Spaces:
Sleeping
Sleeping
| /** | |
| * REST API: WP_REST_Controller class | |
| * | |
| * @package WordPress | |
| * @subpackage REST_API | |
| * @since 4.7.0 | |
| */ | |
| /** | |
| * Core base controller for managing and interacting with REST API items. | |
| * | |
| * @since 4.7.0 | |
| */ | |
| abstract class WP_REST_Controller { | |
| /** | |
| * The namespace of this controller's route. | |
| * | |
| * @since 4.7.0 | |
| * @var string | |
| */ | |
| protected $namespace; | |
| /** | |
| * The base of this controller's route. | |
| * | |
| * @since 4.7.0 | |
| * @var string | |
| */ | |
| protected $rest_base; | |
| /** | |
| * Cached results of get_item_schema. | |
| * | |
| * @since 5.3.0 | |
| * @var array | |
| */ | |
| protected $schema; | |
| /** | |
| * Registers the routes for the objects of the controller. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @see register_rest_route() | |
| */ | |
| public function register_routes() { | |
| _doing_it_wrong( | |
| 'WP_REST_Controller::register_routes', | |
| /* translators: %s: register_routes() */ | |
| sprintf( __( "Method '%s' must be overridden." ), __METHOD__ ), | |
| '4.7.0' | |
| ); | |
| } | |
| /** | |
| * Checks if a given request has access to get items. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return true|WP_Error True if the request has read access, WP_Error object otherwise. | |
| */ | |
| public function get_items_permissions_check( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Retrieves a collection of items. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. | |
| */ | |
| public function get_items( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Checks if a given request has access to get a specific item. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return true|WP_Error True if the request has read access for the item, WP_Error object otherwise. | |
| */ | |
| public function get_item_permissions_check( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Retrieves one item from the collection. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. | |
| */ | |
| public function get_item( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Checks if a given request has access to create items. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return true|WP_Error True if the request has access to create items, WP_Error object otherwise. | |
| */ | |
| public function create_item_permissions_check( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Creates one item from the collection. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. | |
| */ | |
| public function create_item( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Checks if a given request has access to update a specific item. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return true|WP_Error True if the request has access to update the item, WP_Error object otherwise. | |
| */ | |
| public function update_item_permissions_check( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Updates one item from the collection. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. | |
| */ | |
| public function update_item( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Checks if a given request has access to delete a specific item. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return true|WP_Error True if the request has access to delete the item, WP_Error object otherwise. | |
| */ | |
| public function delete_item_permissions_check( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Deletes one item from the collection. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. | |
| */ | |
| public function delete_item( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Prepares one item for create or update operation. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Request $request Request object. | |
| * @return object|WP_Error The prepared item, or WP_Error object on failure. | |
| */ | |
| protected function prepare_item_for_database( $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Prepares the item for the REST response. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param mixed $item WordPress representation of the item. | |
| * @param WP_REST_Request $request Request object. | |
| * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. | |
| */ | |
| public function prepare_item_for_response( $item, $request ) { | |
