Commit Graph

2233 Commits

Author SHA1 Message Date
Ryan McCue
e74994b2f4 REST API: Respect unfiltered_html for HTML comment fields.
Same as [39155], but for comments, natch.

Props jnylen0.
Fixes #38704, see #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39157 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 06:35:51 +00:00
Ryan McCue
2212d62d83 REST API: Remove ship emoji from slashing tests.
Introduced in [39155], but not necessary for the slashing tests. These fail on 5.3, which encodes the emoji as HTML entities.

Props dd32.
See #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39156 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 06:25:36 +00:00
Ryan McCue
074d204c12 REST API: Respect unfiltered_html for HTML post fields.
This necessitates a change to our slashing code as well. Ah slashing, the cause of, and solution to, all of life's problems.

Props jnylen0.
Fixes #38609.


git-svn-id: https://develop.svn.wordpress.org/trunk@39155 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 05:54:22 +00:00
Ryan McCue
f6e433b250 REST API: Change attachment caption & description to objects.
Just like excerpt and content for regular posts, these have transformations applied that can make the content significantly different from the raw value.

Props jnylen0.
Fixes #38679.


git-svn-id: https://develop.svn.wordpress.org/trunk@39154 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-08 04:28:47 +00:00
Weston Ruter
1207af99d4 Customize: Move Custom CSS control placeholder help text to setting default value.
The `WP_Customize_Custom_CSS_Setting::value()` method now returns the `default` if `wp_get_custom_css()` returns empty.

Props westonruter, afercia, helen.
See #35395.
Fixes #38685.


git-svn-id: https://develop.svn.wordpress.org/trunk@39151 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-07 18:12:28 +00:00
Ella van Dorpe
c78f002ae6 TinyMCE: wptextpattern: Fix inline patterns.
* Allow spaces inside inline pattern text, unless the delimiter stands alone.
* Add more unit tests.
* Add more inline docs.

Part props azaozz.
Fixes #37693.



git-svn-id: https://develop.svn.wordpress.org/trunk@39150 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-06 23:37:09 +00:00
Helen Hou-Sandi
f7e5811287 Customize: Revert theme install feature.
This is a great goal for core, and is close, but it is not in shape to be shipped for 4.7 and there is not enough time left in the development cycle to alter and polish sufficiently. There are bugs, but more than that, there are more fundamental questions around the use of existing UI, general UX, and how findable themes are (not) on the .org side.

see #37661.


git-svn-id: https://develop.svn.wordpress.org/trunk@39140 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-04 15:53:01 +00:00
Weston Ruter
ef33fd1841 Customize: Ensure page/post stubs are included in listings and searches for available nav menu items.
Include the customized state in the Ajax requests to load items and search items.

See #38573.
Fixes #38122.


git-svn-id: https://develop.svn.wordpress.org/trunk@39138 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-04 07:23:49 +00:00
Weston Ruter
d6c217886a Customize: Combine Ajax requests for initial load of available nav menu items into a single request.
When there are many post types registered, prevent Ajax requests from piling up and slamming WordPress with concurrent requests.

Props curdin, westonruter.
Fixes #36697.


git-svn-id: https://develop.svn.wordpress.org/trunk@39137 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-04 06:03:51 +00:00
Pascal Birchler
8a08cfc840 I18N: Use the user's locale when loading text domains in the admin.
Leverages `get_user_locale()` in `load_*_textdomain()` and `_load_textdomain_just_in_time()` to always load translations in the user's language when in the admin.

This re-introduces [39069], but now with additional tests and a `function_exists( 'wp_get_current_user' )` check in `get_user_locale()` in case it gets used early.

Props swissspidy, ocean90.
Fixes #38485.

git-svn-id: https://develop.svn.wordpress.org/trunk@39127 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 20:07:08 +00:00
Rachel Baker
4757546045 REST API: Modify the structure of our DELETE responses to be more explicit.
Add the `deleted` property to the root of the Response object to communicate if the delete action was successful. Move the state of the resource prior to the delete request under a new `previous` property.  As a result DELETE responses are now structured like so:
 `{ deleted: true, previous: { ... } }`

Also includes helpful information to DELETE requests for resources that are not trashable.

Props timmydcrawford, rmccue, jnylen0.
Fixes #38494.

git-svn-id: https://develop.svn.wordpress.org/trunk@39126 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 20:04:59 +00:00
Pascal Birchler
b7cfad8697 I18N: Move load_textdomain() tests to separate file.
See #38485.

git-svn-id: https://develop.svn.wordpress.org/trunk@39125 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 19:56:53 +00:00
Joe Hoyle
f784a0481b REST API: Return error when JSON decoding fails.
If you send a request to the REST API with invalid JSON in body than it will now return a error. This assists developers if they accidentally send invalid JSON and wonder why their data appears to be ignored.

