Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Add register post type argument #145

Merged
merged 2 commits into from

2 participants

@rmccue
Owner

Add the show_in_json argument to register_post_type to control whether the type is available via the API.

Also picks up a couple of missed instances that we had; /posts/<id>/comments in particular, which didn't check that the post was valid.

Fixes #136.

@rmccue
Owner

Whoops, this was wrong. Correcting.

@rmccue rmccue added this to the 1.0 milestone
@rmccue rmccue added the Enhancement label
@rmccue
Owner

@iandunn Look good to you? :)

@iandunn

This looks good in my tests. The only question I have is, what was the reason being making an exception so that the post type is protected, even though it's publicly_queryable?

@rmccue
Owner

he only question I have is, what was the reason being making an exception so that the post type is protected, even though it's publicly_queryable?

Oh, whoops, I think this was a debugging line I put in. :)

@rmccue rmccue Remove post show_in_json debugging line
Accidentally committed this, apologies!
ddcbd4d
@rmccue
Owner

@iandunn Can you give this one a quick review? Will merge afterwards. :)

@iandunn

Looks good to me :)

@rmccue rmccue merged commit 6d6cde3 into master
@rmccue rmccue deleted the add-register-post-type-argument branch
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Apr 20, 2014
  1. @rmccue
Commits on Apr 28, 2014
  1. @rmccue

    Remove post show_in_json debugging line

    rmccue authored
    Accidentally committed this, apologies!
This page is out of date. Refresh to see the latest.
Showing with 46 additions and 4 deletions.
  1. +20 −4 lib/class-wp-json-posts.php
  2. +26 −0 plugin.php
View
24 lib/class-wp-json-posts.php
@@ -81,7 +81,7 @@ public function get_posts( $filter = array(), $context = 'view', $type = 'post',
$query = array();
$post_type = get_post_type_object( $type );
- if ( ! ( (bool) $post_type ) )
+ if ( ! ( (bool) $post_type ) || ! $post_type->show_in_json )
return new WP_Error( 'json_invalid_post_type', __( 'The post type specified is not valid' ), array( 'status' => 403 ) );
$query['post_type'] = $post_type->name;
@@ -159,8 +159,14 @@ public function get_posts( $filter = array(), $context = 'view', $type = 'post',
* @return boolean Can we read it?
*/
protected function check_read_permission( $post ) {
- // Can we read the post?
$post_type = get_post_type_object( $post['post_type'] );
+
+ // Ensure the post type can be read
+ if ( ! $post_type->show_in_json ) {
+ return false;
+ }
+
+ // Can we read the post?
if ( 'publish' === $post['post_status'] || current_user_can( $post_type->cap->read_post, $post['ID'] ) ) {
return true;
}
@@ -243,7 +249,6 @@ public function get_post( $id, $context = 'view' ) {
if ( empty( $post['ID'] ) )
return new WP_Error( 'json_post_invalid_id', __( 'Invalid post ID.' ), array( 'status' => 404 ) );
- $post_type = get_post_type_object( $post['post_type'] );
if ( ! $this->check_read_permission( $post ) )
return new WP_Error( 'json_user_cannot_read', __( 'Sorry, you cannot read this post.' ), array( 'status' => 401 ) );
@@ -363,6 +368,16 @@ public function get_comments( $id ) {
//$args = array('status' => $status, 'post_id' => $id, 'offset' => $offset, 'number' => $number )l
$comments = get_comments( array('post_id' => $id) );
+ $post = get_post( $id, ARRAY_A );
+
+ if ( empty( $post['ID'] ) ) {
+ return new WP_Error( 'json_post_invalid_id', __( 'Invalid post ID.' ), array( 'status' => 404 ) );
+ }
+
+ if ( ! $this->check_read_permission( $post ) ) {
+ return new WP_Error( 'json_user_cannot_read', __( 'Sorry, you cannot read this post.' ), array( 'status' => 401 ) );
+ }
+
$struct = array();
foreach ( $comments as $comment ) {
$struct[] = $this->prepare_comment( $comment, array( 'comment', 'meta' ), 'collection' );
@@ -414,8 +429,9 @@ public function get_post_type( $type, $_in_collection = false ) {
if ( ! is_object( $type ) )
$type = get_post_type_object($type);
- if ( $type->public === false )
+ if ( $type->show_in_json === false ) {
return new WP_Error( 'json_cannot_read_type', __( 'Cannot view post type' ), array( 'status' => 403 ) );
+ }
$data = array(
'name' => $type->label,
View
26 plugin.php
@@ -220,6 +220,32 @@ function json_output_link_header() {
add_action( 'template_redirect', 'json_output_link_header', 11, 0 );
/**
+ * Add `show_in_json` {@see register_post_type} argument
+ *
+ * Adds the `show_in_json` post type argument to {@see register_post_type}. This
+ * value controls whether the post type is available via API endpoints, and
+ * defaults to the value of `publicly_queryable`
+ *
+ * @param string $post_type Post type being registered
+ * @param stdClass $args Post type arguments
+ */
+function json_register_post_type( $post_type, $args ) {
+ global $wp_post_types;
+
+ $type = &$wp_post_types[ $post_type ];
+
+ // Exception for pages
+ if ( $post_type === 'page' ) {
+ $type->show_in_json = true;
+ }
+
+ if ( ! isset( $type->show_in_json ) ) {
+ $type->show_in_json = $type->publicly_queryable;
+ }
+}
+add_action( 'registered_post_type', 'json_register_post_type', 10, 2 );
+
+/**
* Get URL to a JSON endpoint on a site
*
* @todo Check if this is even necessary
Something went wrong with that request. Please try again.