enmi-conf.org: wp/wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php@be944660c56a (annotated)

18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	2	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	3	* REST API: WP_REST_Application_Passwords_Controller class
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	4	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	5	* @package WordPress
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	6	* @subpackage REST_API
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	7	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	8	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	9
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	10	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	11	* Core class to access a user's application passwords via the REST API.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	12	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	13	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	14	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	15	* @see WP_REST_Controller
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	16	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	17	class WP_REST_Application_Passwords_Controller extends WP_REST_Controller {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	18
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	19	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	20	* Application Passwords controller constructor.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	21	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	22	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	23	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	24	public function __construct() {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	25	$this->namespace = 'wp/v2';
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	26	$this->rest_base = 'users/(?P<user_id>(?:[\d]+\|me))/application-passwords';
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	27	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	28
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	29	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	30	* Registers the REST API routes for the application passwords controller.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	31	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	32	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	33	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	34	public function register_routes() {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	35	register_rest_route(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	36	$this->namespace,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	37	'/' . $this->rest_base,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	38	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	39	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	40	'methods' => WP_REST_Server::READABLE,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	41	'callback' => array( $this, 'get_items' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	42	'permission_callback' => array( $this, 'get_items_permissions_check' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	43	'args' => $this->get_collection_params(),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	44	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	45	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	46	'methods' => WP_REST_Server::CREATABLE,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	47	'callback' => array( $this, 'create_item' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	48	'permission_callback' => array( $this, 'create_item_permissions_check' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	49	'args' => $this->get_endpoint_args_for_item_schema(),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	50	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	51	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	52	'methods' => WP_REST_Server::DELETABLE,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	53	'callback' => array( $this, 'delete_items' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	54	'permission_callback' => array( $this, 'delete_items_permissions_check' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	55	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	56	'schema' => array( $this, 'get_public_item_schema' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	57	)
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	58	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	59
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	60	register_rest_route(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	61	$this->namespace,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	62	'/' . $this->rest_base . '/introspect',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	63	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	64	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	65	'methods' => WP_REST_Server::READABLE,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	66	'callback' => array( $this, 'get_current_item' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	67	'permission_callback' => array( $this, 'get_current_item_permissions_check' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	68	'args' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	69	'context' => $this->get_context_param( array( 'default' => 'view' ) ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	70	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	71	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	72	'schema' => array( $this, 'get_public_item_schema' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	73	)
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	74	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	75
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	76	register_rest_route(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	77	$this->namespace,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	78	'/' . $this->rest_base . '/(?P<uuid>[\w\-]+)',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	79	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	80	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	81	'methods' => WP_REST_Server::READABLE,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	82	'callback' => array( $this, 'get_item' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	83	'permission_callback' => array( $this, 'get_item_permissions_check' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	84	'args' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	85	'context' => $this->get_context_param( array( 'default' => 'view' ) ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	86	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	87	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	88	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	89	'methods' => WP_REST_Server::EDITABLE,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	90	'callback' => array( $this, 'update_item' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	91	'permission_callback' => array( $this, 'update_item_permissions_check' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	92	'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	93	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	94	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	95	'methods' => WP_REST_Server::DELETABLE,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	96	'callback' => array( $this, 'delete_item' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	97	'permission_callback' => array( $this, 'delete_item_permissions_check' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	98	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	99	'schema' => array( $this, 'get_public_item_schema' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	100	)
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	101	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	102	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	103
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	104	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	105	* Checks if a given request has access to get application passwords.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	106	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	107	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	108	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	109	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	110	* @return true\|WP_Error True if the request has read access, WP_Error object otherwise.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	111	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	112	public function get_items_permissions_check( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	113	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	114
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	115	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	116	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	117	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	118
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	119	if ( ! current_user_can( 'list_app_passwords', $user->ID ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	120	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	121	'rest_cannot_list_application_passwords',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	122	__( 'Sorry, you are not allowed to list application passwords for this user.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	123	array( 'status' => rest_authorization_required_code() )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	124	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	125	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	126
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	127	return true;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	128	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	129
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	130	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	131	* Retrieves a collection of application passwords.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	132	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	133	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	134	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	135	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	136	* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	137	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	138	public function get_items( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	139	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	140
