Prevent notes from inadvertently showing up in the context of comments - including on the Dashboard recent comments widget and the “Mine” count on the Comments page. Notes are stored as a custom ‘note’ comment type and this change ensures the note type is only returned when explicitly requested, or when ‘all’ types are requested.
The query for note children is modified to return all child notes. This fixes an issue where children were no longer being returned for the ‘note’ type.
Also fixes https://github.com/WordPress/gutenberg/issues/72548.
Props adamsilverstein, timothyblynjacobs, shailu25, peterwilsoncc, westonruter, mamaduka, kadamwhite.
Fixes#64145.
Fixes#64152.
Built from https://develop.svn.wordpress.org/trunk@61105
git-svn-id: http://core.svn.wordpress.org/trunk@60441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit casts the object returned by `prepare_item_for_database()` to an array. Without doing so, `wp_slash()` returns the object unchanged, meaning string values within the object wouldn't be properly escaped for database insertion.
Follow-up to [64035]
Props ramonopoly, westonruter, mukesh27, justlevine.
Fixes #64149.
Built from https://develop.svn.wordpress.org/trunk@61065
git-svn-id: http://core.svn.wordpress.org/trunk@60401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Without this patch REST API would require a weird empty `?input` field for optional input given how the current controller works with input schema when it defines the expected shape. This patch normalizes the input for the ability, applying the default value from the input schema when needed.
Developed in https://github.com/WordPress/wordpress-develop/pull/10395.
Follow-up [61032], [61045].
Props gziolo, jorgefilipecosta, mukesh27.
Fixes#64139.
Built from https://develop.svn.wordpress.org/trunk@61047
git-svn-id: http://core.svn.wordpress.org/trunk@60383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces a new REST API endpoint at `wp-abilities/v1/categories` to expose
ability categories through the WordPress REST API.
The new `WP_REST_Abilities_V1_Categories_Controller` provides:
- GET `/wp-abilities/v1/categories` - Lists all ability categories with pagination
- GET `/wp-abilities/v1/categories/{slug}` - Retrieves a single category by slug
Both endpoints require the `read` capability and return category data including
slug, label, description, and metadata. The collection endpoint supports pagination
with `page` and `per_page` parameters (default: 50, max: 100).
Developed in https://github.com/WordPress/wordpress-develop/pull/10380.
Follow-up [61032].
Props gziolo, jason_the_adams, timothyblynjacobs.
Fixes#64098.
Built from https://develop.svn.wordpress.org/trunk@61045
git-svn-id: http://core.svn.wordpress.org/trunk@60381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improve the performance of fallback queries to determine the total number of objects available on various REST endpoints for out of bounds queries.
The database queries are modified to return the minimum amount of data required for determining the count and bypass priming of meta a term caches where appropriate.
Props adamsilverstein, joehoyle, johnbillion, jorbin, kadamwhite, spacedmonkey, sukhendu2002, westonruter.
Fixes#62801.
Built from https://develop.svn.wordpress.org/trunk@61002
git-svn-id: http://core.svn.wordpress.org/trunk@60338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Bring the PHP part of the new Notes feature into core for the 6.9 release. See related Gutenberg Issue: https://github.com/WordPress/gutenberg/issues/71826. These changes do not impact any user facing functionality, they simply prepare core for the JavaScript functionality that will come over in a separate sync.
Overview of changes:
- Ensure Notes are not included in comment counts
- Enable the note type (REST API)
- Adjust capabilities so edit_post cap implies ability to edit notes
- Enable empty and duplicate notes for resolve/re-open actions
- Add control over notes with post type supports check
- Register new note resolution status meta
Props: ristojovanovic, adamsilverstein, jeffpaul, wildworks, mamaduka, swissspidy, timothyblynjacobs, kadamwhite.
Fixes#64096.
Built from https://develop.svn.wordpress.org/trunk@60987
git-svn-id: http://core.svn.wordpress.org/trunk@60323 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This filter was already respected during comment creation, but not updates. This was inconsistent between POST and PUT, and prevented erasing content of moderated comments via the API without deleting the entire object.
Props adamsilverstein, kadamwhite, davidbaumwald, mukesh27, timothyblynjacobs.
Fixes#64049.
Built from https://develop.svn.wordpress.org/trunk@60937
git-svn-id: http://core.svn.wordpress.org/trunk@60273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This patch enhances the REST API media endpoint to allow filtering by multiple values for the media_type and mime_type parameters. String, comma-separated values and array are supported.
Props abcd95, ramonopoly, andrewserong, mukesh27, adamsilverstein, timothyblynjacobs, swissspidy.
Fixes #63668.