| return new WP_Error( | |
| 'invalid-method', | |
| /* translators: %s: Method name. */ | |
| sprintf( __( "Method '%s' not implemented. Must be overridden in subclass." ), __METHOD__ ), | |
| array( 'status' => 405 ) | |
| ); | |
| } | |
| /** | |
| * Prepares a response for insertion into a collection. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param WP_REST_Response $response Response object. | |
| * @return array|mixed Response data, ready for insertion into collection data. | |
| */ | |
| public function prepare_response_for_collection( $response ) { | |
| if ( ! ( $response instanceof WP_REST_Response ) ) { | |
| return $response; | |
| } | |
| $data = (array) $response->get_data(); | |
| $server = rest_get_server(); | |
| $links = $server::get_compact_response_links( $response ); | |
| if ( ! empty( $links ) ) { | |
| $data['_links'] = $links; | |
| } | |
| return $data; | |
| } | |
| /** | |
| * Filters a response based on the context defined in the schema. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param array $response_data Response data to filter. | |
| * @param string $context Context defined in the schema. | |
| * @return array Filtered response. | |
| */ | |
| public function filter_response_by_context( $response_data, $context ) { | |
| $schema = $this->get_item_schema(); | |
| return rest_filter_response_by_context( $response_data, $schema, $context ); | |
| } | |
| /** | |
| * Retrieves the item's schema, conforming to JSON Schema. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @return array Item schema data. | |
| */ | |
| public function get_item_schema() { | |
| return $this->add_additional_fields_schema( array() ); | |
| } | |
| /** | |
| * Retrieves the item's schema for display / public consumption purposes. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @return array Public item schema data. | |
| */ | |
| public function get_public_item_schema() { | |
| $schema = $this->get_item_schema(); | |
| if ( ! empty( $schema['properties'] ) ) { | |
| foreach ( $schema['properties'] as &$property ) { | |
| unset( $property['arg_options'] ); | |
| } | |
| } | |
| return $schema; | |
| } | |
| /** | |
| * Retrieves the query params for the collections. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @return array Query parameters for the collection. | |
| */ | |
| public function get_collection_params() { | |
| return array( | |
| 'context' => $this->get_context_param(), | |
| 'page' => array( | |
| 'description' => __( 'Current page of the collection.' ), | |
| 'type' => 'integer', | |
| 'default' => 1, | |
| 'sanitize_callback' => 'absint', | |
| 'validate_callback' => 'rest_validate_request_arg', | |
| 'minimum' => 1, | |
| ), | |
| 'per_page' => array( | |
| 'description' => __( 'Maximum number of items to be returned in result set.' ), | |
| 'type' => 'integer', | |
| 'default' => 10, | |
| 'minimum' => 1, | |
| 'maximum' => 100, | |
| 'sanitize_callback' => 'absint', | |
| 'validate_callback' => 'rest_validate_request_arg', | |
| ), | |
| 'search' => array( | |
| 'description' => __( 'Limit results to those matching a string.' ), | |
| 'type' => 'string', | |
| 'sanitize_callback' => 'sanitize_text_field', | |
| 'validate_callback' => 'rest_validate_request_arg', | |
| ), | |
| ); | |
| } | |
| /** | |
| * Retrieves the magical context param. | |
| * | |
| * Ensures consistent descriptions between endpoints, and populates enum from schema. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param array $args Optional. Additional arguments for context parameter. Default empty array. | |
| * @return array Context parameter details. | |
| */ | |
| public function get_context_param( $args = array() ) { | |
| $param_details = array( | |
| 'description' => __( 'Scope under which the request is made; determines fields present in response.' ), | |
| 'type' => 'string', | |
| 'sanitize_callback' => 'sanitize_key', | |
| 'validate_callback' => 'rest_validate_request_arg', | |
| ); | |
| $schema = $this->get_item_schema(); | |
| if ( empty( $schema['properties'] ) ) { | |
| return array_merge( $param_details, $args ); | |
| } | |
| $contexts = array(); | |
| foreach ( $schema['properties'] as $attributes ) { | |
| if ( ! empty( $attributes['context'] ) ) { | |
| $contexts = array_merge( $contexts, $attributes['context'] ); | |