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	141	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	142	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	143	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	144
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	145	$passwords = WP_Application_Passwords::get_user_application_passwords( $user->ID );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	146	$response = array();
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	147
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	148	foreach ( $passwords as $password ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	149	$response[] = $this->prepare_response_for_collection(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	150	$this->prepare_item_for_response( $password, $request )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	151	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	152	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	153
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	154	return new WP_REST_Response( $response );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	155	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	156
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	157	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	158	* Checks if a given request has access to get a specific application password.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	159	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	160	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	161	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	162	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	163	* @return true\|WP_Error True if the request has read access for the item, WP_Error object otherwise.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	164	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	165	public function get_item_permissions_check( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	166	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	167
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	168	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	169	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	170	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	171
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	172	if ( ! current_user_can( 'read_app_password', $user->ID, $request['uuid'] ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	173	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	174	'rest_cannot_read_application_password',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	175	__( 'Sorry, you are not allowed to read this application password.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	176	array( 'status' => rest_authorization_required_code() )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	177	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	178	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	179
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	180	return true;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	181	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	182
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	183	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	184	* Retrieves one application password from the collection.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	185	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	186	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	187	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	188	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	189	* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	190	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	191	public function get_item( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	192	$password = $this->get_application_password( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	193
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	194	if ( is_wp_error( $password ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	195	return $password;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	196	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	197
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	198	return $this->prepare_item_for_response( $password, $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	199	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	200
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	201	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	202	* Checks if a given request has access to create application passwords.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	203	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	204	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	205	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	206	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	207	* @return true\|WP_Error True if the request has access to create items, WP_Error object otherwise.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	208	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	209	public function create_item_permissions_check( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	210	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	211
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	212	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	213	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	214	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	215
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	216	if ( ! current_user_can( 'create_app_password', $user->ID ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	217	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	218	'rest_cannot_create_application_passwords',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	219	__( 'Sorry, you are not allowed to create application passwords for this user.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	220	array( 'status' => rest_authorization_required_code() )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	221	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	222	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	223
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	224	return true;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	225	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	226
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	227	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	228	* Creates an application password.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	229	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	230	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	231	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	232	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	233	* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	234	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	235	public function create_item( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	236	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	237
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	238	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	239	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	240	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	241
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	242	$prepared = $this->prepare_item_for_database( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	243
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	244	if ( is_wp_error( $prepared ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	245	return $prepared;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	246	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	247
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	248	$created = WP_Application_Passwords::create_new_application_password( $user->ID, wp_slash( (array) $prepared ) );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	249
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	250	if ( is_wp_error( $created ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	251	return $created;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	252	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	253
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	254	$password = $created[0];
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	255	$item = WP_Application_Passwords::get_user_application_password( $user->ID, $created[1]['uuid'] );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	256
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	257	$item['new_password'] = WP_Application_Passwords::chunk_password( $password );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	258	$fields_update = $this->update_additional_fields_for_object( $item, $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	259
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	260	if ( is_wp_error( $fields_update ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	261	return $fields_update;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	262	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	263
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	264	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	265	* Fires after a single application password is completely created or updated via the REST API.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	266	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	267	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	268	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	269	* @param array $item Inserted or updated password item.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	270	* @param WP_REST_Request $request Request object.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	271	* @param bool $creating True when creating an application password, false when updating.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	272	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	273	do_action( 'rest_after_insert_application_password', $item, $request, true );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	274
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	275	$request->set_param( 'context', 'edit' );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	276	$response = $this->prepare_item_for_response( $item, $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	277
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	278	$response->set_status( 201 );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	279	$response->header( 'Location', $response->get_links()['self'][0]['href'] );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	280
