Commit Graph

2363 Commits

Author SHA1 Message Date
John Blackbourn
6861a9aac0 Build/Test Tools: Correctly set up the current screen during list table tests so that they don't fail when run individually.
Props desrosj
Fixes #38761


git-svn-id: https://develop.svn.wordpress.org/trunk@39481 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-04 19:03:40 +00:00
Andrew Nacin
b16f57240e Build/Test Tools: Specify exact node version in package.json.
Enforce it in the tests.

see #35105.


git-svn-id: https://develop.svn.wordpress.org/trunk@39478 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-04 17:29:26 +00:00
Weston Ruter
06ee519376 Customize: Ensure a custom_css post insertion gets an initial post revision.
Props georgestephanis, westonruter.
See #30854, #38672, #35395.
Fixes #39032.


git-svn-id: https://develop.svn.wordpress.org/trunk@39477 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-04 17:28:27 +00:00
Andrew Nacin
4b2cbf6ac3 REST API: Register the admin_email setting in single site only.
See [39470]. This time including unit test changes.

fixes #38990.


git-svn-id: https://develop.svn.wordpress.org/trunk@39471 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-03 05:40:04 +00:00
Gary Pendergast
55e972cab3 REST API: Site URL setting should not be present on multisite installations.
The `siteurl` setting is registered and made available to the REST API. On a multisite installation, this setting is not configurable from the General Settings screen, but due to the above it is configurable from the REST API.

Props peterwilsoncc.
Fixes #39005.



git-svn-id: https://develop.svn.wordpress.org/trunk@39468 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-03 05:15:42 +00:00
Rachel Baker
8c26572c8a REST API: Fix bug where comment author and author email could be an empty string when creating a comment.
If the `require_name_email` option is true, creating a comment with an empty string for the author name or email should not be accepted.  Both values can be an empty string on update.

Props flixos90, hnle, dd32, rachelbaker, jnylen0, ChopinBach, joehoyle, pento.

Fixes #38971.


git-svn-id: https://develop.svn.wordpress.org/trunk@39444 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-02 22:43:03 +00:00
Rachel Baker
0de150991c REST API: Fix handling of some orderby parameters for the Posts controller.
- `'orderby' => 'include'` requires an array of post_ids via the `include` collection param.
`'orderby' => 'id'` and `'orderby' => 'slug'` need map the correct WP_Query equivalents. 

Props flixos90, hnle, dd32, rachelbaker, joehoyle, pento.

Fixes #38971.


git-svn-id: https://develop.svn.wordpress.org/trunk@39440 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-02 22:17:36 +00:00
Jeremy Felt
9232ecc9fc REST API: Disable DELETE requests for users in multisite.
In wp-admin, users are removed from individual sites rather than deleted. A user can only be deleted from the network admin.

Until support for a `PUT` request that removes a user's site and content associations is available, `DELETE` requests are disabled to avoid possible issues with lost content.

Props jnylen0, rachelbaker.
Fixes #38962.


git-svn-id: https://develop.svn.wordpress.org/trunk@39438 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-02 22:10:01 +00:00
Rachel Baker
a55506974e REST API: Return a WP_Error if meta property is not an array.
Fixes bug where a PHP Warning is currently thrown if a client sends a request where `meta` is not an array value.

Props timmydcrawford, jnylen0, rachelbaker, pento.
Fixes #38989.

git-svn-id: https://develop.svn.wordpress.org/trunk@39436 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-02 21:55:09 +00:00
Weston Ruter
511ba69e52 Customize: Fix posts limit query arg for WP_Query from incorrect number to posts_per_page.
Props dlh.
Fixes #39022.


git-svn-id: https://develop.svn.wordpress.org/trunk@39434 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-02 16:17:03 +00:00
Gary Pendergast
5ff3f14d78 Plugins: Add a current_priority() method to WP_Hook.
This allows plugins to determine the currently running priority of a filter.

Fixes #39007.



git-svn-id: https://develop.svn.wordpress.org/trunk@39430 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-02 07:09:33 +00:00
Gary Pendergast
d5bfeae9d8 REST API: Require the reassign parameter when deleting users.
When deleting a user through the WordPress admin, a specific decision is presented - whether to assign all of the user's posts to another user, or to delete all of the posts.

This change requires `reassign` as a parameter in the corresponding REST API endpoint, so that content isn't accidentally lost.

Props jeremyfelt.
Fixes #39000.



git-svn-id: https://develop.svn.wordpress.org/trunk@39426 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-02 06:53:59 +00:00
Weston Ruter
bdd33e9dff Customize: Reuse existing non-auto-draft posts and existing auto-draft posts in the customized state with matching slugs when applying starter content.
* Updates `wp_unique_post_slug()` to ignore `auto-draft` posts. Prevents publishing multiple posts that have the same slugs from starter content.
* Fixes fatal error when attempting to save an header_image setting from a non-admin context.
* Fixes substituting attachment symbols in options and theme mods.
* Fixes applying starter content for header images and background images.

