Commit Graph

2260 Commits

Author SHA1 Message Date
Joe Hoyle
58169b04fa REST API: Validate and Sanitize registered meta based off the schema.
With the addition of Array support in our schema validation functions, it's now possible to use these in the meta validation and sanitization steps. Also, this increases the test coverage of using registered via meta the API significantly.

Fixes #38531.
Props rachelbaker, tharsheblows.


git-svn-id: https://develop.svn.wordpress.org/trunk@39222 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-14 16:35:35 +00:00
Ryan McCue
ecb1e33d0d REST API: Improve validation for usernames and passwords.
Also improves the slashing of user data in the REST API to avoid data loss.

Props jnylen0.
Fixes #38739.


git-svn-id: https://develop.svn.wordpress.org/trunk@39219 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-14 07:12:31 +00:00
Weston Ruter
c68c1c8ec7 Customize: Improve extensibility of Custom CSS.
* Add `customize_value_custom_css` filter to `WP_Customize_Custom_CSS::value()` method.
* Introduce `customize_update_custom_css_post_content_args` filter in `WP_Customize_Custom_CSS::update()` method.
* Make clear that `wp_get_custom_css()` and `wp_get_custom_css` filter are specifically for obtaining the value to render/display. Eliminate use of `wp_get_custom_css()` when getting the setting value. Use the underlying `post_value` directly when `is_previewed`.
* Move anonymous functions handing JS previewing for `custom_logo`, `custom_css`, and `background` into named functions on the `wp.customize.settingPreviewHandlers` to allow plugins to override/extend preview logic.
* Update `_custom_background_cb` to always print a `style` tag wen in the customizer preview, and update background preview logic to replace existing style element instead of appending a new style to the head so that background changes don't unexpectedly override any Custom CSS in the preview's stylesheet cascade.

Props westonruter, georgestephanis.
See #22058.
Fixes #38672.


git-svn-id: https://develop.svn.wordpress.org/trunk@39209 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-13 02:42:04 +00:00
Joe Hoyle
08c7dddc41 REST API: Allow updating a comment without the content present.
For all resources in the REST API, sending partial updates is supported. This fixes needing to _always_ specify comment content.

Props jnylen.
Fixes #38720.


git-svn-id: https://develop.svn.wordpress.org/trunk@39196 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-10 03:34:30 +00:00
Joe Hoyle
5309ebbbaa REST API: Fix test for unfiltered_html under multisite.
See #38726.


git-svn-id: https://develop.svn.wordpress.org/trunk@39193 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-10 02:47:48 +00:00
Joe Hoyle
c67401baf1 REST API: Add rest_base to response objects of wp/v2/taxonomies and wp/v2/types
Though we have the `_links.collection` available, having this value can be useful to know post type / taxonomy urls if you need to build them another way.

Props youknowriad, jnylen0.
Fixes #38607.


git-svn-id: https://develop.svn.wordpress.org/trunk@39191 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-10 02:20:09 +00:00
Joe Hoyle
ec2ffb45c1 REST API: unfiltered_html and slashing: terms.
Follow-up to #38609 and #38704; handle slashes correctly for taxonomy terms.

Props westonruter, jnylen0.
Fixes #38726, see #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39190 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-10 02:09:40 +00:00
John Blackbourn
09e332c301 Build/Test Tools: Re-use a bunch of fixtures in test classes for user and XMLRPC tests.
Shaves a couple of seconds off of the tests.

See #30017, #38716


git-svn-id: https://develop.svn.wordpress.org/trunk@39189 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-10 01:53:08 +00:00
Weston Ruter
5fb093bfe6 Customize: Split out custom_css query logic from wp_get_custom_css() into a re-usable wp_get_custom_css_post() function to also be used when updating.
Props georgestephanis, westonruter.
See #38672, #35395.


git-svn-id: https://develop.svn.wordpress.org/trunk@39185 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 20:42:22 +00:00
Ryan McCue
446dc73042 REST API: Include template in all post type schemas.
[38951] added templates to all post types, but didn't add them to the schema.

Props swissspidy.
Fixes #38698.


git-svn-id: https://develop.svn.wordpress.org/trunk@39182 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 07:12:01 +00:00
Weston Ruter
8a0c502703 Customize: Store modifying user ID with setting change written into changeset and restore current user when setting is being saved.
Restoring the current user context when saving a setting ensures filters apply as expected, such as Kses. When a user is not associated with a given setting change, continue to override `capability` to be `exist` when saving. Skip overwriting setting values in a changeset that have not changed, facilitating concurrent editing and amending a changeset by a user with fewer privileges.