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	281	return $response;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	282	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	283
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	284	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	285	* Checks if a given request has access to update application passwords.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	286	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	287	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	288	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	289	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	290	* @return true\|WP_Error True if the request has access to create items, WP_Error object otherwise.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	291	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	292	public function update_item_permissions_check( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	293	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	294
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	295	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	296	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	297	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	298
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	299	if ( ! current_user_can( 'edit_app_password', $user->ID, $request['uuid'] ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	300	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	301	'rest_cannot_edit_application_password',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	302	__( 'Sorry, you are not allowed to edit this application password.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	303	array( 'status' => rest_authorization_required_code() )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	304	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	305	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	306
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	307	return true;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	308	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	309
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	310	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	311	* Updates an application password.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	312	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	313	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	314	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	315	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	316	* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	317	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	318	public function update_item( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	319	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	320
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	321	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	322	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	323	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	324
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	325	$item = $this->get_application_password( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	326
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	327	if ( is_wp_error( $item ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	328	return $item;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	329	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	330
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	331	$prepared = $this->prepare_item_for_database( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	332
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	333	if ( is_wp_error( $prepared ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	334	return $prepared;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	335	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	336
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	337	$saved = WP_Application_Passwords::update_application_password( $user->ID, $item['uuid'], wp_slash( (array) $prepared ) );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	338
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	339	if ( is_wp_error( $saved ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	340	return $saved;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	341	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	342
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	343	$fields_update = $this->update_additional_fields_for_object( $item, $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	344
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	345	if ( is_wp_error( $fields_update ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	346	return $fields_update;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	347	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	348
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	349	$item = WP_Application_Passwords::get_user_application_password( $user->ID, $item['uuid'] );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	350
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	351	/** This action is documented in wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php */
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	352	do_action( 'rest_after_insert_application_password', $item, $request, false );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	353
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	354	$request->set_param( 'context', 'edit' );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	355	return $this->prepare_item_for_response( $item, $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	356	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	357
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	358	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	359	* Checks if a given request has access to delete all application passwords.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	360	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	361	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	362	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	363	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	364	* @return true\|WP_Error True if the request has access to delete the item, WP_Error object otherwise.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	365	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	366	public function delete_items_permissions_check( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	367	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	368
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	369	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	370	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	371	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	372
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	373	if ( ! current_user_can( 'delete_app_passwords', $user->ID ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	374	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	375	'rest_cannot_delete_application_passwords',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	376	__( 'Sorry, you are not allowed to delete application passwords for this user.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	377	array( 'status' => rest_authorization_required_code() )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	378	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	379	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	380
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	381	return true;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	382	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	383
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	384	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	385	* Deletes all application passwords.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	386	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	387	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	388	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	389	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	390	* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	391	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	392	public function delete_items( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	393	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	394
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	395	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	396	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	397	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	398
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	399	$deleted = WP_Application_Passwords::delete_all_application_passwords( $user->ID );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	400
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	401	if ( is_wp_error( $deleted ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	402	return $deleted;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	403	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	404
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	405	return new WP_REST_Response(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	406	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	407	'deleted' => true,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	408	'count' => $deleted,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	409	)
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	410	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	411	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	412
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	413	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	414	* Checks if a given request has access to delete a specific application password.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	415	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	416	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	417	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	418	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	419	* @return true\|WP_Error True if the request has access to delete the item, WP_Error object otherwise.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	420	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	421	public function delete_item_permissions_check( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	422	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	423
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	424	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	425	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	426	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	427