See #38114.
Fixes #38928.


git-svn-id: https://develop.svn.wordpress.org/trunk@39411 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-02 00:24:19 +00:00
Weston Ruter
3e9a2d5a5a Customize: Reject a changeset update when a non-future date is provided and also ensure that a published changeset always gets set to the current date/time.
* Also moves checks from `customize_save` Ajax handler to the underlying `WP_Customize_Manager::save_changeset_post()` call which plugins may invoke directly.
* Ensures that `customize_save_response` filter is always passed an array, with error code available as `code`.

Props utkarshpatel, westonruter, sayedwp.
See #30937.
Fixes #38943.


git-svn-id: https://develop.svn.wordpress.org/trunk@39409 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-02 00:01:51 +00:00
Mike Schroder
352e997f92 Media: Fix regression with display of small images in media library.
Fixes a regression in the media library after [38949], which caused
small images (< thumbnail size) to not display within the media library.

Accounts for images that have no intermediate sizes
in `wp_prepare_attachment_for_js()`.

Adds test.

Fixes #38965.
Props joemcgill, clorith, mikeschroder.

git-svn-id: https://develop.svn.wordpress.org/trunk@39396 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-01 00:01:38 +00:00
Weston Ruter
79182c0fe2 Customize: Fix handling of the nav menu item labels (titles) that match defaults (original titles) and fix the display of item type labels.
* Show default labels for nav menu item as placeholders in a control's label field instead of showing blank.
* Store empty string as label instead of copying default labels.
* Prevent labels for post type archive items from being dropped in preview.
* Also ensure that the item type label is displayed on nav menu item controls for settings that are loaded from an existing changeset.

Amends [38618].
See #38015.
Fixes #38955.


git-svn-id: https://develop.svn.wordpress.org/trunk@39393 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-30 23:35:34 +00:00
Dominik Schilling (ocean90)
13fd32cc20 Options: Pass the $passed_default parameter to the 'default_option_{$option} filter in add_option().
This was missed in [38910].

Props joehoyle, lucasstark.
See #38176.
Fixes #38930.

git-svn-id: https://develop.svn.wordpress.org/trunk@39382 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-30 21:21:21 +00:00
James Nylen
74efb754fd REST API: Add test for creating a comment with an invalid post ID.
#38816 fixed creating a comment with an invalid post ID (this should not be
allowed), but we need a test for this.

Fixes #38991.


git-svn-id: https://develop.svn.wordpress.org/trunk@39375 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-30 16:21:38 +00:00
jnylen0
c716e604c5 REST API: Add tests for empty or "no-op" updates.
The API should allow updates that don't actually change anything.  This allows
clients to, for example, accidentally send the same request twice without
encountering unexpected errors.  This currently works for posts, terms, and
users, so this commit adds test cases accordingly.

See #38700 for issues preventing this from working for comments.

Fixes #38975.


git-svn-id: https://develop.svn.wordpress.org/trunk@39371 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-30 03:02:01 +00:00
Weston Ruter
9c39b16119 Customize: Fix logic for previewing the URL for nav_menu_item settings for terms and post type archives.
Fixes typo in args passed to `get_term_link()` which caused a fatal error due to this call returning a `WP_Error` which was set to `url`. Also fixes never-satisfiable condition for obtaining post type archive URL. Also ensures that `WP_Error` never leaks through as `url` by setting it to an empty string. Adds missing unit tests.

Amends [38991].
See #38114.
Fixes #38945.


git-svn-id: https://develop.svn.wordpress.org/trunk@39365 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-27 03:04:35 +00:00
John Blackbourn
8b1afc4743 Build/Test Tools: Add an extra WP_Error assertion when testing a valid user activation key. This provides a better failure message if the assertion does fail.
See #38716


git-svn-id: https://develop.svn.wordpress.org/trunk@39364 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-27 01:24:58 +00:00
John Blackbourn
25ede80cab Build/Test Tools: When testing the output of wp_list_pages(), use a known and fixed date for each post so the tests don't fail when the date changes between the beginning and end of a test.
Props xrmx
Fixes #38688


git-svn-id: https://develop.svn.wordpress.org/trunk@39363 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-27 00:07:49 +00:00
Joe Hoyle
a1c2caa4e3 REST API: Special case the “standard” post format to always be allowed.
Fixes #38916.

git-svn-id: https://develop.svn.wordpress.org/trunk@39353 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-24 00:07:50 +00:00
joehoyle
7dc75c29f6 REST API: Allow unsetting a post’s password.
Props danielbachhuber, iseulde.
Fixes #38919.

git-svn-id: https://develop.svn.wordpress.org/trunk@39352 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-23 23:12:05 +00:00
Weston Ruter
8bcbe1a35c Customize: Refactor logic for updating custom_css posts by introducing wp_update_custom_css_post() function and renaming update filter.
* Moves logic from `WP_Customize_Custom_CSS_Setting::update()` into a re-usable `wp_update_custom_css_post()` function, useful for future REST API endpoint, WP-CLI command, or plugin migrations.
* Renames `customize_update_custom_css_post_content_args` filter to `update_custom_css_data` and improves the naming of the parameters. Instead of passing `post_content` and `post_content_filtered` the filtered array now contains `css` and `preprocessed` respectively. 
* The second context param for the `update_custom_css_data` filter is now an array of the original args passed to `wp_update_custom_css_post()` and there is now no more `$setting` arg since it isn't necessarily being called in the customizer context.

