equal
deleted
inserted
replaced
21 * |
21 * |
22 * @since 4.7.0 |
22 * @since 4.7.0 |
23 * @var WP_REST_User_Meta_Fields |
23 * @var WP_REST_User_Meta_Fields |
24 */ |
24 */ |
25 protected $meta; |
25 protected $meta; |
|
26 |
|
27 /** |
|
28 * Whether the controller supports batching. |
|
29 * |
|
30 * @since 6.6.0 |
|
31 * @var array |
|
32 */ |
|
33 protected $allow_batch = array( 'v1' => true ); |
26 |
34 |
27 /** |
35 /** |
28 * Constructor. |
36 * Constructor. |
29 * |
37 * |
30 * @since 4.7.0 |
38 * @since 4.7.0 |
59 'methods' => WP_REST_Server::CREATABLE, |
67 'methods' => WP_REST_Server::CREATABLE, |
60 'callback' => array( $this, 'create_item' ), |
68 'callback' => array( $this, 'create_item' ), |
61 'permission_callback' => array( $this, 'create_item_permissions_check' ), |
69 'permission_callback' => array( $this, 'create_item_permissions_check' ), |
62 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::CREATABLE ), |
70 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::CREATABLE ), |
63 ), |
71 ), |
64 'schema' => array( $this, 'get_public_item_schema' ), |
72 'allow_batch' => $this->allow_batch, |
|
73 'schema' => array( $this, 'get_public_item_schema' ), |
65 ) |
74 ) |
66 ); |
75 ); |
67 |
76 |
68 register_rest_route( |
77 register_rest_route( |
69 $this->namespace, |
78 $this->namespace, |
70 '/' . $this->rest_base . '/(?P<id>[\d]+)', |
79 '/' . $this->rest_base . '/(?P<id>[\d]+)', |
71 array( |
80 array( |
72 'args' => array( |
81 'args' => array( |
73 'id' => array( |
82 'id' => array( |
74 'description' => __( 'Unique identifier for the user.' ), |
83 'description' => __( 'Unique identifier for the user.' ), |
75 'type' => 'integer', |
84 'type' => 'integer', |
76 ), |
85 ), |
77 ), |
86 ), |
105 'required' => true, |
114 'required' => true, |
106 'sanitize_callback' => array( $this, 'check_reassign' ), |
115 'sanitize_callback' => array( $this, 'check_reassign' ), |
107 ), |
116 ), |
108 ), |
117 ), |
109 ), |
118 ), |
110 'schema' => array( $this, 'get_public_item_schema' ), |
119 'allow_batch' => $this->allow_batch, |
|
120 'schema' => array( $this, 'get_public_item_schema' ), |
111 ) |
121 ) |
112 ); |
122 ); |
113 |
123 |
114 register_rest_route( |
124 register_rest_route( |
115 $this->namespace, |
125 $this->namespace, |
316 ? get_post_types( array( 'show_in_rest' => true ), 'names' ) |
326 ? get_post_types( array( 'show_in_rest' => true ), 'names' ) |
317 : (array) $request['has_published_posts']; |
327 : (array) $request['has_published_posts']; |
318 } |
328 } |
319 |
329 |
320 if ( ! empty( $prepared_args['search'] ) ) { |
330 if ( ! empty( $prepared_args['search'] ) ) { |
|
331 if ( ! current_user_can( 'list_users' ) ) { |
|
332 $prepared_args['search_columns'] = array( 'ID', 'user_login', 'user_nicename', 'display_name' ); |
|
333 } |
321 $prepared_args['search'] = '*' . $prepared_args['search'] . '*'; |
334 $prepared_args['search'] = '*' . $prepared_args['search'] . '*'; |
322 } |
335 } |
323 /** |
336 /** |
324 * Filters WP_User_Query arguments when querying users via the REST API. |
337 * Filters WP_User_Query arguments when querying users via the REST API. |
325 * |
338 * |
343 |
356 |
344 $response = rest_ensure_response( $users ); |
357 $response = rest_ensure_response( $users ); |
345 |
358 |
346 // Store pagination values for headers then unset for count query. |
359 // Store pagination values for headers then unset for count query. |
347 $per_page = (int) $prepared_args['number']; |
360 $per_page = (int) $prepared_args['number']; |
348 $page = ceil( ( ( (int) $prepared_args['offset'] ) / $per_page ) + 1 ); |
361 $page = (int) ceil( ( ( (int) $prepared_args['offset'] ) / $per_page ) + 1 ); |
349 |
362 |
350 $prepared_args['fields'] = 'ID'; |
363 $prepared_args['fields'] = 'ID'; |
351 |
364 |
352 $total_users = $query->get_total(); |
365 $total_users = $query->get_total(); |
353 |
366 |
358 $total_users = $count_query->get_total(); |
371 $total_users = $count_query->get_total(); |
359 } |
372 } |
360 |
373 |
361 $response->header( 'X-WP-Total', (int) $total_users ); |
374 $response->header( 'X-WP-Total', (int) $total_users ); |
362 |
375 |
363 $max_pages = ceil( $total_users / $per_page ); |
376 $max_pages = (int) ceil( $total_users / $per_page ); |
364 |
377 |
365 $response->header( 'X-WP-TotalPages', (int) $max_pages ); |
378 $response->header( 'X-WP-TotalPages', $max_pages ); |
366 |
379 |
367 $base = add_query_arg( urlencode_deep( $request->get_query_params() ), rest_url( sprintf( '%s/%s', $this->namespace, $this->rest_base ) ) ); |
380 $base = add_query_arg( urlencode_deep( $request->get_query_params() ), rest_url( sprintf( '%s/%s', $this->namespace, $this->rest_base ) ) ); |
368 if ( $page > 1 ) { |
381 if ( $page > 1 ) { |
369 $prev_page = $page - 1; |