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	428	if ( ! current_user_can( 'delete_app_password', $user->ID, $request['uuid'] ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	429	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	430	'rest_cannot_delete_application_password',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	431	__( 'Sorry, you are not allowed to delete this application password.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	432	array( 'status' => rest_authorization_required_code() )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	433	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	434	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	435
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	436	return true;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	437	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	438
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	439	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	440	* Deletes one application password.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	441	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	442	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	443	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	444	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	445	* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	446	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	447	public function delete_item( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	448	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	449
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	450	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	451	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	452	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	453
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	454	$password = $this->get_application_password( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	455
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	456	if ( is_wp_error( $password ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	457	return $password;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	458	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	459
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	460	$request->set_param( 'context', 'edit' );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	461	$previous = $this->prepare_item_for_response( $password, $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	462	$deleted = WP_Application_Passwords::delete_application_password( $user->ID, $password['uuid'] );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	463
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	464	if ( is_wp_error( $deleted ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	465	return $deleted;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	466	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	467
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	468	return new WP_REST_Response(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	469	array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	470	'deleted' => true,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	471	'previous' => $previous->get_data(),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	472	)
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	473	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	474	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	475
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	476	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	477	* Checks if a given request has access to get the currently used application password.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	478	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	479	* @since 5.7.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	480	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	481	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	482	* @return true\|WP_Error True if the request has read access for the item, WP_Error object otherwise.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	483	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	484	public function get_current_item_permissions_check( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	485	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	486
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	487	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	488	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	489	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	490
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	491	if ( get_current_user_id() !== $user->ID ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	492	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	493	'rest_cannot_introspect_app_password_for_non_authenticated_user',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	494	__( 'The authenticated Application Password can only be introspected for the current user.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	495	array( 'status' => rest_authorization_required_code() )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	496	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	497	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	498
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	499	return true;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	500	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	501
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	502	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	503	* Retrieves the application password being currently used for authentication.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	504	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	505	* @since 5.7.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	506	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	507	* @param WP_REST_Request $request Full details about the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	508	* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	509	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	510	public function get_current_item( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	511	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	512
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	513	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	514	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	515	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	516
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	517	$uuid = rest_get_authenticated_app_password();
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	518
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	519	if ( ! $uuid ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	520	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	521	'rest_no_authenticated_app_password',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	522	__( 'Cannot introspect Application Password.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	523	array( 'status' => 404 )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	524	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	525	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	526
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	527	$password = WP_Application_Passwords::get_user_application_password( $user->ID, $uuid );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	528
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	529	if ( ! $password ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	530	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	531	'rest_application_password_not_found',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	532	__( 'Application password not found.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	533	array( 'status' => 500 )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	534	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	535	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	536
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	537	return $this->prepare_item_for_response( $password, $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	538	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	539
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	540	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	541	* Performs a permissions check for the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	542	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	543	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	544	* @deprecated 5.7.0 Use `edit_user` directly or one of the specific meta capabilities introduced in 5.7.0.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	545	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	546	* @param WP_REST_Request $request
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	547	* @return true\|WP_Error
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	548	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	549	protected function do_permissions_check( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	550	_deprecated_function( __METHOD__, '5.7.0' );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	551
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	552	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	553
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	554	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	555	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	556	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	557
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	558	if ( ! current_user_can( 'edit_user', $user->ID ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	559	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	560	'rest_cannot_manage_application_passwords',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	561	__( 'Sorry, you are not allowed to manage application passwords for this user.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	562	array( 'status' => rest_authorization_required_code() )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	563	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	564	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	565
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	566	return true;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	567	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	568
