Previously it would fail with an ambiguous
undefined index notice.

Props SeBsZ, mrasharirfan.
Fixes #41743.



git-svn-id: https://develop.svn.wordpress.org/trunk@41327 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-01 08:49:50 +00:00
Weston Ruter
8e8969aa9c Customize: Prevent potential cache corruption when finding a secondary changeset post by UUID.
Props dlh.
Fixes #41738.


git-svn-id: https://develop.svn.wordpress.org/trunk@41321 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-29 04:09:57 +00:00
Sergey Biryukov
93dd8e28be Formatting: In sanitize_title_with_dashes(), convert forward slash to hyphen on save.
Props corvidism, jtsternberg, GhostToast, alxndr.
Fixes #10792.

git-svn-id: https://develop.svn.wordpress.org/trunk@41318 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-25 23:27:55 +00:00
John Blackbourn
e7e9e5b3fb Build/Test tools: Remove usage of DOING_AJAX from the test suite, so all tests that expect either an Ajax request or a
non-Ajax request can operate without being skipped.

Props Mte90

Fixes #41561


git-svn-id: https://develop.svn.wordpress.org/trunk@41293 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-22 15:07:42 +00:00
John Blackbourn
9990abec14 Plugins: Introduce singular capabilities for activating and deactivating individual plugins.
This introduces the following meta capabilities:

* `activate_plugin`
* `deactivate_plugin`
* `deactivate_plugins`

The singular `activate_plugin` and `deactivate_plugin` capabilities are used along with the corresponding plugin name when
determining whether or not a user can activate or deactivate an individual plugin.

The plural `deactivate_plugins` capability is used in place of the existing `activate_plugins` capability when determining
whether a user can deactivate plugins.

Each of these new meta capabilities map to the existing `activate_plugins` primitive capability, which means there is no
change in existing behaviour, but plugins can now filter the capabilities required to activate and deactivate individual
plugins.

Fixes #38652 


git-svn-id: https://develop.svn.wordpress.org/trunk@41290 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-22 14:01:36 +00:00
John Blackbourn
8df2151660 General: Improve terminology used when referring to installations of WordPress and its extensions.
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.

This change fixes the usage in user-facing text and in developer documentation.

Fixes #41620


git-svn-id: https://develop.svn.wordpress.org/trunk@41289 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-22 11:51:11 +00:00
Boone Gorges
04b5965866 Introduce paged argument to WP_Comment_Query.
Using `paged` with `number` allows developers to request
paginated comment results without having to do a manual offset
calculation.

Props AdamWills.
Fixes #38268.

git-svn-id: https://develop.svn.wordpress.org/trunk@41287 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-21 15:34:19 +00:00
John Blackbourn
5d068e3149 Build/Test tools: Revert [41278] because the PHP 5.2 environment on Travis doesn't support OpenSSL, hence the tests fail.
See #41676


git-svn-id: https://develop.svn.wordpress.org/trunk@41279 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-20 12:58:59 +00:00
John Blackbourn
dcfe7794c6 Build/Test tools: Don't skip tests which rely on OpenSSL when the openssl extension isn't loaded.
See #41676


git-svn-id: https://develop.svn.wordpress.org/trunk@41278 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-20 12:30:26 +00:00
Felix Arntz
f16b2a650e Role/Capability: Introduce capabilities dedicated to installing and updating language files.
The new meta capabilities are called `install_languages` and `update_languages`. Prior to this change, there were no proper capability checks applied. Instead only the filesystem and related constants were checked, and for actual permissions a rather vague fallback was used where a user needed to have at least one of the other updating capabilities. In addition to being generally more verbose, the new capabilities make it possible for example to allow a user to update languages, but nothing else. By default they fall back to the original way of how they were handled.

Props johnbillion, flixos90.
Fixes #39677.


git-svn-id: https://develop.svn.wordpress.org/trunk@41268 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-18 18:30:28 +00:00
Felix Arntz
c56dd07a30 Post Thumbnails: Pass post ID to post_thumbnail_size filter.
In addition to the enhancement, tests for the filter usage including the new parameter have been added.

Props NathanAtmoz.
Fixes #39030.


git-svn-id: https://develop.svn.wordpress.org/trunk@41267 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-18 18:18:51 +00:00
Konstantin Obenland
677082be4b Widgets: Add tests for retrieve_widgets().
Helps with maintaining back compat when making changes in the future.