Props westonruter, georgestephanis.
See #35395.
Fixes #38672.


git-svn-id: https://develop.svn.wordpress.org/trunk@39350 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-23 17:33:21 +00:00
Joe Hoyle
5d7118d63e REST API: Add support for comments of password-protected posts.
Core requires the post password to view and create comments on password protected posts, so we must support a “password” param on the comments endpoint when fetch comments for a specific post and creating a comment on a password protected post.

Props flixos90, jnylen0.
Fixes #38692.

git-svn-id: https://develop.svn.wordpress.org/trunk@39349 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-23 16:14:08 +00:00
Helen Hou-Sandi
f3a59f8632 Theme starter content: Add support for featured images and page templates.
Featured image support means that attachments can now be imported. Media can be sideloaded from within theme or plugin directories. Like other posts, attachments are auto-drafts until customizer changes are published, and are not duplicated when they already exist in the customized state. Attachment IDs can be used for any number of purposes, much like post IDs. Twenty Seventeen now includes 3 images used as featured images to best showcase the multi-section homepage setup.

As featured image IDs are stored in post meta, it also made sense to add support for page templates. Twenty Seventeen does not include any such templates, but the functionality can be quite important for displaying themes to their best effect.

props westonruter, helen, flixos90.
fixes #38615.


git-svn-id: https://develop.svn.wordpress.org/trunk@39346 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-23 09:52:27 +00:00
Joe Hoyle
e606bc36c1 REST API: Allow unsetting of page templates in update requests.
Sending a request to update a page with the template property set to an empty string resulted in an error because “” was not a valid value in the enum.

Props lucasstark, swissspidy.
Fixes #38877.

git-svn-id: https://develop.svn.wordpress.org/trunk@39343 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-23 02:46:42 +00:00
Rachel Baker
6028062ade REST API: Set the comment type to a readonly property in the schema.
Document the type property as `readonly` and remove the default value. After #38820 it is no longer possible to set the type property on a comment to anything a custom type.

Props jnylen0, rachelbaker.
Fixes #38886.

git-svn-id: https://develop.svn.wordpress.org/trunk@39337 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-21 22:55:33 +00:00
Weston Ruter
f21e17dbf0 Customize: Remove iframe-specific behaviors from customize preview when previewing on frontend and not contained inside iframe.
* Strip out `customize_messenger_channel` from preview window URL when not contained in iframe.
* Allow interacting with unpreviewable links and forms when previewing customized state on frontend.

See #30937.
Fixes #38867.


git-svn-id: https://develop.svn.wordpress.org/trunk@39332 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-21 16:55:20 +00:00
Dominik Schilling (ocean90)
257026f7a3 I18N: In wp_dropdown_languages() rename the new show_site_locale_default argument to show_option_site_default.
This makes it consistent with arguments of other `wp_dropdown_*()` functions.

Props SergeyBiryukov.
See #38632.
Fixes #38871.

git-svn-id: https://develop.svn.wordpress.org/trunk@39331 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-21 16:14:01 +00:00
Dominik Schilling (ocean90)
e2f67203bb I18N: Add an additional caching layer for _load_textdomain_just_in_time().
Previously, if no translation files exist for a text domain, `_load_textdomain_just_in_time()` went through the entire process each time it was called. This results in an increased call to `get_locale()` and its `locale` filter.
This change splits the logic into `_get_path_to_translation()` and `_get_path_to_translation_from_lang_dir()`. The former, which is used by `_load_textdomain_just_in_time()`, caches the result of the latter. It also removes some non-working code from `WP_Locale_Switcher::load_translations()`.

Props jrf, swissspidy, sharkomatic, ocean90.
Fixes #37997.

git-svn-id: https://develop.svn.wordpress.org/trunk@39330 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-21 16:06:38 +00:00
Ryan McCue
096f23db65 REST API: Correctly map meta keys to field names.
This accidentally assumed $name was the same as $meta_key, which ruined the whole point of $name.

Props tharsheblows, joehoyle.
Fixes #38786.


git-svn-id: https://develop.svn.wordpress.org/trunk@39328 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-21 05:40:46 +00:00
Ryan McCue
4b275bf861 REST API: Disable anonymous commenting by default.
Adding a brand new anonymous comment method is a potential conduit for spam. Since it's still useful functionality, we're now hiding it behind a filter to allow plugins and themes to turn it on if they do want it.