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	569	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	570	* Prepares an application password for a create or update operation.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	571	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	572	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	573	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	574	* @param WP_REST_Request $request Request object.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	575	* @return object\|WP_Error The prepared item, or WP_Error object on failure.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	576	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	577	protected function prepare_item_for_database( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	578	$prepared = (object) array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	579	'name' => $request['name'],
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	580	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	581
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	582	if ( $request['app_id'] && ! $request['uuid'] ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	583	$prepared->app_id = $request['app_id'];
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	584	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	585
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	586	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	587	* Filters an application password before it is inserted via the REST API.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	588	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	589	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	590	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	591	* @param stdClass $prepared An object representing a single application password prepared for inserting or updating the database.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	592	* @param WP_REST_Request $request Request object.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	593	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	594	return apply_filters( 'rest_pre_insert_application_password', $prepared, $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	595	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	596
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	597	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	598	* Prepares the application password for the REST response.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	599	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	600	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	601	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	602	* @param array $item WordPress representation of the item.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	603	* @param WP_REST_Request $request Request object.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	604	* @return WP_REST_Response\|WP_Error Response object on success, or WP_Error object on failure.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	605	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	606	public function prepare_item_for_response( $item, $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	607	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	608
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	609	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	610	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	611	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	612
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	613	$prepared = array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	614	'uuid' => $item['uuid'],
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	615	'app_id' => empty( $item['app_id'] ) ? '' : $item['app_id'],
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	616	'name' => $item['name'],
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	617	'created' => gmdate( 'Y-m-d\TH:i:s', $item['created'] ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	618	'last_used' => $item['last_used'] ? gmdate( 'Y-m-d\TH:i:s', $item['last_used'] ) : null,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	619	'last_ip' => $item['last_ip'] ? $item['last_ip'] : null,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	620	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	621
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	622	if ( isset( $item['new_password'] ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	623	$prepared['password'] = $item['new_password'];
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	624	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	625
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	626	$prepared = $this->add_additional_fields_to_object( $prepared, $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	627	$prepared = $this->filter_response_by_context( $prepared, $request['context'] );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	628
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	629	$response = new WP_REST_Response( $prepared );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	630	$response->add_links( $this->prepare_links( $user, $item ) );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	631
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	632	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	633	* Filters the REST API response for an application password.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	634	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	635	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	636	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	637	* @param WP_REST_Response $response The response object.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	638	* @param array $item The application password array.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	639	* @param WP_REST_Request $request The request object.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	640	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	641	return apply_filters( 'rest_prepare_application_password', $response, $item, $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	642	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	643
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	644	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	645	* Prepares links for the request.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	646	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	647	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	648	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	649	* @param WP_User $user The requested user.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	650	* @param array $item The application password.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	651	* @return array The list of links.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	652	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	653	protected function prepare_links( WP_User $user, $item ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	654	return array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	655	'self' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	656	'href' => rest_url( sprintf( '%s/users/%d/application-passwords/%s', $this->namespace, $user->ID, $item['uuid'] ) ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	657	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	658	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	659	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	660
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	661	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	662	* Gets the requested user.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	663	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	664	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	665	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	666	* @param WP_REST_Request $request The request object.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	667	* @return WP_User\|WP_Error The WordPress user associated with the request, or a WP_Error if none found.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	668	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	669	protected function get_user( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	670	if ( ! wp_is_application_passwords_available() ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	671	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	672	'application_passwords_disabled',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	673	__( 'Application passwords are not available.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	674	array( 'status' => 501 )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	675	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	676	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	677
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	678	$error = new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	679	'rest_user_invalid_id',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	680	__( 'Invalid user ID.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	681	array( 'status' => 404 )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	682	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	683
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	684	$id = $request['user_id'];
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	685
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	686	if ( 'me' === $id ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	687	if ( ! is_user_logged_in() ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	688	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	689	'rest_not_logged_in',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	690	__( 'You are not currently logged in.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	691	array( 'status' => 401 )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	692	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	693	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	694
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	695	$user = wp_get_current_user();
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	696	} else {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	697	$id = (int) $id;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	698
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	699	if ( $id <= 0 ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	700	return $error;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	701	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	702
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	703	$user = get_userdata( $id );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	704	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	705