Props rmccue.
Fixes #38547.


git-svn-id: https://develop.svn.wordpress.org/trunk@39109 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 04:04:41 +00:00
Rachel Baker
973ade2a28 REST API: Return a WP_Error when a user does not have permission to create or update a post with the provided terms.
Add the 'assign_term' check for post create and update.

Props boonebgorges, johnbillion.
Fixes #38505.

git-svn-id: https://develop.svn.wordpress.org/trunk@39108 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 03:15:28 +00:00
Rachel Baker
baf52c815a REST API: Clean-up our validation callbacks and add missing array items properties in our endpoint schemas.
Props joehoyle, jnylen0.
Fixes #38617.

git-svn-id: https://develop.svn.wordpress.org/trunk@39105 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 02:17:39 +00:00
Joe Hoyle
25b892c1ca REST API: Support querying for multiple post statuses.
Multiple post statuses can be specified by the usual CSV or array-propper format.

Props jnylen0, kadamwhite, websupporter.
Fixes #38420.


git-svn-id: https://develop.svn.wordpress.org/trunk@39104 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 01:45:48 +00:00
Rachel Baker
c962a98980 REST API: Return an error when the length of a comment field is too long.
Introduces `wp_check_comment_data_max_lengths()` which allows both the REST API comments endpoints and `wp_handle_comment_submission()` to check the length of the comment content, author name, author url, and author email fields against their respective database columns.

Props rachelbaker, mangeshp, salcode, pento.
Fixes #38477.

git-svn-id: https://develop.svn.wordpress.org/trunk@39101 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-03 01:11:30 +00:00
Joe Hoyle
082151025e REST API: Include taxonomies as an attribute of post types.
Add the taxonomies for a post type to the `/wp/v2/types` endpoint, so clients know which taxonomies are available for which post types.

Props danielbachhuber.
Fixes #38438, #38631.


git-svn-id: https://develop.svn.wordpress.org/trunk@39097 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 21:50:08 +00:00
Joe Hoyle
e78230b39a REST API: Add en_US to the locales enum.
Props ocean90.
Fixes #38528. 


git-svn-id: https://develop.svn.wordpress.org/trunk@39096 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 21:20:12 +00:00
Dominik Schilling (ocean90)
4dfb71c3b5 Query: Add tests for WP_Query::is_single() and get_body_class() with attachments.
See [39052]
See #38225.

git-svn-id: https://develop.svn.wordpress.org/trunk@39095 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 19:22:17 +00:00
Ryan McCue
bbbf3a97fa REST API: Allow querying for multiple slug values.
Props jnylen0, rachelbaker.
Fixes #38579.


git-svn-id: https://develop.svn.wordpress.org/trunk@39093 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 07:13:24 +00:00
Ryan McCue
1f9c6904bc REST API: Add update and delete endpoints to /users/me
Now that /users/me is a standalone resource, it should have all the standard endpoints for a resource.

Props pento.
Fixes #38521 (hopefully).


git-svn-id: https://develop.svn.wordpress.org/trunk@39092 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 06:52:30 +00:00
Ryan McCue
f9230a1c4d REST API: Add locale to user resource.
Props ocean90, joehoyle.
Fixes #38528.


git-svn-id: https://develop.svn.wordpress.org/trunk@39090 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 06:23:12 +00:00
Gary Pendergast
d4de97ad6f Roles: Fix a PHP error introduced in [39082].
The now deprecated `WP_Roles::reinit()` method was trying to call `__deprecated_function()`, instead of `_deprecated_function()`.

See 23016.



git-svn-id: https://develop.svn.wordpress.org/trunk@39088 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 05:54:27 +00:00
Ryan McCue
5d924daeb3 REST API: Change method of merging parameters.
`array_merge()` incorrectly reindexes numeric parameters, causing things like `{"123": true}` to be "dropped".

Props sswells, joehoyle.
Fixes #38306.


git-svn-id: https://develop.svn.wordpress.org/trunk@39087 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 05:52:12 +00:00
Helen Hou-Sandi
5af14c3e07 Mail: Set a better error code when triggering wp_mail_failed.
This error code is now... wait for it... `wp_mail_failed`. Previously, this would have been the originating PHPMailer error code, which could be `0`, which would then fail (pass?) the `empty()` check in the `WP_Error` constructor, thereby rendering the error object fairly useless. The PHPMailer error code is now located within the `WP_Error` data.

props Kau-Boy, stephenharris.
fixes #35598.


git-svn-id: https://develop.svn.wordpress.org/trunk@39086 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 04:26:18 +00:00
Ryan McCue
4ff5c83255 REST API: Remove the Location redirect for the /users/me endpoint.
This is a re-commit of [38980], which was reverted in [38990].