See #39693.



git-svn-id: https://develop.svn.wordpress.org/trunk@41266 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-18 15:03:43 +00:00
Gary Pendergast
e78fe9ec6d Tests: Rename ignored tests in multisite.xml.
For  bonus :yolo: :friday:, this repeats [41262] for `multisite.xml`, which duplicates the ignored file list from `phpunit.xml.dist`.

See #41658.



git-svn-id: https://develop.svn.wordpress.org/trunk@41263 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-18 10:59:38 +00:00
Gary Pendergast
243053dfd3 Tests: Rename tests with underscore in the name
There were a handful of files with an underscore in the name, which violated our naming scheme, and caused problems for anyone how enforced the scheme on their own systems.

This commit renames all of the files to the correct camelCase scheme.

Fixes #41658.



git-svn-id: https://develop.svn.wordpress.org/trunk@41261 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-18 09:57:12 +00:00
Weston Ruter
66ee109e0a Widgets: Prevent visual Text widget from decoding encoded HTML.
Also apply `the_editor_content` filters on widget `text` with `format_for_editor()` as is done for the post editor.

Amends [40631].
Props westonruter, azaozz.
See #35243.
Fixes #41596.


git-svn-id: https://develop.svn.wordpress.org/trunk@41260 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-17 23:36:53 +00:00
John Blackbourn
9cd6551e54 Options, Meta APIs: Update the multisite unit tests after [41254], [41164], and [41163].
This moves some more previously Multisite-only tests into the main test suite, and makes small adjustments to their assertions.

See #39118, #16470, #39117


git-svn-id: https://develop.svn.wordpress.org/trunk@41255 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-15 09:15:53 +00:00
Weston Ruter
242efb0a24 Widgets: Suppress PHP warnings raised by DOMDocument::loadHTML() in WP_Widget_Text::is_legacy_instance() which could appear in Text widget forms.
Also explicitly use HTML5 doctype when parsing Text widget contents in legacy mode detection.

Amends [41050].
See #40951.
Fixes #41622.


git-svn-id: https://develop.svn.wordpress.org/trunk@41251 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-14 05:58:23 +00:00
Weston Ruter
3c8584e87f Widgets: Fix extensibility of Text widgets so that JS logic will initialize on subclassed widgets.
Amends [40631].
See #35243.
Fixes #41540.


git-svn-id: https://develop.svn.wordpress.org/trunk@41245 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-13 05:24:14 +00:00
Weston Ruter
b4a8af7e35 Customize: Prevent _delete_option_fresh_site() from hitting DB if fresh_site flag already cleared.
Amends [38991].
Props dlh, westonruter.
Fixes #41039.


git-svn-id: https://develop.svn.wordpress.org/trunk@41244 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-13 00:56:24 +00:00
Weston Ruter
7bff33a6eb Customize: Fix PHP warning raised when deleting a setting from changeset via passing null as params in WP_Customize_Manager::save_changeset_post().
Props dlh.
Fixes #41621.


git-svn-id: https://develop.svn.wordpress.org/trunk@41243 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-12 21:20:23 +00:00
Felix Arntz
440c8692e3 Multisite: Remove references to $wpdb->siteid and use get_current_network_id() instead.
Props sathyapulse, spacedmonkey.
Fixes #41507.


git-svn-id: https://develop.svn.wordpress.org/trunk@41242 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-12 13:10:24 +00:00
James Nylen
d570de32ca REST API: Always call rest_get_server() instead of accessing the $wp_rest_server global.
This is a consistency improvement and also a bug fix for fairly obscure cases involving modified WP load order.

Fixes #41555.


git-svn-id: https://develop.svn.wordpress.org/trunk@41238 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-10 01:37:30 +00:00
Konstantin Obenland
d339af1bc1 Map nav menu locations on theme switch
This will send nav menu locations through three levels of mapping:
1. If both themes have only one location, that gets mapped.
2. If both themes have locations with the same slug, they get mapped.
3. Locations that (even partially) match slugs from a similar kind of menu location will get mapped.

Menu locations are mapped for Live Previews in the Customizer and during theme switches.