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	706	if ( empty( $user ) \|\| ! $user->exists() ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	707	return $error;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	708	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	709
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	710	if ( is_multisite() && ! is_user_member_of_blog( $user->ID ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	711	return $error;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	712	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	713
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	714	if ( ! wp_is_application_passwords_available_for_user( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	715	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	716	'application_passwords_disabled_for_user',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	717	__( 'Application passwords are not available for your account. Please contact the site administrator for assistance.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	718	array( 'status' => 501 )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	719	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	720	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	721
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	722	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	723	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	724
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	725	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	726	* Gets the requested application password.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	727	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	728	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	729	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	730	* @param WP_REST_Request $request The request object.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	731	* @return array\|WP_Error The application password details if found, a WP_Error otherwise.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	732	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	733	protected function get_application_password( $request ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	734	$user = $this->get_user( $request );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	735
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	736	if ( is_wp_error( $user ) ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	737	return $user;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	738	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	739
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	740	$password = WP_Application_Passwords::get_user_application_password( $user->ID, $request['uuid'] );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	741
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	742	if ( ! $password ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	743	return new WP_Error(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	744	'rest_application_password_not_found',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	745	__( 'Application password not found.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	746	array( 'status' => 404 )
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	747	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	748	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	749
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	750	return $password;
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	751	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	752
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	753	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	754	* Retrieves the query params for the collections.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	755	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	756	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	757	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	758	* @return array Query parameters for the collection.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	759	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	760	public function get_collection_params() {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	761	return array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	762	'context' => $this->get_context_param( array( 'default' => 'view' ) ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	763	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	764	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	765
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	766	/**
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	767	* Retrieves the application password's schema, conforming to JSON Schema.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	768	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	769	* @since 5.6.0
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	770	*
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	771	* @return array Item schema data.
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	772	*/
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	773	public function get_item_schema() {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	774	if ( $this->schema ) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	775	return $this->add_additional_fields_schema( $this->schema );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	776	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	777
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	778	$this->schema = array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	779	'$schema' => 'http://json-schema.org/draft-04/schema#',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	780	'title' => 'application-password',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	781	'type' => 'object',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	782	'properties' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	783	'uuid' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	784	'description' => __( 'The unique identifier for the application password.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	785	'type' => 'string',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	786	'format' => 'uuid',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	787	'context' => array( 'view', 'edit', 'embed' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	788	'readonly' => true,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	789	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	790	'app_id' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	791	'description' => __( 'A uuid provided by the application to uniquely identify it. It is recommended to use an UUID v5 with the URL or DNS namespace.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	792	'type' => 'string',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	793	'format' => 'uuid',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	794	'context' => array( 'view', 'edit', 'embed' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	795	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	796	'name' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	797	'description' => __( 'The name of the application password.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	798	'type' => 'string',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	799	'required' => true,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	800	'context' => array( 'view', 'edit', 'embed' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	801	'minLength' => 1,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	802	'pattern' => '.\S.',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	803	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	804	'password' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	805	'description' => __( 'The generated password. Only available after adding an application.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	806	'type' => 'string',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	807	'context' => array( 'edit' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	808	'readonly' => true,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	809	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	810	'created' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	811	'description' => __( 'The GMT date the application password was created.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	812	'type' => 'string',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	813	'format' => 'date-time',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	814	'context' => array( 'view', 'edit' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	815	'readonly' => true,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	816	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	817	'last_used' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	818	'description' => __( 'The GMT date the application password was last used.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	819	'type' => array( 'string', 'null' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	820	'format' => 'date-time',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	821	'context' => array( 'view', 'edit' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	822	'readonly' => true,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	823	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	824	'last_ip' => array(
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	825	'description' => __( 'The IP address the application password was last used by.' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	826	'type' => array( 'string', 'null' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	827	'format' => 'ip',
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	828	'context' => array( 'view', 'edit' ),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	829	'readonly' => true,
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	830	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	831	),
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	832	);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	833
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	834	return $this->add_additional_fields_schema( $this->schema );
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	835	}
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: diff changeset	836	}

author	ymh <ymh.work@gmail.com>
	Wed, 21 Sep 2022 18:19:35 +0200
changeset 18	be944660c56a
child 19	3d72ae0968f4
permissions	-rw-r--r--