Props helen, rachelbaker, joehoyle.
Fixes #38855.


git-svn-id: https://develop.svn.wordpress.org/trunk@39327 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-21 05:31:07 +00:00
Weston Ruter
bf07e57e4b Customize: Ensure that WP_Customize_Manager::save_changeset_post() returns setting_validities even for supplied values that are unchanged from values in changeset.
Check setting existence and authorization via `WP_Customize_Manager::validate_setting_values()` even for `null` values to account for custom params being added to settings, preventing failures from being silently ignored.

See #38705, #30937.
Fixes #38865.


git-svn-id: https://develop.svn.wordpress.org/trunk@39320 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-19 22:38:40 +00:00
Weston Ruter
68b9b45548 Customize: Ensure WP_Customize_Setting::value() returns previewed value for custom types utilizing the customize_value_{$id_base} filter.
Fixes #38864.


git-svn-id: https://develop.svn.wordpress.org/trunk@39318 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-19 05:59:12 +00:00
Rachel Baker
aa4af7839e REST API: On Comment create, limit the ability to set the author_ip value directly.
Users without the moderate_comments capability can no longer set the `author_ip` property directly, and instead receive a `WP_Error` if they attempt to do so. Otherwise, the `author_ip property` is populated from `$_SERVER['REMOTE_ADDR']` if present and a valid IP value. Finally, fallback to 127.0.0.1 as a last resort.

Props dd32, rachelbaker, joehoyle.
Fixes #38819.

git-svn-id: https://develop.svn.wordpress.org/trunk@39302 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-18 21:12:03 +00:00
Joe Hoyle
ba5a196d9e REST API: Change “ipv4” types to “ip” to support ipv6.
Stop presuming IP address are IPv4, instead make the type “ip” to be agnostic of IP version. This fixes requests with ipv6 addresses for comments in core.

Props dd32, schlessera, danielbachhuber.
Fixes #38818.

git-svn-id: https://develop.svn.wordpress.org/trunk@39296 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-18 19:32:03 +00:00
Joe Hoyle
db07183b6f REST API: Check read permissions on posts when viewing comments.
With a few tests for getting / creating comments to reflect core behaviour.

Props timmyc.

git-svn-id: https://develop.svn.wordpress.org/trunk@39295 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-18 19:06:26 +00:00
Rachel Baker
2916ca534c REST API: Add test case for users/me endpoint that the context param defaults to view.
Props danielbachhuber.
See #38842.

git-svn-id: https://develop.svn.wordpress.org/trunk@39293 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-18 18:58:25 +00:00
Rachel Baker
7552367e7a REST API: Remove the karma property and query parameter from the Comments endpoints.
WordPress has not used the `karma` property internally for the past 8 years. There is no need to expose it in the REST API endpoints. Sites that use `karma` can include it using the `register_rest_field()` function.

Props dd32, danielbachhuber.
Fixes #38821.

git-svn-id: https://develop.svn.wordpress.org/trunk@39292 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-18 18:52:19 +00:00
Rachel Baker
f553ad6277 REST API: On comment create, return an error if the type property is set to anything other than comment.
Of the default comment_types, only comments are expected to be created via the REST API endpoint. Comments do not have registered types the way that Posts do, so we do not have a method to accurately check permissions for arbitrary comment types.

Props dd32, boonebgorges, rachelbaker.
Fixes #38820.

git-svn-id: https://develop.svn.wordpress.org/trunk@39290 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-18 18:36:10 +00:00
Rachel Baker
659822098a REST API: Allow parent property to be explicitly set to 0 when creating or updating a Post.
Props lucasstark, danielbachhuber.
Fixes #38852.

git-svn-id: https://develop.svn.wordpress.org/trunk@39289 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-18 18:11:49 +00:00
Rachel Baker
ff38fc46e4 REST API: On comment create, return an error if the post parameter does not relate to a valid WP_Post object.
Return a `WP_Error` object for attempts to create a comment without an empty or invalid `post` ID.

Props dd32, jnylen0, rachelbaker.
Fixes #38816.

git-svn-id: https://develop.svn.wordpress.org/trunk@39288 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-18 16:55:03 +00:00
Rachel Baker
cceb9a6053 REST API: On comment create, fallback to the user_agent header value.
If a user-agent is not explicitly provided in the `author_user_agent` parameter, fallback to the `user_agent` value in the request header.