Props youknowriad, jnylen0, pento.
Fixes #38521.


git-svn-id: https://develop.svn.wordpress.org/trunk@39085 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 03:44:00 +00:00
Ryan McCue
011e0b99a1 REST API: Only expose formats supported by the current theme.
While it's valid to save any format to the database, and WordPress is totally fine with that, we should only include the formats specified by the theme in the schema.

Props danielbachhuber.
Fixes #38610.


git-svn-id: https://develop.svn.wordpress.org/trunk@39084 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 03:36:40 +00:00
Gary Pendergast
b665b5c7d8 Roles/Capabilities: Add a new wp_roles_init filter.
Historically, it's been difficult to extend user roles, but reasonable to work around by waiting until after `init` has fired, to add custom roles and capabilities. With the addition of Locale Switching, Core now potentially loads roles before `init` has fired, leaving a window where custom roles and capabilities are not handled.

The new filter allows plugins to add their own custom roles whenever they're initialised (on page load, or when switching sites, for example), so that they can always be obeyed.

`WP_Roles` has also been tidied up a little bit, to remove duplicate code.

Props johnjamesjacoby, pento.
Fixes #23016.



git-svn-id: https://develop.svn.wordpress.org/trunk@39082 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-02 00:30:29 +00:00
Ella van Dorpe
0f00396bb6 TinyMCE: wptextpattern: Handle unconverted inline patterns
Make sure the right text is matched when it already contains characters of the pattern.
Adds two more unit tests.

Fixes #37693.



git-svn-id: https://develop.svn.wordpress.org/trunk@39075 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-01 20:05:48 +00:00
Jeremy Felt
459fe129a5 Multisite: Use get_network() in WP_UnitTest_Factory_For_Network.
`wp_get_network()` was deprecated in 4.6.

Props johnjamesjacoby.
Fixes #38602.


git-svn-id: https://develop.svn.wordpress.org/trunk@39071 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-01 16:51:26 +00:00
Dion Hulse
cacd16cf5d Themes: Update the unit tests to handle [39064] and #31550.
`test_default_theme_in_default_theme_list()` was always being skipped after #31550, this causes it to once again check that the unit tests are up to date and include the latest default theme.
`test_default_themes_have_textdomain()` didn't play happy when a default theme wasn't installed on a site.

See #31550, #29925, #38551.


git-svn-id: https://develop.svn.wordpress.org/trunk@39065 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-01 03:13:27 +00:00
Dion Hulse
b92ebd9e2d Upgrade: Install new themes upon upgrade again.
This partially reverts [35738], which has shown to provide a bad user experience for users seeking to experiment with TwentySeventeen.

This will result in TwentySixteen being installed in addition to TwentySeventeen.

See #38551.


git-svn-id: https://develop.svn.wordpress.org/trunk@39064 602fd350-edb4-49c9-b593-d223f7449a82
2016-11-01 01:23:17 +00:00
John Blackbourn
d1707d6542 Posts, Post Types: Prevent users from being able to delete a protected meta field from a post.
Previously a user could remove a protected meta field by using their browser developer tools to alter the form field properties in the Custom Fields meta box, given that they know the ID of the protected meta field. This change prevents this by preventing any change to a protected meta field, including changing its key.

Props ajoah, johnbillion, peterwilsoncc
Fixes #38293


git-svn-id: https://develop.svn.wordpress.org/trunk@39062 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-31 19:29:07 +00:00
Joe Hoyle
0e609fa717 REST API: Sanitize arrays being sent as CSVs.
In #38586 the ability to parse arrays as csv was introduced, however it didn't add any support for validating csv arrays. This adds such sanitization, and also a good amount of unit tests for all sanitization baed off schema.

See #38586.


git-svn-id: https://develop.svn.wordpress.org/trunk@39061 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-31 17:07:14 +00:00
Joe Hoyle
89ce913169 REST API: Add support for "integer" type for meta and options
Previously Settings only supported "number" which meant it was possible to push floats to things like posts_per_page. This means now developers can also specify `type => ineger` in meta nad settings resgration.

Props flixos90.
Fixes #38393.


git-svn-id: https://develop.svn.wordpress.org/trunk@39058 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-31 16:06:54 +00:00
Gary Pendergast
d66ba1ee7a REST API: Allow a CSV list of user roles to be passed to /users.
After [39048], this changes explicitly parses the list of user roles as slugs, and adds tests.

Props jnylen0.
Fixes #38557.



git-svn-id: https://develop.svn.wordpress.org/trunk@39056 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-31 11:10:37 +00:00
Gary Pendergast
0153b0bb9b REST API: Allow a CSV list of term IDs to be passed to /posts.
[39048] added CSV support to array types, this change explicitly parses term lists as IDs, and adds tests.