Props westonruter, obenland, welcher, melchoyce.
Fixes #39692.



git-svn-id: https://develop.svn.wordpress.org/trunk@41237 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-09 21:03:16 +00:00
John Blackbourn
3e5005c30c Media: Move the Tests_Media::test_video_shortcode_body() method so it runs before other tests in the class that depend on it.
The following tests were never executed as they have `@depends` annotations which means they get skipped because the `test_video_shortcode_body()` test has not run by the time they run. Re-ordering the test methods fixes this.

* `test_wp_video_shortcode_with_empty_params()`
* `test_wp_video_shortcode_with_bad_attr()`
* `test_wp_video_shortcode_attributes()`
* `test_wp_video_shortcode_youtube_remove_feature()`
* `test_wp_video_shortcode_youtube_force_ssl()`
* `test_wp_video_shortcode_vimeo_force_ssl_remove_query_args()`
* `test_wp_video_shortcode_vimeo_adds_loop()`
* `test_wp_video_shortcode_vimeo_force_adds_loop_true()`

See #35367


git-svn-id: https://develop.svn.wordpress.org/trunk@41229 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-04 14:05:27 +00:00
John Blackbourn
14ff8eb16b REST API: Populate some missing tests from test cases which extend the controller test case.
See #41463


git-svn-id: https://develop.svn.wordpress.org/trunk@41228 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-04 13:55:04 +00:00
Felix Arntz
1e9777c220 REST API: Allow site administrators to edit user roles in multisite.
While site administrators cannot generally edit users in multisite, they have always been able to change the roles of users on their site. In the REST API however, this has not been possible so far. This changeset brings parity with how it is handled in the administration panel: A REST request to edit only a user's roles succeeds correctly, while a REST request to edit any further details of a user fails.

Props jnylen0.
Fixes #40263.


git-svn-id: https://develop.svn.wordpress.org/trunk@41226 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-03 21:58:50 +00:00
flixos90
0dc1e0633b Multisite: Introduce a can_add_user_to_blog filter to prevent adding a user to a site.
Under certain circumstances, it can be necessary that a user should not be added to a site, beyond the restrictions that WordPress core applies. With the new `can_add_user_to_blog` filter, plugin developers can run custom checks and return an error in case of a failure, that will prevent the user from being added.

The user-facing parts and the REST API route that interact with `add_user_to_blog()` have been adjusted accordingly to provide appropriate error feedback when a user could not be added to a site. Furthermore, two existing error feedback messages in the site admin's "New User" screen have been adjusted to properly show inside an error notice instead of a success notice.

Props jmdodd.
Fixes #41101.


git-svn-id: https://develop.svn.wordpress.org/trunk@41225 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-03 21:40:02 +00:00
Andrea Fercia
814e1f5530 REST API: Make jshint happy again after [41222].
See #40919.


git-svn-id: https://develop.svn.wordpress.org/trunk@41224 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-03 20:35:38 +00:00
James Nylen
da5ece4d6d REST API: Exclude numeric parameters from regex parsing
The list of endpoint parameters should only include explicitly named and requested parameters.

Props flixos90, rmccue, jnylen0.
Fixes #40704.


git-svn-id: https://develop.svn.wordpress.org/trunk@41223 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-03 19:54:56 +00:00
James Nylen
4f4b7fd8d1 REST API: Add QUnit tests for api-request.js
These should have been included in [41206].

See #40919.


git-svn-id: https://develop.svn.wordpress.org/trunk@41222 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-03 19:46:48 +00:00
John Blackbourn
3aadc71579 General: Fix various instances of incorrect filter docs and incorrect filter and action parameters.
Props keesiemeijer for identifying the issues

See #38462


git-svn-id: https://develop.svn.wordpress.org/trunk@41219 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-03 15:42:45 +00:00
James Nylen
1c28b4a3c8 REST API: Allow overriding jQuery.ajax calls from within wp-admin
There are now 3 places where we call out to the REST API from within wp-admin.  This commit introduces a small library to allow overriding these calls, centralize nonce-passing logic, and eliminate the need to pass a full REST URL down to client code (this last feature is not yet used and will be explored in a separate ticket).

Fixes #40919.


git-svn-id: https://develop.svn.wordpress.org/trunk@41206 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-02 16:44:05 +00:00