| } | |
| } | |
| if ( ! empty( $contexts ) ) { | |
| $param_details['enum'] = array_unique( $contexts ); | |
| rsort( $param_details['enum'] ); | |
| } | |
| return array_merge( $param_details, $args ); | |
| } | |
| /** | |
| * Adds the values from additional fields to a data object. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param array $response_data Prepared response array. | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return array Modified data object with additional fields. | |
| */ | |
| protected function add_additional_fields_to_object( $response_data, $request ) { | |
| $additional_fields = $this->get_additional_fields(); | |
| $requested_fields = $this->get_fields_for_response( $request ); | |
| foreach ( $additional_fields as $field_name => $field_options ) { | |
| if ( ! $field_options['get_callback'] ) { | |
| continue; | |
| } | |
| if ( ! rest_is_field_included( $field_name, $requested_fields ) ) { | |
| continue; | |
| } | |
| $response_data[ $field_name ] = call_user_func( | |
| $field_options['get_callback'], | |
| $response_data, | |
| $field_name, | |
| $request, | |
| $this->get_object_type() | |
| ); | |
| } | |
| return $response_data; | |
| } | |
| /** | |
| * Updates the values of additional fields added to a data object. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param object $data_object Data model like WP_Term or WP_Post. | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return true|WP_Error True on success, WP_Error object if a field cannot be updated. | |
| */ | |
| protected function update_additional_fields_for_object( $data_object, $request ) { | |
| $additional_fields = $this->get_additional_fields(); | |
| foreach ( $additional_fields as $field_name => $field_options ) { | |
| if ( ! $field_options['update_callback'] ) { | |
| continue; | |
| } | |
| // Don't run the update callbacks if the data wasn't passed in the request. | |
| if ( ! isset( $request[ $field_name ] ) ) { | |
| continue; | |
| } | |
| $result = call_user_func( | |
| $field_options['update_callback'], | |
| $request[ $field_name ], | |
| $data_object, | |
| $field_name, | |
| $request, | |
| $this->get_object_type() | |
| ); | |
| if ( is_wp_error( $result ) ) { | |
| return $result; | |
| } | |
| } | |
| return true; | |
| } | |
| /** | |
| * Adds the schema from additional fields to a schema array. | |
| * | |
| * The type of object is inferred from the passed schema. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param array $schema Schema array. | |
| * @return array Modified Schema array. | |
| */ | |
| protected function add_additional_fields_schema( $schema ) { | |
| if ( empty( $schema['title'] ) ) { | |
| return $schema; | |
| } | |
| // Can't use $this->get_object_type otherwise we cause an inf loop. | |
| $object_type = $schema['title']; | |
| $additional_fields = $this->get_additional_fields( $object_type ); | |
| foreach ( $additional_fields as $field_name => $field_options ) { | |
| if ( ! $field_options['schema'] ) { | |
| continue; | |
| } | |
| $schema['properties'][ $field_name ] = $field_options['schema']; | |
| } | |
| return $schema; | |
| } | |
| /** | |
| * Retrieves all of the registered additional fields for a given object-type. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @global array $wp_rest_additional_fields Holds registered fields, organized by object type. | |
| * | |
| * @param string $object_type Optional. The object type. | |
| * @return array Registered additional fields (if any), empty array if none or if the object type | |
| * could not be inferred. | |
| */ | |
| protected function get_additional_fields( $object_type = null ) { | |
| global $wp_rest_additional_fields; | |
| if ( ! $object_type ) { | |
| $object_type = $this->get_object_type(); | |
| } | |
| if ( ! $object_type ) { | |
| return array(); | |
| } | |
| if ( ! $wp_rest_additional_fields || ! isset( $wp_rest_additional_fields[ $object_type ] ) ) { | |
| return array(); | |
| } | |
| return $wp_rest_additional_fields[ $object_type ]; | |
| } | |
| /** | |
| * Retrieves the object type this controller is responsible for managing. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @return string Object type for the controller. | |
| */ | |
| protected function get_object_type() { | |
| $schema = $this->get_item_schema(); | |
