--- a/wp/wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php Tue Oct 22 16:11:46 2019 +0200
+++ b/wp/wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php Tue Dec 15 13:49:49 2020 +0100
@@ -49,15 +49,19 @@
*/
public function __construct( $parent_post_type ) {
$this->parent_post_type = $parent_post_type;
- $this->parent_controller = new WP_REST_Posts_Controller( $parent_post_type );
$this->namespace = 'wp/v2';
$this->rest_base = 'revisions';
$post_type_object = get_post_type_object( $parent_post_type );
$this->parent_base = ! empty( $post_type_object->rest_base ) ? $post_type_object->rest_base : $post_type_object->name;
+ $this->parent_controller = $post_type_object->get_rest_controller();
+
+ if ( ! $this->parent_controller ) {
+ $this->parent_controller = new WP_REST_Posts_Controller( $parent_post_type );
+ }
}
/**
- * Registers routes for revisions based on post types supporting revisions.
+ * Registers the routes for revisions based on post types supporting revisions.
*
* @since 4.7.0
*
@@ -130,11 +134,15 @@
*
* @since 4.7.2
*
- * @param int $id Supplied ID.
+ * @param int $parent Supplied ID.
* @return WP_Post|WP_Error Post object if ID is valid, WP_Error otherwise.
*/
protected function get_parent( $parent ) {
- $error = new WP_Error( 'rest_post_invalid_parent', __( 'Invalid post parent ID.' ), array( 'status' => 404 ) );
+ $error = new WP_Error(
+ 'rest_post_invalid_parent',
+ __( 'Invalid post parent ID.' ),
+ array( 'status' => 404 )
+ );
if ( (int) $parent <= 0 ) {
return $error;
}
@@ -152,7 +160,7 @@
*
* @since 4.7.0
*
- * @param WP_REST_Request $request Full data about the request.
+ * @param WP_REST_Request $request Full details about the request.
* @return true|WP_Error True if the request has read access, WP_Error object otherwise.
*/
public function get_items_permissions_check( $request ) {
@@ -161,9 +169,12 @@
return $parent;
}
- $parent_post_type_obj = get_post_type_object( $parent->post_type );
- if ( ! current_user_can( $parent_post_type_obj->cap->edit_post, $parent->ID ) ) {
- return new WP_Error( 'rest_cannot_read', __( 'Sorry, you are not allowed to view revisions of this post.' ), array( 'status' => rest_authorization_required_code() ) );
+ if ( ! current_user_can( 'edit_post', $parent->ID ) ) {
+ return new WP_Error(
+ 'rest_cannot_read',
+ __( 'Sorry, you are not allowed to view revisions of this post.' ),
+ array( 'status' => rest_authorization_required_code() )
+ );
}
return true;
@@ -178,7 +189,12 @@
* @return WP_Post|WP_Error Revision post object if ID is valid, WP_Error otherwise.
*/
protected function get_revision( $id ) {
- $error = new WP_Error( 'rest_post_invalid_id', __( 'Invalid revision ID.' ), array( 'status' => 404 ) );
+ $error = new WP_Error(
+ 'rest_post_invalid_id',
+ __( 'Invalid revision ID.' ),
+ array( 'status' => 404 )
+ );
+
if ( (int) $id <= 0 ) {
return $error;
}
@@ -196,7 +212,7 @@
*
* @since 4.7.0
*
- * @param WP_REST_Request $request Full data about the request.
+ * @param WP_REST_Request $request Full details about the request.
* @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
*/
public function get_items( $request ) {
@@ -207,12 +223,20 @@
// Ensure a search string is set in case the orderby is set to 'relevance'.
if ( ! empty( $request['orderby'] ) && 'relevance' === $request['orderby'] && empty( $request['search'] ) ) {
- return new WP_Error( 'rest_no_search_term_defined', __( 'You need to define a search term to order by relevance.' ), array( 'status' => 400 ) );
+ return new WP_Error(
+ 'rest_no_search_term_defined',
+ __( 'You need to define a search term to order by relevance.' ),
+ array( 'status' => 400 )
+ );
}
// Ensure an include parameter is set in case the orderby is set to 'include'.
if ( ! empty( $request['orderby'] ) && 'include' === $request['orderby'] && empty( $request['include'] ) ) {
- return new WP_Error( 'rest_orderby_include_missing_include', __( 'You need to define an include parameter to order by include.' ), array( 'status' => 400 ) );
+ return new WP_Error(
+ 'rest_orderby_include_missing_include',
+ __( 'You need to define an include parameter to order by include.' ),
+ array( 'status' => 400 )
+ );
}
if ( wp_revisions_enabled( $parent ) ) {
@@ -277,9 +301,17 @@
if ( $total_revisions > 0 ) {
if ( $offset >= $total_revisions ) {
- return new WP_Error( 'rest_revision_invalid_offset_number', __( 'The offset number requested is larger than or equal to the number of available revisions.' ), array( 'status' => 400 ) );
+ return new WP_Error(
+ 'rest_revision_invalid_offset_number',
+ __( 'The offset number requested is larger than or equal to the number of available revisions.' ),
+ array( 'status' => 400 )
+ );
} elseif ( ! $offset && $page > $max_pages ) {
- return new WP_Error( 'rest_revision_invalid_page_number', __( 'The page number requested is larger than the number of pages available.' ), array( 'status' => 400 ) );
+ return new WP_Error(
+ 'rest_revision_invalid_page_number',
+ __( 'The page number requested is larger than the number of pages available.' ),
+ array( 'status' => 400 )
+ );
}
}
} else {
@@ -290,6 +322,7 @@
}
$response = array();
+
foreach ( $revisions as $revision ) {
$data = $this->prepare_item_for_response( $revision, $request );
$response[] = $this->prepare_response_for_collection( $data );
@@ -328,7 +361,7 @@
*
* @since 4.7.0
*
- * @param WP_REST_Request $request Full data about the request.