Props dd32, jnylen0, rachelbaker.
Fixes #38817.

git-svn-id: https://develop.svn.wordpress.org/trunk@39287 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-18 16:21:27 +00:00
Sergey Biryukov
f493ebb369 Taxonomy: Prevent wp_list_categories() from producing not well-nested output if hide_title_if_empty is true.
Props chesio.
Fixes #38839. See #33460.

git-svn-id: https://develop.svn.wordpress.org/trunk@39280 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-17 18:01:13 +00:00
Weston Ruter
a3b66814a7 Customize: Add unit tests for importing theme starter content.
Props welcher, westonruter.
See #38114, #38533, #38615.
Fixes #38540.


git-svn-id: https://develop.svn.wordpress.org/trunk@39276 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-17 08:17:57 +00:00
Gary Pendergast
365241878f Database: Add support for LIKE-escaped tables in ::get_table_from_query().
The `SHOW TABLES LIKE` query can be used to search for tables that match a pattern, `wp\_123\_%`, for example. While this isn't the name of an actual table, the `wp_123_` prefix can be used by database drop-ins to direct the query correctly. This change removes the escaping and `%` modifier, to provide this usable prefix.

Props andy, pento.
Fixes #38751.



git-svn-id: https://develop.svn.wordpress.org/trunk@39275 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-17 04:20:22 +00:00
Boone Gorges
206a330d72 Comments: Query used to fill comment descendants should reset 'offset' and 'number' params.
Descendant queries should not inherit the 'offset' and 'number'
parameters of the parent query, or descendants will be missed.

Previously: [38497].

See #37696.

git-svn-id: https://develop.svn.wordpress.org/trunk@39274 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-17 03:02:40 +00:00
Sergey Biryukov
a9b4305084 Tests: Add a missing $message argument for assertEquals() in [39265].
See #23626.

git-svn-id: https://develop.svn.wordpress.org/trunk@39267 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-16 13:42:03 +00:00
Sergey Biryukov
701b2d23f2 Tests: Use assertEquals()' native functionality for delta comparison in test_wp_convert_bytes_to_hr().
See #23626.

git-svn-id: https://develop.svn.wordpress.org/trunk@39265 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-16 13:14:44 +00:00
Peter Wilson
55fd899391 Themes: Remove front page restriction from video header functions.
Adds a callback for determining when video headers should be displayed in themes supporting custom headers. By default, video headers are only displayed on the front page of a site.

Theme authors may set a custom callback by passing `'video-active-callback' => 'mytheme_video_active_callback'` as an argument. The default callback is `is_front_page()`.

This introduces the new function `is_header_video_active()` - returns `true` on pages that should display video headers. The return value can be filtered using the new filter of the same name.

Props flixos90, bradyvercher, peterwilsoncc, joemcgill.
Fixes #38738.


git-svn-id: https://develop.svn.wordpress.org/trunk@39240 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-15 07:15:20 +00:00
Peter Wilson
f62112fa16 Posts, Post Types: Improve sanitisation of templates' post types.
Prevents post type templates ignoring post types due to invalid characters. Each entry in the `Template Post Type` comment is run through `sanitize_key()` to match the sanitisation used by `register_post_type()`.

Fixes #38766.


git-svn-id: https://develop.svn.wordpress.org/trunk@39236 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-15 03:36:13 +00:00
Joe Hoyle
58169b04fa REST API: Validate and Sanitize registered meta based off the schema.
With the addition of Array support in our schema validation functions, it's now possible to use these in the meta validation and sanitization steps. Also, this increases the test coverage of using registered via meta the API significantly.

Fixes #38531.
Props rachelbaker, tharsheblows.


git-svn-id: https://develop.svn.wordpress.org/trunk@39222 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-14 16:35:35 +00:00
Ryan McCue
ecb1e33d0d REST API: Improve validation for usernames and passwords.
Also improves the slashing of user data in the REST API to avoid data loss.

Props jnylen0.
Fixes #38739.


git-svn-id: https://develop.svn.wordpress.org/trunk@39219 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-14 07:12:31 +00:00
Weston Ruter
c68c1c8ec7 Customize: Improve extensibility of Custom CSS.
* Add `customize_value_custom_css` filter to `WP_Customize_Custom_CSS::value()` method.
* Introduce `customize_update_custom_css_post_content_args` filter in `WP_Customize_Custom_CSS::update()` method.
* Make clear that `wp_get_custom_css()` and `wp_get_custom_css` filter are specifically for obtaining the value to render/display. Eliminate use of `wp_get_custom_css()` when getting the setting value. Use the underlying `post_value` directly when `is_previewed`.
* Move anonymous functions handing JS previewing for `custom_logo`, `custom_css`, and `background` into named functions on the `wp.customize.settingPreviewHandlers` to allow plugins to override/extend preview logic.
* Update `_custom_background_cb` to always print a `style` tag wen in the customizer preview, and update background preview logic to replace existing style element instead of appending a new style to the head so that background changes don't unexpectedly override any Custom CSS in the preview's stylesheet cascade.

Props westonruter, georgestephanis.
See #22058.
Fixes #38672.


git-svn-id: https://develop.svn.wordpress.org/trunk@39209 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-13 02:42:04 +00:00
Joe Hoyle
08c7dddc41 REST API: Allow updating a comment without the content present.
For all resources in the REST API, sending partial updates is supported. This fixes needing to _always_ specify comment content.