Built from https://develop.svn.wordpress.org/trunk@60917
git-svn-id: http://core.svn.wordpress.org/trunk@60253 1a063a9b-81f0-0310-95a4-ce76da25c4cd
By adding the https://api.w.org/ prefix and using a more descriptive name for the link relation, this change creates greater clarity for this part of the API. Note that the renaming of this property is safe, as the API change has not yet made it into a final release.
Follow-up to [60893].
Props andrewserong, mukesh27, ramonopoly, timothyblynjacobs.
Fixes#64034.
Built from https://develop.svn.wordpress.org/trunk@60916
git-svn-id: http://core.svn.wordpress.org/trunk@60252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit enhances media editor capabilities pursuant to the Phase 3: Collaboration > Media Library. See https://make.wordpress.org/core/2023/07/07/media-library/
It adds the following functionality:
- the ability to flip an image horizontally and vertically
- the ability to send arguments to update the new image's `caption`, `description`, and `title`, `post` and `alt_text` fields.
Props ramonopoly, mukesh27, isabel_brison, andrewserong.
Fixes #64035.
Built from https://develop.svn.wordpress.org/trunk@60908
git-svn-id: http://core.svn.wordpress.org/trunk@60244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allows consumers to more easily fetch details of the post a media item is linked to, i.e. to more easily display the uploaded to / attached to status of media items.
Props andrewserong, ramonopoly, mukesh27, adamsilverstein.
Fixes#64034.
Built from https://develop.svn.wordpress.org/trunk@60893
git-svn-id: http://core.svn.wordpress.org/trunk@60229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The edit access in now taken into account for each individual post, term, or user in the response.
Props andraganescu, desrosj, ehti, hurayraiit, iandunn, joehoyle, johnbillion, jorbin, mnelson4, noisysocks, peterwilsoncc, rmccue, timothyblynjacobs, vortfu, whyisjake, zieladam.
Built from https://develop.svn.wordpress.org/trunk@60814
git-svn-id: http://core.svn.wordpress.org/trunk@60150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This restores the 6.7 and below behavior for the posts endpoint which did not include sticky posts by default.
Follow-up to [59801].
Props nikunj8866, SirLouen, ankitmaru, wildworks, karthikeya01, Mamaduka, spacedmonkey, jorbin.
Fixes#63307. See #35907.
Built from https://develop.svn.wordpress.org/trunk@60197
git-svn-id: http://core.svn.wordpress.org/trunk@59533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While having a mime type with an "image" prefix, SVG images are in fact "Scalable Vector Graphics" that can be scaled directly.
Follow-up to [60084].
Props sirlouen, adamsilverstein, audrasjb, pbiron, sainathpoojary, dilipbheda, pratiklondhe.
Fixes#63302. See #61167.
Built from https://develop.svn.wordpress.org/trunk@60195
git-svn-id: http://core.svn.wordpress.org/trunk@59531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`json_last_error()` can only return an integer, and the `JSON_ERROR_NONE` constant has the value of `0`, so the `empty()` check is redundant here.
Follow-up to [34928], [46206].
Props dilipbheda, audrasjb, SergeyBiryukov.
See #63249.
Built from https://develop.svn.wordpress.org/trunk@60151
git-svn-id: http://core.svn.wordpress.org/trunk@59487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Normalize behavior between uploading in the media library and uploading directly to the block editor. Now, when uploading an image with a mime type the server does not support (either in the media library or the block editor), the user will see an error message “This image cannot be processed by the web server. Convert it to JPEG or PNG before uploading”.
Alos, add a new filter `wp_prevent_unsupported_mime_type_uploads` which determines whether the server should prevent uploads for image types it doesn't support. The default value is true and the filter also receives the uploaded image mime type.
Props: joomskys, adamsilverstein, azaozz, swissspidy, joemcgill, flixos90, audrasjb.
Fixes#61167
Built from https://develop.svn.wordpress.org/trunk@60084
git-svn-id: http://core.svn.wordpress.org/trunk@59420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset introduces a modification to the `get_params()` method within the WordPress REST API. The change ensures that the `rest_route` parameter is excluded from the parameters returned when pretty permalinks are not enabled. This update enhances the developer experience by ensuring that the parameters returned by `get_params()` are relevant and do not include unnecessary values, thereby reducing potential confusion and errors.
Props westonruter, TimothyBlynJacobs, audrasjb, debarghyabanerjee, dilip2615, shanemuir, peterwilsoncc.
Fixes#62163.
Built from https://develop.svn.wordpress.org/trunk@60073
git-svn-id: http://core.svn.wordpress.org/trunk@59409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [59889] the REST API controllers were adjusted to perform less work when responding to HEAD requests. The WP_REST_Response body would now be `null`, which caused issues with filters that expected the response body to be an array.