+ * @param WP_REST_Request $request Full details about the request.
* @return bool|WP_Error True if the request has read access for the item, WP_Error object otherwise.
*/
public function get_item_permissions_check( $request ) {
@@ -340,7 +373,7 @@
*
* @since 4.7.0
*
- * @param WP_REST_Request $request Full data about the request.
+ * @param WP_REST_Request $request Full details about the request.
* @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
*/
public function get_item( $request ) {
@@ -363,7 +396,7 @@
*
* @since 4.7.0
*
- * @param WP_REST_Request $request Full details about the request.
+ * @param WP_REST_Request $request Full details about the request.
* @return bool|WP_Error True if the request has access to delete the item, WP_Error object otherwise.
*/
public function delete_item_permissions_check( $request ) {
@@ -372,6 +405,16 @@
return $parent;
}
+ $parent_post_type = get_post_type_object( $parent->post_type );
+
+ if ( ! current_user_can( 'delete_post', $parent->ID ) ) {
+ return new WP_Error(
+ 'rest_cannot_delete',
+ __( 'Sorry, you are not allowed to delete revisions of this post.' ),
+ array( 'status' => rest_authorization_required_code() )
+ );
+ }
+
$revision = $this->get_revision( $request['id'] );
if ( is_wp_error( $revision ) ) {
return $revision;
@@ -382,8 +425,15 @@
return $response;
}
- $post_type = get_post_type_object( 'revision' );
- return current_user_can( $post_type->cap->delete_post, $revision->ID );
+ if ( ! current_user_can( 'delete_post', $revision->ID ) ) {
+ return new WP_Error(
+ 'rest_cannot_delete',
+ __( 'Sorry, you are not allowed to delete this revision.' ),
+ array( 'status' => rest_authorization_required_code() )
+ );
+ }
+
+ return true;
}
/**
@@ -392,7 +442,7 @@
* @since 4.7.0
*
* @param WP_REST_Request $request Full details about the request.
- * @return true|WP_Error True on success, or WP_Error object on failure.
+ * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
*/
public function delete_item( $request ) {
$revision = $this->get_revision( $request['id'] );
@@ -404,8 +454,12 @@
// We don't support trashing for revisions.
if ( ! $force ) {
- /* translators: %s: force=true */
- return new WP_Error( 'rest_trash_not_supported', sprintf( __( "Revisions do not support trashing. Set '%s' to delete." ), 'force=true' ), array( 'status' => 501 ) );
+ return new WP_Error(
+ 'rest_trash_not_supported',
+ /* translators: %s: force=true */
+ sprintf( __( "Revisions do not support trashing. Set '%s' to delete." ), 'force=true' ),
+ array( 'status' => 501 )
+ );
}
$previous = $this->prepare_item_for_response( $revision, $request );
@@ -417,15 +471,19 @@
*
* @since 4.7.0
*
- * @param (mixed) $result The revision object (if it was deleted or moved to the trash successfully)
- * or false (failure). If the revision was moved to the trash, $result represents
- * its new state; if it was deleted, $result represents its state before deletion.
+ * @param WP_Post|false|null $result The revision object (if it was deleted or moved to the Trash successfully)
+ * or false or null (failure). If the revision was moved to the Trash, $result represents
+ * its new state; if it was deleted, $result represents its state before deletion.
* @param WP_REST_Request $request The request sent to the API.
*/
do_action( 'rest_delete_revision', $result, $request );
if ( ! $result ) {
- return new WP_Error( 'rest_cannot_delete', __( 'The post cannot be deleted.' ), array( 'status' => 500 ) );
+ return new WP_Error(
+ 'rest_cannot_delete',
+ __( 'The post cannot be deleted.' ),
+ array( 'status' => 500 )
+ );
}
$response = new WP_REST_Response();
@@ -606,6 +664,10 @@
* @return array Item schema data.
*/
public function get_item_schema() {
+ if ( $this->schema ) {
+ return $this->add_additional_fields_schema( $this->schema );
+ }
+
$schema = array(
'$schema' => 'http://json-schema.org/draft-04/schema#',
'title' => "{$this->parent_post_type}-revision",
@@ -682,7 +744,9 @@
$schema['properties']['guid'] = $parent_schema['properties']['guid'];
}
- return $this->add_additional_fields_schema( $schema );
+ $this->schema = $schema;
+
+ return $this->add_additional_fields_schema( $this->schema );
}
/**