| if ( ! $schema || ! isset( $schema['title'] ) ) { | |
| return null; | |
| } | |
| return $schema['title']; | |
| } | |
| /** | |
| * Gets an array of fields to be included on the response. | |
| * | |
| * Included fields are based on item schema and `_fields=` request argument. | |
| * | |
| * @since 4.9.6 | |
| * | |
| * @param WP_REST_Request $request Full details about the request. | |
| * @return string[] Fields to be included in the response. | |
| */ | |
| public function get_fields_for_response( $request ) { | |
| $schema = $this->get_item_schema(); | |
| $properties = isset( $schema['properties'] ) ? $schema['properties'] : array(); | |
| $additional_fields = $this->get_additional_fields(); | |
| foreach ( $additional_fields as $field_name => $field_options ) { | |
| /* | |
| * For back-compat, include any field with an empty schema | |
| * because it won't be present in $this->get_item_schema(). | |
| */ | |
| if ( is_null( $field_options['schema'] ) ) { | |
| $properties[ $field_name ] = $field_options; | |
| } | |
| } | |
| // Exclude fields that specify a different context than the request context. | |
| $context = $request['context']; | |
| if ( $context ) { | |
| foreach ( $properties as $name => $options ) { | |
| if ( ! empty( $options['context'] ) && ! in_array( $context, $options['context'], true ) ) { | |
| unset( $properties[ $name ] ); | |
| } | |
| } | |
| } | |
| $fields = array_keys( $properties ); | |
| /* | |
| * '_links' and '_embedded' are not typically part of the item schema, | |
| * but they can be specified in '_fields', so they are added here as a | |
| * convenience for checking with rest_is_field_included(). | |
| */ | |
| $fields[] = '_links'; | |
| if ( $request->has_param( '_embed' ) ) { | |
| $fields[] = '_embedded'; | |
| } | |
| $fields = array_unique( $fields ); | |
| if ( ! isset( $request['_fields'] ) ) { | |
| return $fields; | |
| } | |
| $requested_fields = wp_parse_list( $request['_fields'] ); | |
| if ( 0 === count( $requested_fields ) ) { | |
| return $fields; | |
| } | |
| // Trim off outside whitespace from the comma delimited list. | |
| $requested_fields = array_map( 'trim', $requested_fields ); | |
| // Always persist 'id', because it can be needed for add_additional_fields_to_object(). | |
| if ( in_array( 'id', $fields, true ) ) { | |
| $requested_fields[] = 'id'; | |
| } | |
| // Return the list of all requested fields which appear in the schema. | |
| return array_reduce( | |
| $requested_fields, | |
| static function ( $response_fields, $field ) use ( $fields ) { | |
| if ( in_array( $field, $fields, true ) ) { | |
| $response_fields[] = $field; | |
| return $response_fields; | |
| } | |
| // Check for nested fields if $field is not a direct match. | |
| $nested_fields = explode( '.', $field ); | |
| /* | |
| * A nested field is included so long as its top-level property | |
| * is present in the schema. | |
| */ | |
| if ( in_array( $nested_fields[0], $fields, true ) ) { | |
| $response_fields[] = $field; | |
| } | |
| return $response_fields; | |
| }, | |
| array() | |
| ); | |
| } | |
| /** | |
| * Retrieves an array of endpoint arguments from the item schema for the controller. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @param string $method Optional. HTTP method of the request. The arguments for `CREATABLE` requests are | |
| * checked for required values and may fall-back to a given default, this is not done | |
| * on `EDITABLE` requests. Default WP_REST_Server::CREATABLE. | |
| * @return array Endpoint arguments. | |
| */ | |
| public function get_endpoint_args_for_item_schema( $method = WP_REST_Server::CREATABLE ) { | |
| return rest_get_endpoint_args_for_schema( $this->get_item_schema(), $method ); | |
| } | |
| /** | |
| * Sanitizes the slug value. | |
| * | |
| * @since 4.7.0 | |
| * | |
| * @internal We can't use sanitize_title() directly, as the second | |
| * parameter is the fallback title, which would end up being set to the | |
| * request object. | |
| * | |
| * @see https://github.com/WP-API/WP-API/issues/1585 | |
| * | |
| * @todo Remove this in favour of https://core.trac.wordpress.org/ticket/34659 | |
| * | |
| * @param string $slug Slug value passed in request. | |
| * @return string Sanitized value for the slug. | |
| */ | |
| public function sanitize_slug( $slug ) { | |
| return sanitize_title( $slug ); | |
| } | |
| } | |