See #30937.
Fixes #38705.


git-svn-id: https://develop.svn.wordpress.org/trunk@39181 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 07:02:53 +00:00
Weston Ruter
865f3633f4 Customize: Prevent post_content and post_name from being modified when trashing customize_changeset posts.
See #30937.
Fixes #38719.


git-svn-id: https://develop.svn.wordpress.org/trunk@39180 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 05:44:14 +00:00
Ryan McCue
c20af6e31f Roles/Capabilities: Add meta-caps for comment, term, and user meta.
Additionally, use these meta-caps in the REST API endpoints.

Previously, register_meta()'s auth_callback had no effect for non-post meta. This introduces `{add,edit,delete}_{comment,term,user}_meta` meta-caps to match the existing post meta capabilities. These are currently only used in the REST API.

Props tharsheblows, boonebgorges.
Fixes #38303, fixes #38412.


git-svn-id: https://develop.svn.wordpress.org/trunk@39179 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 03:41:07 +00:00
Weston Ruter
cebc30dd67 Customize: Rename remaining instances unfiltered_css meta capability to edit_css in unit tests.
Amends [39175].
See #38672, #35395.


git-svn-id: https://develop.svn.wordpress.org/trunk@39178 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 01:47:50 +00:00
Ryan McCue
cd5572b67a REST API: Fire correct hooks when creating users on multiste.
`add_user_to_blog()` is now called, ensuring the correct hooks are called, along with setting the primary blog and clearing relevant caches.

Props jeremyfelt.
Fixes #38526.


git-svn-id: https://develop.svn.wordpress.org/trunk@39177 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 01:34:56 +00:00
Weston Ruter
b20cda2d4b Customize: Rename unfiltered_css meta capability to edit_css; add revisions support to custom_css post type.
Props lukecavanagh, georgestephanis, westonruter.
See #38672, #35395.


git-svn-id: https://develop.svn.wordpress.org/trunk@39175 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 01:11:49 +00:00
John Blackbourn
61fa0a69d6 Build/Test Tools: Utilise assertWPError() and assertNotWPError() in more places.
See #38716


git-svn-id: https://develop.svn.wordpress.org/trunk@39174 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-09 00:01:42 +00:00
John Blackbourn
5ab2a22a38 Build/Test Tools: Utilise assertFileExists() and assertFileNotExists() in more places.
See #38716


git-svn-id: https://develop.svn.wordpress.org/trunk@39173 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 23:49:11 +00:00
John Blackbourn
52a834a6d8 Themes: Re-use fixtures in the wp_get_document_title() tests.
See #38716


git-svn-id: https://develop.svn.wordpress.org/trunk@39172 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 23:31:45 +00:00
Aaron Jorbin
5cb18b6c38 Posts, Post Types: Fix themes tests broken in [39168]
[39168] introduced a new theme to the tests, but it wasn't taken into account in Tests_Theme_ThemeDir::test_theme_list.

See #38696.



git-svn-id: https://develop.svn.wordpress.org/trunk@39170 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 23:22:23 +00:00
Pascal Birchler
21e874e00a I18N: Add ability to change user's locale back to site's locale.
Previously there was no way to remove the user locale setting again, even though that might be desirable.

This adds a new 'Site Default' option to the user-specific language setting by introducing a new `show_site_locale_default` argument to `wp_dropdown_languages()`.

Props ocean90.
See #29783.
Fixes #38632.

git-svn-id: https://develop.svn.wordpress.org/trunk@39169 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 23:00:38 +00:00
Pascal Birchler
5f610350e1 Posts, Post Types: Fix post type templates with child themes.
After [38951] added support for post type templates beyond pages, this fixes an issue where an empty meta box would be shown when using child themes.

Fixes #38696.

git-svn-id: https://develop.svn.wordpress.org/trunk@39168 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 22:40:28 +00:00
Pascal Birchler
4b3e128140 Date/Time: Improve date_i18n() timezone tests.
This uses a timezone without DST for the tests covering `date_i18n()`.

Fixes #37910.

git-svn-id: https://develop.svn.wordpress.org/trunk@39167 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 22:31:51 +00:00
Joe Hoyle
6fd4d6e0ea REST API: Remove rest_get_post filter and get_post abstraction.
This filter was originally introduced in https://github.com/WP-API/WP-API/pull/2535 to support Customizer Changesets (née Transactions). This is a super broad filter and doesn't really fit with the design of the API, nor is it (arguably) the right level to do this.