382 $prev_page = $page - 1; |
370 |
383 |
681 ); |
694 ); |
682 } |
695 } |
683 |
696 |
684 $request_params = array_keys( $request->get_params() ); |
697 $request_params = array_keys( $request->get_params() ); |
685 sort( $request_params ); |
698 sort( $request_params ); |
686 // If only 'id' and 'roles' are specified (we are only trying to |
699 /* |
687 // edit roles), then only the 'promote_user' cap is required. |
700 * If only 'id' and 'roles' are specified (we are only trying to |
|
701 * edit roles), then only the 'promote_user' cap is required. |
|
702 */ |
688 if ( array( 'id', 'roles' ) === $request_params ) { |
703 if ( array( 'id', 'roles' ) === $request_params ) { |
689 return true; |
704 return true; |
690 } |
705 } |
691 } |
706 } |
692 |
707 |
715 return $user; |
730 return $user; |
716 } |
731 } |
717 |
732 |
718 $id = $user->ID; |
733 $id = $user->ID; |
719 |
734 |
720 if ( ! $user ) { |
735 $owner_id = false; |
721 return new WP_Error( |
736 if ( is_string( $request['email'] ) ) { |
722 'rest_user_invalid_id', |
737 $owner_id = email_exists( $request['email'] ); |
723 __( 'Invalid user ID.' ), |
738 } |
724 array( 'status' => 404 ) |
|
725 ); |
|
726 } |
|
727 |
|
728 $owner_id = email_exists( $request['email'] ); |
|
729 |
739 |
730 if ( $owner_id && $owner_id !== $id ) { |
740 if ( $owner_id && $owner_id !== $id ) { |
731 return new WP_Error( |
741 return new WP_Error( |
732 'rest_user_invalid_email', |
742 'rest_user_invalid_email', |
733 __( 'Invalid email address.' ), |
743 __( 'Invalid email address.' ), |
985 * @param WP_REST_Request $request Request object. |
995 * @param WP_REST_Request $request Request object. |
986 * @return WP_REST_Response Response object. |
996 * @return WP_REST_Response Response object. |
987 */ |
997 */ |
988 public function prepare_item_for_response( $item, $request ) { |
998 public function prepare_item_for_response( $item, $request ) { |
989 // Restores the more descriptive, specific name for use within this method. |
999 // Restores the more descriptive, specific name for use within this method. |
990 $user = $item; |
1000 $user = $item; |
|
1001 |
|
1002 $fields = $this->get_fields_for_response( $request ); |
991 $data = array(); |
1003 $data = array(); |
992 $fields = $this->get_fields_for_response( $request ); |
|
993 |
1004 |
994 if ( in_array( 'id', $fields, true ) ) { |
1005 if ( in_array( 'id', $fields, true ) ) { |
995 $data['id'] = $user->ID; |
1006 $data['id'] = $user->ID; |
996 } |
1007 } |
997 |
1008 |
1070 $data = $this->filter_response_by_context( $data, $context ); |
1081 $data = $this->filter_response_by_context( $data, $context ); |
1071 |
1082 |
1072 // Wrap the data in a response object. |
1083 // Wrap the data in a response object. |
1073 $response = rest_ensure_response( $data ); |
1084 $response = rest_ensure_response( $data ); |
1074 |
1085 |
1075 $response->add_links( $this->prepare_links( $user ) ); |
1086 if ( rest_is_field_included( '_links', $fields ) || rest_is_field_included( '_embedded', $fields ) ) { |
|
1087 $response->add_links( $this->prepare_links( $user ) ); |
|
1088 } |
1076 |
1089 |
1077 /** |
1090 /** |
1078 * Filters user data returned from the REST API. |
1091 * Filters user data returned from the REST API. |
1079 * |
1092 * |
1080 * @since 4.7.0 |
1093 * @since 4.7.0 |
1114 * |
1127 * |
1115 * @param WP_REST_Request $request Request object. |
1128 * @param WP_REST_Request $request Request object. |
1116 * @return object User object. |
1129 * @return object User object. |
1117 */ |
1130 */ |
1118 protected function prepare_item_for_database( $request ) { |
1131 protected function prepare_item_for_database( $request ) { |
1119 $prepared_user = new stdClass; |
1132 $prepared_user = new stdClass(); |
1120 |
1133 |
1121 $schema = $this->get_item_schema(); |
1134 $schema = $this->get_item_schema(); |
1122 |
1135 |
1123 // Required arguments. |
1136 // Required arguments. |
1124 if ( isset( $request['email'] ) && ! empty( $schema['properties']['email'] ) ) { |
1137 if ( isset( $request['email'] ) && ! empty( $schema['properties']['email'] ) ) { |
1306 __( 'Passwords cannot be empty.' ), |
1319 __( 'Passwords cannot be empty.' ), |
1307 array( 'status' => 400 ) |
1320 array( 'status' => 400 ) |
1308 ); |
1321 ); |
1309 } |
1322 } |
1310 |
1323 |
1311 if ( false !== strpos( $password, '\\' ) ) { |
1324 if ( str_contains( $password, '\\' ) ) { |
1312 return new WP_Error( |
1325 return new WP_Error( |
1313 'rest_user_invalid_password', |
1326 'rest_user_invalid_password', |
1314 sprintf( |
1327 sprintf( |
1315 /* translators: %s: The '\' character. */ |
1328 /* translators: %s: The '\' character. */ |
1316 __( 'Passwords cannot contain the "%s" character.' ), |
1329 __( 'Passwords cannot contain the "%s" character.' ), |