Props jnylen.
Fixes #38720.


git-svn-id: https://develop.svn.wordpress.org/trunk@39196 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-10 03:34:30 +00:00
Joe Hoyle
5309ebbbaa REST API: Fix test for unfiltered_html under multisite.
See #38726.


git-svn-id: https://develop.svn.wordpress.org/trunk@39193 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-10 02:47:48 +00:00
Joe Hoyle
c67401baf1 REST API: Add rest_base to response objects of wp/v2/taxonomies and wp/v2/types
Though we have the `_links.collection` available, having this value can be useful to know post type / taxonomy urls if you need to build them another way.

Props youknowriad, jnylen0.
Fixes #38607.


git-svn-id: https://develop.svn.wordpress.org/trunk@39191 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-10 02:20:09 +00:00
Joe Hoyle
ec2ffb45c1 REST API: unfiltered_html and slashing: terms.
Follow-up to #38609 and #38704; handle slashes correctly for taxonomy terms.

Props westonruter, jnylen0.
Fixes #38726, see #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39190 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-10 02:09:40 +00:00
John Blackbourn
09e332c301 Build/Test Tools: Re-use a bunch of fixtures in test classes for user and XMLRPC tests.
Shaves a couple of seconds off of the tests.

See #30017, #38716


git-svn-id: https://develop.svn.wordpress.org/trunk@39189 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-10 01:53:08 +00:00
Weston Ruter
5fb093bfe6 Customize: Split out custom_css query logic from wp_get_custom_css() into a re-usable wp_get_custom_css_post() function to also be used when updating.
Props georgestephanis, westonruter.
See #38672, #35395.


git-svn-id: https://develop.svn.wordpress.org/trunk@39185 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 20:42:22 +00:00
Ryan McCue
446dc73042 REST API: Include template in all post type schemas.
[38951] added templates to all post types, but didn't add them to the schema.

Props swissspidy.
Fixes #38698.


git-svn-id: https://develop.svn.wordpress.org/trunk@39182 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 07:12:01 +00:00
Weston Ruter
8a0c502703 Customize: Store modifying user ID with setting change written into changeset and restore current user when setting is being saved.
Restoring the current user context when saving a setting ensures filters apply as expected, such as Kses. When a user is not associated with a given setting change, continue to override `capability` to be `exist` when saving. Skip overwriting setting values in a changeset that have not changed, facilitating concurrent editing and amending a changeset by a user with fewer privileges.

See #30937.
Fixes #38705.


git-svn-id: https://develop.svn.wordpress.org/trunk@39181 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 07:02:53 +00:00
Weston Ruter
865f3633f4 Customize: Prevent post_content and post_name from being modified when trashing customize_changeset posts.
See #30937.
Fixes #38719.


git-svn-id: https://develop.svn.wordpress.org/trunk@39180 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 05:44:14 +00:00
Ryan McCue
c20af6e31f Roles/Capabilities: Add meta-caps for comment, term, and user meta.
Additionally, use these meta-caps in the REST API endpoints.

Previously, register_meta()'s auth_callback had no effect for non-post meta. This introduces `{add,edit,delete}_{comment,term,user}_meta` meta-caps to match the existing post meta capabilities. These are currently only used in the REST API.

Props tharsheblows, boonebgorges.
Fixes #38303, fixes #38412.


git-svn-id: https://develop.svn.wordpress.org/trunk@39179 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 03:41:07 +00:00
Weston Ruter
cebc30dd67 Customize: Rename remaining instances unfiltered_css meta capability to edit_css in unit tests.
Amends [39175].
See #38672, #35395.


git-svn-id: https://develop.svn.wordpress.org/trunk@39178 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 01:47:50 +00:00
Ryan McCue
cd5572b67a REST API: Fire correct hooks when creating users on multiste.
`add_user_to_blog()` is now called, ensuring the correct hooks are called, along with setting the primary blog and clearing relevant caches.

Props jeremyfelt.
Fixes #38526.


git-svn-id: https://develop.svn.wordpress.org/trunk@39177 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 01:34:56 +00:00
Weston Ruter
b20cda2d4b Customize: Rename unfiltered_css meta capability to edit_css; add revisions support to custom_css post type.
Props lukecavanagh, georgestephanis, westonruter.
See #38672, #35395.


git-svn-id: https://develop.svn.wordpress.org/trunk@39175 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 01:11:49 +00:00
John Blackbourn
61fa0a69d6 Build/Test Tools: Utilise assertWPError() and assertNotWPError() in more places.
See #38716


git-svn-id: https://develop.svn.wordpress.org/trunk@39174 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 00:01:42 +00:00
John Blackbourn
5ab2a22a38 Build/Test Tools: Utilise assertFileExists() and assertFileNotExists() in more places.
See #38716


git-svn-id: https://develop.svn.wordpress.org/trunk@39173 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 23:49:11 +00:00
John Blackbourn
52a834a6d8 Themes: Re-use fixtures in the wp_get_document_title() tests.
See #38716


git-svn-id: https://develop.svn.wordpress.org/trunk@39172 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 23:31:45 +00:00
Aaron Jorbin
5cb18b6c38 Posts, Post Types: Fix themes tests broken in [39168]
[39168] introduced a new theme to the tests, but it wasn't taken into account in Tests_Theme_ThemeDir::test_theme_list.