Props rmccue.
Fixes #38701.


git-svn-id: https://develop.svn.wordpress.org/trunk@39161 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 13:08:49 +00:00
Ryan McCue
2eca6870b9 REST API: Remove more emoji from tests.
More from [39156].

See #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39160 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 07:38:40 +00:00
Ryan McCue
0bbeaf7b15 REST API: Embiggen the test email address.
We no longer want a@b.c to be valid, so let's make it a@b.co instead.

Props dd32.
See #38506.


git-svn-id: https://develop.svn.wordpress.org/trunk@39159 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 06:45:26 +00:00
Ryan McCue
08efd7b636 REST API: Require 6 characters for comment email addresses.
The regular comments API requires 6 characters rather than 3, so we need to match this.

Props mangeshp, dd32.
Fixes #38506.


git-svn-id: https://develop.svn.wordpress.org/trunk@39158 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 06:41:57 +00:00
Ryan McCue
e74994b2f4 REST API: Respect unfiltered_html for HTML comment fields.
Same as [39155], but for comments, natch.

Props jnylen0.
Fixes #38704, see #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39157 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 06:35:51 +00:00
Ryan McCue
2212d62d83 REST API: Remove ship emoji from slashing tests.
Introduced in [39155], but not necessary for the slashing tests. These fail on 5.3, which encodes the emoji as HTML entities.

Props dd32.
See #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39156 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 06:25:36 +00:00
Ryan McCue
074d204c12 REST API: Respect unfiltered_html for HTML post fields.
This necessitates a change to our slashing code as well. Ah slashing, the cause of, and solution to, all of life's problems.

Props jnylen0.
Fixes #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39155 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 05:54:22 +00:00
Ryan McCue
f6e433b250 REST API: Change attachment caption & description to objects.
Just like excerpt and content for regular posts, these have transformations applied that can make the content significantly different from the raw value.

Props jnylen0.
Fixes #38679.


git-svn-id: https://develop.svn.wordpress.org/trunk@39154 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 04:28:47 +00:00
Weston Ruter
1207af99d4 Customize: Move Custom CSS control placeholder help text to setting default value.
The `WP_Customize_Custom_CSS_Setting::value()` method now returns the `default` if `wp_get_custom_css()` returns empty.

Props westonruter, afercia, helen.
See #35395.
Fixes #38685.


git-svn-id: https://develop.svn.wordpress.org/trunk@39151 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-07 18:12:28 +00:00
Ella van Dorpe
c78f002ae6 TinyMCE: wptextpattern: Fix inline patterns.
* Allow spaces inside inline pattern text, unless the delimiter stands alone.
* Add more unit tests.
* Add more inline docs.

Part props azaozz.
Fixes #37693.



git-svn-id: https://develop.svn.wordpress.org/trunk@39150 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-06 23:37:09 +00:00
Helen Hou-Sandi
f7e5811287 Customize: Revert theme install feature.
This is a great goal for core, and is close, but it is not in shape to be shipped for 4.7 and there is not enough time left in the development cycle to alter and polish sufficiently. There are bugs, but more than that, there are more fundamental questions around the use of existing UI, general UX, and how findable themes are (not) on the .org side.

see #37661.


git-svn-id: https://develop.svn.wordpress.org/trunk@39140 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-04 15:53:01 +00:00
Weston Ruter
ef33fd1841 Customize: Ensure page/post stubs are included in listings and searches for available nav menu items.
Include the customized state in the Ajax requests to load items and search items.

See #38573.
Fixes #38122.


git-svn-id: https://develop.svn.wordpress.org/trunk@39138 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-04 07:23:49 +00:00
Weston Ruter
d6c217886a Customize: Combine Ajax requests for initial load of available nav menu items into a single request.
When there are many post types registered, prevent Ajax requests from piling up and slamming WordPress with concurrent requests.

Props curdin, westonruter.
Fixes #36697.


git-svn-id: https://develop.svn.wordpress.org/trunk@39137 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-04 06:03:51 +00:00
Pascal Birchler
8a08cfc840 I18N: Use the user's locale when loading text domains in the admin.
Leverages `get_user_locale()` in `load_*_textdomain()` and `_load_textdomain_just_in_time()` to always load translations in the user's language when in the admin.

This re-introduces [39069], but now with additional tests and a `function_exists( 'wp_get_current_user' )` check in `get_user_locale()` in case it gets used early.