Props timmydcrawford, pento.
Fixes #38553.



git-svn-id: https://develop.svn.wordpress.org/trunk@39055 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-31 11:05:37 +00:00
Gary Pendergast
c9618c09ad REST API: Allow parameters defined as array to be sent as CSVs.
This allows parameters that are often handled as CSVs to be properly parsed.

Fixes #38586.



git-svn-id: https://develop.svn.wordpress.org/trunk@39048 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-31 05:44:56 +00:00
Ryan McCue
4f9bc7535d REST API: Support password on non-post post types.
The password field was incorrectly only added to "post" post types, but is supported for all post types in the Dashboard UI.

Props jnylen0.
Fixes #38582.


git-svn-id: https://develop.svn.wordpress.org/trunk@39047 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-31 03:52:08 +00:00
Gary Pendergast
a86bc6f565 REST API: Add support for arrays in schema validation and sanitization.
By allowing more fine-grained validation and sanitisation of endpoint args, we can ensure the correct data is being passed to endpoints.

This can easily be extended to support new data types, such as CSV fields or objects.

Props joehoyle, rachelbaker, pento.
Fixes #38531.



git-svn-id: https://develop.svn.wordpress.org/trunk@39046 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-31 01:47:36 +00:00
John Blackbourn
5b4f2b3021 XML-RPC: Correctly handle empty and duplicate comments.
This prevents `wp_die()` being sent in response to an XML-RPC call that attempts to submit a duplicate comment, and correctly returns an error in response to an attempt to submit an empty comment.

Props markoheijnen, websupporter.
Fixes #14452, #38466.
See #36901


git-svn-id: https://develop.svn.wordpress.org/trunk@39045 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-31 01:26:10 +00:00
Rachel Baker
b5a4df509e REST API: Correctly test the roles parameter when creating a user in WP_Test_REST_Users_Controller.
Props jnylen0.
Fixes #38575.

git-svn-id: https://develop.svn.wordpress.org/trunk@39043 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-31 00:27:17 +00:00
Rachel Baker
6413c1efce REST API: Delete temporary files during teardown of WP_Test_REST_Attachments_Controller.
Props jnylen0.
Fixes #38574.

git-svn-id: https://develop.svn.wordpress.org/trunk@39041 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-30 23:31:06 +00:00
Weston Ruter
4de2e30bb4 Customize: Prevent auto-draft post/page stubs from being saved with empty slugs or published with non-unique slugs.
* Allow `WP_Customize_Nav_Menus::insert_auto_draft_post()` to take full post array to pass to `wp_insert_post()`, except for `post_status`. Require `post_title`. 
* Ensure empty `post_name` gets explicitly set to slugified `post_title`.
* Explicitly allow only `post_type` and `post_title` params in `WP_Customize_Nav_Menus::ajax_insert_auto_draft_post()`.
* Use `wp_update_post()` instead of `wp_publish_post()` to ensure unique slugs are assigned to published auto-draft posts.
* Re-use `WP_Customize_Nav_Menus::insert_auto_draft_post()` when inserting stubs from starter content.
 
See #38114, #38013, #34923.
Fixes #38539.


git-svn-id: https://develop.svn.wordpress.org/trunk@39038 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-30 20:20:54 +00:00
John Blackbourn
7b7164e198 Role/Capability: Introduce capability tests for promoting, removing, and deleting users, and capability tests for editing comments.
Also introduces a shared fixture for a super admin user.

See #38236


git-svn-id: https://develop.svn.wordpress.org/trunk@39035 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-30 18:30:03 +00:00
John Blackbourn
765d5feb08 Customize: Avoid using assertNotFalse() in tests because it's not available in PHPUnit 3.6.
See #35395


git-svn-id: https://develop.svn.wordpress.org/trunk@39020 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-30 15:41:49 +00:00
John Blackbourn
509df810bf Customize: Correct the CRUD tests for custom CSS on multisite.
See #35395


git-svn-id: https://develop.svn.wordpress.org/trunk@39017 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-30 14:03:05 +00:00
John Blackbourn
4e262ff6ee Customize: Correct the capability mapping and associated tests for the unfiltered_css capability.
Fixes #35395


git-svn-id: https://develop.svn.wordpress.org/trunk@39016 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-30 12:46:46 +00:00
Drew Jaynes
fff3c88cb1 Tests: Helps to also update the hour and not just the timezone to temporarily fix a test broken due to Daylight Saving Time changes in Europe.
git-svn-id: https://develop.svn.wordpress.org/trunk@39013 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-30 05:53:58 +00:00