wp/wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php
equal
deleted
inserted
replaced
354 $request->set_param( 'context', 'edit' ); |
354 $request->set_param( 'context', 'edit' ); |
355 return $this->prepare_item_for_response( $item, $request ); |
355 return $this->prepare_item_for_response( $item, $request ); |
356 } |
356 } |
357 |
357 |
358 /** |
358 /** |
359 * Checks if a given request has access to delete all application passwords. |
359 * Checks if a given request has access to delete all application passwords for a user. |
360 * |
360 * |
361 * @since 5.6.0 |
361 * @since 5.6.0 |
362 * |
362 * |
363 * @param WP_REST_Request $request Full details about the request. |
363 * @param WP_REST_Request $request Full details about the request. |
364 * @return true|WP_Error True if the request has access to delete the item, WP_Error object otherwise. |
364 * @return true|WP_Error True if the request has access to delete the item, WP_Error object otherwise. |
380 |
380 |
381 return true; |
381 return true; |
382 } |
382 } |
383 |
383 |
384 /** |
384 /** |
385 * Deletes all application passwords. |
385 * Deletes all application passwords for a user. |
386 * |
386 * |
387 * @since 5.6.0 |
387 * @since 5.6.0 |
388 * |
388 * |
389 * @param WP_REST_Request $request Full details about the request. |
389 * @param WP_REST_Request $request Full details about the request. |
390 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. |
390 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. |
409 ) |
409 ) |
410 ); |
410 ); |
411 } |
411 } |
412 |
412 |
413 /** |
413 /** |
414 * Checks if a given request has access to delete a specific application password. |
414 * Checks if a given request has access to delete a specific application password for a user. |
415 * |
415 * |
416 * @since 5.6.0 |
416 * @since 5.6.0 |
417 * |
417 * |
418 * @param WP_REST_Request $request Full details about the request. |
418 * @param WP_REST_Request $request Full details about the request. |
419 * @return true|WP_Error True if the request has access to delete the item, WP_Error object otherwise. |
419 * @return true|WP_Error True if the request has access to delete the item, WP_Error object otherwise. |
435 |
435 |
436 return true; |
436 return true; |
437 } |
437 } |
438 |
438 |
439 /** |
439 /** |
440 * Deletes one application password. |
440 * Deletes an application password for a user. |
441 * |
441 * |
442 * @since 5.6.0 |
442 * @since 5.6.0 |
443 * |
443 * |
444 * @param WP_REST_Request $request Full details about the request. |
444 * @param WP_REST_Request $request Full details about the request. |
445 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. |
445 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. |
472 ) |
472 ) |
473 ); |
473 ); |
474 } |
474 } |
475 |
475 |
476 /** |
476 /** |
477 * Checks if a given request has access to get the currently used application password. |
477 * Checks if a given request has access to get the currently used application password for a user. |
478 * |
478 * |
479 * @since 5.7.0 |
479 * @since 5.7.0 |
480 * |
480 * |
481 * @param WP_REST_Request $request Full details about the request. |
481 * @param WP_REST_Request $request Full details about the request. |
482 * @return true|WP_Error True if the request has read access for the item, WP_Error object otherwise. |
482 * @return true|WP_Error True if the request has read access for the item, WP_Error object otherwise. |
489 } |
489 } |
490 |
490 |
491 if ( get_current_user_id() !== $user->ID ) { |
491 if ( get_current_user_id() !== $user->ID ) { |
492 return new WP_Error( |
492 return new WP_Error( |
493 'rest_cannot_introspect_app_password_for_non_authenticated_user', |
493 'rest_cannot_introspect_app_password_for_non_authenticated_user', |
494 __( 'The authenticated Application Password can only be introspected for the current user.' ), |
494 __( 'The authenticated application password can only be introspected for the current user.' ), |
495 array( 'status' => rest_authorization_required_code() ) |
495 array( 'status' => rest_authorization_required_code() ) |
496 ); |
496 ); |
497 } |
497 } |
498 |
498 |
499 return true; |
499 return true; |
500 } |
500 } |
501 |
501 |
502 /** |
502 /** |
503 * Retrieves the application password being currently used for authentication. |
503 * Retrieves the application password being currently used for authentication of a user. |
504 * |
504 * |
505 * @since 5.7.0 |
505 * @since 5.7.0 |
506 * |
506 * |
507 * @param WP_REST_Request $request Full details about the request. |
507 * @param WP_REST_Request $request Full details about the request. |
508 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. |
508 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. |
517 $uuid = rest_get_authenticated_app_password(); |
517 $uuid = rest_get_authenticated_app_password(); |
518 |
518 |
519 if ( ! $uuid ) { |
519 if ( ! $uuid ) { |
520 return new WP_Error( |
520 return new WP_Error( |
521 'rest_no_authenticated_app_password', |
521 'rest_no_authenticated_app_password', |
522 __( 'Cannot introspect Application Password.' ), |
522 __( 'Cannot introspect application password.' ), |
523 array( 'status' => 404 ) |
523 array( 'status' => 404 ) |
524 ); |
524 ); |
525 } |
525 } |
526 |
526 |
527 $password = WP_Application_Passwords::get_user_application_password( $user->ID, $uuid ); |
527 $password = WP_Application_Passwords::get_user_application_password( $user->ID, $uuid ); |
721 |
721 |
722 return $user; |
722 return $user; |
723 } |
723 } |
724 |
724 |
725 /** |
725 /** |
726 * Gets the requested application password. |
726 * Gets the requested application password for a user. |
727 * |
727 * |
728 * @since 5.6.0 |
728 * @since 5.6.0 |
729 * |
729 * |
730 * @param WP_REST_Request $request The request object. |
730 * @param WP_REST_Request $request The request object. |
731 * @return array|WP_Error The application password details if found, a WP_Error otherwise. |
731 * @return array|WP_Error The application password details if found, a WP_Error otherwise. |
786 'format' => 'uuid', |
786 'format' => 'uuid', |
787 'context' => array( 'view', 'edit', 'embed' ), |
787 'context' => array( 'view', 'edit', 'embed' ), |
788 'readonly' => true, |
788 'readonly' => true, |
789 ), |
789 ), |
790 'app_id' => array( |
790 'app_id' => array( |
791 'description' => __( 'A uuid provided by the application to uniquely identify it. It is recommended to use an UUID v5 with the URL or DNS namespace.' ), |
791 'description' => __( 'A UUID provided by the application to uniquely identify it. It is recommended to use an UUID v5 with the URL or DNS namespace.' ), |
792 'type' => 'string', |
792 'type' => 'string', |
793 'format' => 'uuid', |
793 'format' => 'uuid', |
794 'context' => array( 'view', 'edit', 'embed' ), |
794 'context' => array( 'view', 'edit', 'embed' ), |
795 ), |
795 ), |
796 'name' => array( |
796 'name' => array( |