Props swissspidy, ocean90.
Fixes #38485.

git-svn-id: https://develop.svn.wordpress.org/trunk@39127 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 20:07:08 +00:00
Rachel Baker
4757546045 REST API: Modify the structure of our DELETE responses to be more explicit.
Add the `deleted` property to the root of the Response object to communicate if the delete action was successful. Move the state of the resource prior to the delete request under a new `previous` property.  As a result DELETE responses are now structured like so:
 `{ deleted: true, previous: { ... } }`

Also includes helpful information to DELETE requests for resources that are not trashable.

Props timmydcrawford, rmccue, jnylen0.
Fixes #38494.

git-svn-id: https://develop.svn.wordpress.org/trunk@39126 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 20:04:59 +00:00
Pascal Birchler
b7cfad8697 I18N: Move load_textdomain() tests to separate file.
See #38485.

git-svn-id: https://develop.svn.wordpress.org/trunk@39125 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 19:56:53 +00:00
Joe Hoyle
f784a0481b REST API: Return error when JSON decoding fails.
If you send a request to the REST API with invalid JSON in body than it will now return a error. This assists developers if they accidentally send invalid JSON and wonder why their data appears to be ignored.

Props rmccue.
Fixes #38547.


git-svn-id: https://develop.svn.wordpress.org/trunk@39109 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 04:04:41 +00:00
Rachel Baker
973ade2a28 REST API: Return a WP_Error when a user does not have permission to create or update a post with the provided terms.
Add the 'assign_term' check for post create and update.

Props boonebgorges, johnbillion.
Fixes #38505.

git-svn-id: https://develop.svn.wordpress.org/trunk@39108 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 03:15:28 +00:00
Rachel Baker
baf52c815a REST API: Clean-up our validation callbacks and add missing array items properties in our endpoint schemas.
Props joehoyle, jnylen0.
Fixes #38617.

git-svn-id: https://develop.svn.wordpress.org/trunk@39105 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 02:17:39 +00:00
Joe Hoyle
25b892c1ca REST API: Support querying for multiple post statuses.
Multiple post statuses can be specified by the usual CSV or array-propper format.

Props jnylen0, kadamwhite, websupporter.
Fixes #38420.


git-svn-id: https://develop.svn.wordpress.org/trunk@39104 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 01:45:48 +00:00
Rachel Baker
c962a98980 REST API: Return an error when the length of a comment field is too long.
Introduces `wp_check_comment_data_max_lengths()` which allows both the REST API comments endpoints and `wp_handle_comment_submission()` to check the length of the comment content, author name, author url, and author email fields against their respective database columns.

Props rachelbaker, mangeshp, salcode, pento.
Fixes #38477.

git-svn-id: https://develop.svn.wordpress.org/trunk@39101 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 01:11:30 +00:00
Joe Hoyle
082151025e REST API: Include taxonomies as an attribute of post types.
Add the taxonomies for a post type to the `/wp/v2/types` endpoint, so clients know which taxonomies are available for which post types.

Props danielbachhuber.
Fixes #38438, #38631.


git-svn-id: https://develop.svn.wordpress.org/trunk@39097 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 21:50:08 +00:00
Joe Hoyle
e78230b39a REST API: Add en_US to the locales enum.
Props ocean90.
Fixes #38528. 


git-svn-id: https://develop.svn.wordpress.org/trunk@39096 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 21:20:12 +00:00
Dominik Schilling (ocean90)
4dfb71c3b5 Query: Add tests for WP_Query::is_single() and get_body_class() with attachments.
See [39052]
See #38225.

git-svn-id: https://develop.svn.wordpress.org/trunk@39095 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 19:22:17 +00:00
Ryan McCue
bbbf3a97fa REST API: Allow querying for multiple slug values.
Props jnylen0, rachelbaker.
Fixes #38579.


git-svn-id: https://develop.svn.wordpress.org/trunk@39093 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 07:13:24 +00:00
Ryan McCue
1f9c6904bc REST API: Add update and delete endpoints to /users/me
Now that /users/me is a standalone resource, it should have all the standard endpoints for a resource.

Props pento.
Fixes #38521 (hopefully).


git-svn-id: https://develop.svn.wordpress.org/trunk@39092 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 06:52:30 +00:00
Ryan McCue
f9230a1c4d REST API: Add locale to user resource.
Props ocean90, joehoyle.
Fixes #38528.


git-svn-id: https://develop.svn.wordpress.org/trunk@39090 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 06:23:12 +00:00