REST API Support #334
REST API Support #334
Conversation
- Added API REST class
Created Class with the first route "search". Currently it only supports query param without any exclusion. Tests were also added to verify this route.
It should only load the API if installed WP supports the new API features.
Tests were also added to cover this new feature.
Why do we include the author_id in the route rather than as a separate param? Should we have a matching GET endpoint to get authors for a post? |
|
@mjangda That is a very rough route idea of what I wanted to do when I started. But I agree, it shouldn't need the |
…e 'search' route. Also, a test was added to cover this.
While locally this was working fine, on CircleCI tests were failing where a mocked user should be logged out. This commit fix this.
PHP 5.3 don't support it, which was causing CI to fail.
A new route was added /post that adds or appends new coauthors. Added new class constants and made them uppercase existing ones. Added post_validate_callback() to validate post_id argument. Renamed get_permission() to has_permission(). Added a new method to the current_user_can_set_authors() to check if the call is being made from the plugin or a REST request. Refactored some tests and added coverage for the new route.
Decouped the old API class into single classes that extend from a parent CoAuthors_API_Controller(). The boot process now takes place inside the php/api/boot.php file, instead of loading it directly from CoAuthor_Plus class.
A new method was added to CoAuthors_API_Controller, that helps filter an array of authors. Used in Search and Post API classes. Tests were also added for the GET action.
The GET route 'args' were being declared has if they where no arguments. Changed to accept the id.
Some parts of were also cleaned to coding guidelines
Tests were also added.
- Updated 'get_args' on CoAuthors_API_Controller so it allows to return different args depending of which method it's uses. - Added tests coverage
Once the guest_login field is set we don't need to updated it.
Tests were alsoo added to cover this new code.
| @@ -126,6 +127,7 @@ function coauthors_plus() { | |||
| * and the custom post type to store our author data | |||
| */ | |||
| public function action_init() { | |||
| global $wp_version; | |||
There was a problem hiding this comment.
There's some whitespace issues here. Also, this variable is not used.
|
Search Endpoint: Why is this a POST request? A sort of similar WP-API request (listing posts by an author) is a GET: What does |
|
Post - GET endpoint: Why does this require authorization? The authorship of posts is public. |
I like your suggestion. I think, if we used that logic in more than one place it would be useful to put it inside a new method. But using the logic inside the->put_item() is suffice IMO. I've also updated the methods names to *_exist() in 0c4599a |
Thanks. Is |
Yes, I think changing to something like |
I agree, though it seems like one function to check if a user can set authors for a specific post, and a different one for if a user can set authors for posts of a specific type: Would that cover everything, do you think? EDIT: but yes, a different PR makes sense. |
I like that. But what about the part that checks for the user level? I'm talking about this code $current_user = wp_get_current_user();
if ( ! $current_user ) {
return false;
}
// Super admins can do anything
if ( function_exists( 'is_super_admin' ) && is_super_admin() ) {
return true;
}
$can_set_authors = isset( $current_user->allcaps['edit_others_posts'] ) ? $current_user->allcaps['edit_others_posts'] : false;
return apply_filters( 'coauthors_plus_edit_authors', $can_set_authors );This code doesn't depend on $post_id or $post_type. |
That's the code I'm talking about too. It looks as though it's supposed to take into account post-specific capabilities but doesn't. It seems like it should be a wrapper for either |
|
@mdawaffe Yeah, I'm not sure either. For the sake of keeping the PR more clean (regarding the API implementation) I'd suggest we refactor just that code into a different method so we don't need the |
|
That makes sense to me. |
| public function delete_item( WP_REST_Request $request ) { | ||
| global $coauthors_plus; | ||
|
|
||
| $coauthor_id = (int) sanitize_text_field( $request['id'] ); |
There was a problem hiding this comment.
Probably just need either (int) or sanitize_text_field here (not both)
There was a problem hiding this comment.
Yes, it's redundant . I'll use (int) instead.
|
Hey guys -- I've had a look over this and added a couple very minor notes, but it looks generally good and I'm not sure I have a ton of additional notes beyond what @mdawaffe has added above. I think what I'd like to do here is to add this to the 3.3 milestone and test this in a couple of real-world situations ... there are also a couple of people on the VIP team I'd like to show this to. |
The Id is already being sanitized in the sanitize_callback, and the method just need to typecast it.
Some unused code was removed and the permission part was refactored into a new method. This way, the current method doesn't need the $is_api_request parameter. The API code was updated to use this method as well.
|
Hello I have been trying to use the wp rest api to pull data from local site to live wordpress site with use of shortcode. When i try to do the reverse that is to pull posts from live to local it works but when i change links to retrieve from local to live it does not display anything on the page. I already have the wp rest api installed on both sites. Below is my code: function my_recent_posts_shortcode($atts){ $response = wp_remote_get( 'http://localhost/wordpress/wp-json/wp/v2/posts' ); if( is_wp_error( $response ) ) { return; } $posts = json_decode( wp_remote_retrieve_body( $response ) ); if( empty( $posts ) ) { return; } if( !empty( $posts ) ) { $list = ''; foreach( $posts as $post ) { $list .=' link. '">' . $post->title->rendered . ' return $list . ''; } } add_shortcode('recent-posts', 'my_recent_posts_shortcode'); |
|
I'm really confused about what the status of this is. The REST API code isn't in the being discussed here doesn't seem to be in any existing branch. Could someone shed some light? |
|
Now that the REST API is in core, this has become even more important. Is there any update on this? |
|
@misfist the branch seems to be here: https://github.com/hbarroso/Co-Authors-Plus/tree/add/rest-api-endpoints |
|
@philipjohn @mjangda what's the plan for this PR and functionality? We have a client need for REST endpoints for coauthors plus and while this doesn't meet our need exactly, I'm curious what considerations are being made for coauthors plus usage in the REST API. Specifically related to returning post results via the REST API core endpoints. |
|
This isn't a priority right now, but we will have a bunch of work starting on the plugin soon so might be able to get this looked at as part of that. |
|
@philipjohn - How/why is making Co-authors Plus work with the REST API, which is now in core not a priority? |
|
@misfist Having API endpoints would definitely be nice, but it's not crucial to the functioning of this plugin which would work just as well without them. There are benefits to having these API endpoints, but the priority is fixing existing bugs and other more frequently requested enhancements. |
This PR will allows the Co-Authors-Plus plugin to serve REST services through the new WordPress 4.4 API feature.
Please refer to
API.mdfile for the full documentation.