See #38696.



git-svn-id: https://develop.svn.wordpress.org/trunk@39170 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 23:22:23 +00:00
Pascal Birchler
21e874e00a I18N: Add ability to change user's locale back to site's locale.
Previously there was no way to remove the user locale setting again, even though that might be desirable.

This adds a new 'Site Default' option to the user-specific language setting by introducing a new `show_site_locale_default` argument to `wp_dropdown_languages()`.

Props ocean90.
See #29783.
Fixes #38632.

git-svn-id: https://develop.svn.wordpress.org/trunk@39169 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 23:00:38 +00:00
Pascal Birchler
5f610350e1 Posts, Post Types: Fix post type templates with child themes.
After [38951] added support for post type templates beyond pages, this fixes an issue where an empty meta box would be shown when using child themes.

Fixes #38696.

git-svn-id: https://develop.svn.wordpress.org/trunk@39168 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 22:40:28 +00:00
Pascal Birchler
4b3e128140 Date/Time: Improve date_i18n() timezone tests.
This uses a timezone without DST for the tests covering `date_i18n()`.

Fixes #37910.

git-svn-id: https://develop.svn.wordpress.org/trunk@39167 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 22:31:51 +00:00
Joe Hoyle
6fd4d6e0ea REST API: Remove rest_get_post filter and get_post abstraction.
This filter was originally introduced in https://github.com/WP-API/WP-API/pull/2535 to support Customizer Changesets (née Transactions). This is a super broad filter and doesn't really fit with the design of the API, nor is it (arguably) the right level to do this.

Props rmccue.
Fixes #38701.


git-svn-id: https://develop.svn.wordpress.org/trunk@39161 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 13:08:49 +00:00
Ryan McCue
2eca6870b9 REST API: Remove more emoji from tests.
More from [39156].

See #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39160 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 07:38:40 +00:00
Ryan McCue
0bbeaf7b15 REST API: Embiggen the test email address.
We no longer want a@b.c to be valid, so let's make it a@b.co instead.

Props dd32.
See #38506.


git-svn-id: https://develop.svn.wordpress.org/trunk@39159 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 06:45:26 +00:00
Ryan McCue
08efd7b636 REST API: Require 6 characters for comment email addresses.
The regular comments API requires 6 characters rather than 3, so we need to match this.

Props mangeshp, dd32.
Fixes #38506.


git-svn-id: https://develop.svn.wordpress.org/trunk@39158 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 06:41:57 +00:00
Ryan McCue
e74994b2f4 REST API: Respect unfiltered_html for HTML comment fields.
Same as [39155], but for comments, natch.

Props jnylen0.
Fixes #38704, see #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39157 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 06:35:51 +00:00
Ryan McCue
2212d62d83 REST API: Remove ship emoji from slashing tests.
Introduced in [39155], but not necessary for the slashing tests. These fail on 5.3, which encodes the emoji as HTML entities.

Props dd32.
See #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39156 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 06:25:36 +00:00
Ryan McCue
074d204c12 REST API: Respect unfiltered_html for HTML post fields.
This necessitates a change to our slashing code as well. Ah slashing, the cause of, and solution to, all of life's problems.

Props jnylen0.
Fixes #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39155 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 05:54:22 +00:00
Ryan McCue
f6e433b250 REST API: Change attachment caption & description to objects.
Just like excerpt and content for regular posts, these have transformations applied that can make the content significantly different from the raw value.

Props jnylen0.
Fixes #38679.


git-svn-id: https://develop.svn.wordpress.org/trunk@39154 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 04:28:47 +00:00
Weston Ruter
1207af99d4 Customize: Move Custom CSS control placeholder help text to setting default value.
The `WP_Customize_Custom_CSS_Setting::value()` method now returns the `default` if `wp_get_custom_css()` returns empty.

Props westonruter, afercia, helen.
See #35395.
Fixes #38685.


git-svn-id: https://develop.svn.wordpress.org/trunk@39151 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-07 18:12:28 +00:00
Ella van Dorpe
c78f002ae6 TinyMCE: wptextpattern: Fix inline patterns.
* Allow spaces inside inline pattern text, unless the delimiter stands alone.
* Add more unit tests.
* Add more inline docs.

Part props azaozz.
Fixes #37693.



git-svn-id: https://develop.svn.wordpress.org/trunk@39150 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-06 23:37:09 +00:00
Helen Hou-Sandi
f7e5811287 Customize: Revert theme install feature.
This is a great goal for core, and is close, but it is not in shape to be shipped for 4.7 and there is not enough time left in the development cycle to alter and polish sufficiently. There are bugs, but more than that, there are more fundamental questions around the use of existing UI, general UX, and how findable themes are (not) on the .org side.

see #37661.


git-svn-id: https://develop.svn.wordpress.org/trunk@39140 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-04 15:53:01 +00:00
Weston Ruter
ef33fd1841 Customize: Ensure page/post stubs are included in listings and searches for available nav menu items.
Include the customized state in the Ajax requests to load items and search items.