This commit sets the response body to be an empty array when preparing the response instead. The body will still be discarded, but this provides better backward comppatibility with code that assumes an array will be used.
See #56481.
Props antonvlasenko, timothyblynjacobs, mamaduka, wildworks.
Built from https://develop.svn.wordpress.org/trunk@59970
git-svn-id: http://core.svn.wordpress.org/trunk@59312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The active theme(s) now return two additional properties, `default_template_types` and `default_template_part_areas`, in the REST response.
Props mamaduka, joemcgill, timothyblynjacobs, audrasjb, gigitux, peterwilsoncc, youknowriad, jorbin.
Fixes#62574.
Built from https://develop.svn.wordpress.org/trunk@59965
git-svn-id: http://core.svn.wordpress.org/trunk@59307 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset replaces `edit_theme_options` with the `export` capability to determine whether the current user can export themes. That condition determines whether to show the Export Theme button in the Site Editor. Using `export` capability makes it more consistent with general export capabilities across the administration.
Props unsalkorkmaz, rajinsharwar, audrasjb, peterwilsoncc, desrosj, Mamaduka, TimothyBlynJacobs.
Fixes#57379.
Built from https://develop.svn.wordpress.org/trunk@59924
git-svn-id: http://core.svn.wordpress.org/trunk@59266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
By default, the REST API responds to HEAD rqeuests by calling the GET handler and omitting the body from the response. While convenient, this ends up performing needless work that slows down the API response time.
This commit adjusts the Core controllers to specifically handle HEAD requests by not preparing the response body.
Fixes#56481.
Props antonvlasenko, janusdev, ironprogrammer, swissspidy, spacedmonkey, mukesh27, mamaduka, timothyblynjacobs.
Built from https://develop.svn.wordpress.org/trunk@59899
git-svn-id: http://core.svn.wordpress.org/trunk@59241 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds support for passing a `search_columns` argument to the user controller so that users with `list_users` caps can specify which field is being searched.
Props youknowriad, joemcgill, ntsekouras, mreishus, mamaduka.
Fixes 62596.
Built from https://develop.svn.wordpress.org/trunk@59892
git-svn-id: http://core.svn.wordpress.org/trunk@59234 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduce `ignore_sticky` as a boolean argument for the posts endpoint for requests without the sticky posts being stuck. The new argument defaults to `false` with the value of the argument passed to `WP_Query`'s `ignore_sticky_posts` parameter.
Props audrasjb, danielbachhuber, joemcgill, johnbillion, jorbin, mamaduka, rmccue.
Fixes#35907.
Built from https://develop.svn.wordpress.org/trunk@59801
git-svn-id: http://core.svn.wordpress.org/trunk@59143 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Values passed to parameters with this attribute will be redacted if present in a stack trace when using PHP 8.2 or later. This reduces the chance that passwords and security keys get accidentally exposed in debug logs and bug reports.
Props petitphp, TobiasBg, jrf, johnbillion.
Fixes#57304
Built from https://develop.svn.wordpress.org/trunk@59754
git-svn-id: http://core.svn.wordpress.org/trunk@59096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The menu, menu item, and menu location endpoints were added to the REST API in [52079]. In that commit, menu data was treated as private and restricted to logged-in users with the edit_theme_options capability. However, in many cases, this data can be considered public. Previously, there was no simple way for developers to allow this data to be exposed via the REST API.
This commit introduces the rest_menu_read_access filter, enabling developers to control read access to menus, menu items, and menu locations in the REST API. The same filter is applied across all three REST API classes, simplifying the process of opting into exposing this data.
Each instance of the filter provides the current request and the relevant class instance as context, allowing developers to selectively or globally enable access to the data.
Props spacedmonkey, antonvlasenko, kadamwhite, julianmar, masteradhoc.
Fixes#54304.
Built from https://develop.svn.wordpress.org/trunk@59718
git-svn-id: http://core.svn.wordpress.org/trunk@59060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This bug could occur in `WP_REST_Posts_Controller`, `WP_REST_Global_Styles_Revisions_Controller`, `WP_REST_Revisions_Controller`, and any of their child classes. This changeset fixes it throughout.
Props apermo, pbearne, hemant-ahir, flixos90.
Fixes#62292.
Built from https://develop.svn.wordpress.org/trunk@59630
git-svn-id: http://core.svn.wordpress.org/trunk@58993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ignore the `format` parameter introduced in WordPress 6.7 for post types that do not support post formats. This protects against a fatal error being thrown in later version of PHP or a warning in earlier versions of PHP.
Follow up to r59115.
Props dd32, sergeybiryukov, yogeshbhutkar.
Fixes#62646.
See #62014.
Built from https://develop.svn.wordpress.org/trunk@59544
git-svn-id: http://core.svn.wordpress.org/trunk@58930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