See #38573.
Fixes #38122.


git-svn-id: https://develop.svn.wordpress.org/trunk@39138 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-04 07:23:49 +00:00
Weston Ruter
d6c217886a Customize: Combine Ajax requests for initial load of available nav menu items into a single request.
When there are many post types registered, prevent Ajax requests from piling up and slamming WordPress with concurrent requests.

Props curdin, westonruter.
Fixes #36697.


git-svn-id: https://develop.svn.wordpress.org/trunk@39137 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-04 06:03:51 +00:00
Pascal Birchler
8a08cfc840 I18N: Use the user's locale when loading text domains in the admin.
Leverages `get_user_locale()` in `load_*_textdomain()` and `_load_textdomain_just_in_time()` to always load translations in the user's language when in the admin.

This re-introduces [39069], but now with additional tests and a `function_exists( 'wp_get_current_user' )` check in `get_user_locale()` in case it gets used early.

Props swissspidy, ocean90.
Fixes #38485.

git-svn-id: https://develop.svn.wordpress.org/trunk@39127 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 20:07:08 +00:00
Rachel Baker
4757546045 REST API: Modify the structure of our DELETE responses to be more explicit.
Add the `deleted` property to the root of the Response object to communicate if the delete action was successful. Move the state of the resource prior to the delete request under a new `previous` property.  As a result DELETE responses are now structured like so:
 `{ deleted: true, previous: { ... } }`

Also includes helpful information to DELETE requests for resources that are not trashable.

Props timmydcrawford, rmccue, jnylen0.
Fixes #38494.

git-svn-id: https://develop.svn.wordpress.org/trunk@39126 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 20:04:59 +00:00
Pascal Birchler
b7cfad8697 I18N: Move load_textdomain() tests to separate file.
See #38485.

git-svn-id: https://develop.svn.wordpress.org/trunk@39125 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 19:56:53 +00:00
Joe Hoyle
f784a0481b REST API: Return error when JSON decoding fails.
If you send a request to the REST API with invalid JSON in body than it will now return a error. This assists developers if they accidentally send invalid JSON and wonder why their data appears to be ignored.

Props rmccue.
Fixes #38547.


git-svn-id: https://develop.svn.wordpress.org/trunk@39109 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 04:04:41 +00:00
Rachel Baker
973ade2a28 REST API: Return a WP_Error when a user does not have permission to create or update a post with the provided terms.
Add the 'assign_term' check for post create and update.

Props boonebgorges, johnbillion.
Fixes #38505.

git-svn-id: https://develop.svn.wordpress.org/trunk@39108 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 03:15:28 +00:00
Rachel Baker
baf52c815a REST API: Clean-up our validation callbacks and add missing array items properties in our endpoint schemas.
Props joehoyle, jnylen0.
Fixes #38617.

git-svn-id: https://develop.svn.wordpress.org/trunk@39105 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 02:17:39 +00:00
Joe Hoyle
25b892c1ca REST API: Support querying for multiple post statuses.
Multiple post statuses can be specified by the usual CSV or array-propper format.

Props jnylen0, kadamwhite, websupporter.
Fixes #38420.


git-svn-id: https://develop.svn.wordpress.org/trunk@39104 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 01:45:48 +00:00
Rachel Baker
c962a98980 REST API: Return an error when the length of a comment field is too long.
Introduces `wp_check_comment_data_max_lengths()` which allows both the REST API comments endpoints and `wp_handle_comment_submission()` to check the length of the comment content, author name, author url, and author email fields against their respective database columns.

Props rachelbaker, mangeshp, salcode, pento.
Fixes #38477.

git-svn-id: https://develop.svn.wordpress.org/trunk@39101 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 01:11:30 +00:00
Joe Hoyle
082151025e REST API: Include taxonomies as an attribute of post types.
Add the taxonomies for a post type to the `/wp/v2/types` endpoint, so clients know which taxonomies are available for which post types.

Props danielbachhuber.
Fixes #38438, #38631.


git-svn-id: https://develop.svn.wordpress.org/trunk@39097 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 21:50:08 +00:00
Joe Hoyle
e78230b39a REST API: Add en_US to the locales enum.
Props ocean90.
Fixes #38528. 


git-svn-id: https://develop.svn.wordpress.org/trunk@39096 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 21:20:12 +00:00
Dominik Schilling (ocean90)
4dfb71c3b5 Query: Add tests for WP_Query::is_single() and get_body_class() with attachments.
See [39052]
See #38225.

git-svn-id: https://develop.svn.wordpress.org/trunk@39095 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 19:22:17 +00:00