Guidelines: Extract initial public API methods#77643
Open
Conversation
Moves the guideline-type registry, the default-term backfill, and the slug-to-label mapping out of the post-type class into a new guidelines.php module. The class now only registers the CPT/taxonomy and wires the hooks. Adds focused unit tests for each public function. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…ity_type Adds the full label set (with _x() context strings) for both the guideline post type and the wp_guideline_type taxonomy, and switches the CPT to capability_type='guideline' with map_meta_cap so the meta caps can be tightened independently of standard post caps. The explicit capabilities map preserves today's behavior; REST controllers add their own admin-only gate in a follow-up. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Overrides create/update/delete permission checks on the guidelines controller and the revision-restore check on the revisions controller to require manage_options. Reads stay open to anyone with edit_posts so editors can view the guidelines they need to follow. Returns the standard rest_cannot_create / _edit / _delete / _restore error codes. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the If you're merging code through a pull request on GitHub, copy and paste the following into the bottom of the merge commit message. To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook. |
gziolo
added
[Type] Enhancement
gziolo
added
the
[Feature] Guidelines
Renames the two hook callbacks to use the underscore prefix and the @access private marker that WordPress core uses for functions plugins should not call directly: _wp_guidelines_ensure_default_type_term and _wp_guidelines_maybe_map_term_label. Their summaries now lead with "Hook callback for ..." so the role is obvious from the docblock. Also trims the default type list to just artifact and content. The other names (instruction, memory, skill, plan) were placeholders; the experiment only needs the two for now and plugins can add more through the wp_guideline_types filter. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
Flaky tests detected in d90b4ae. 🔍 Workflow run URL: https://github.com/WordPress/gutenberg/actions/runs/24903695420
|
gziolo
changed the title
wp_set_object_terms() treats strings as term names on hierarchical taxonomies, so pass a term ID instead. Tighten the tests to verify the lazy-created term's localized label and rename them for clarity. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
gziolo
force-pushed
the
feat/guidelines-api-and-permissions
branch
from
8d79cc0 to
d90b4ae
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Part of:
Summary
Builds on #77592. Three independent changes that move the Guidelines experiment a step closer to a shape that could plausibly land in WP core.
1. Treat guideline types as a first-class, extensible concept
Today the list of guideline types lives inline inside the post-type registration class, alongside taxonomy registration, hook wiring, and meta logic. That makes it impossible for plugins to add or relabel a type, and impossible for any other code in the project to ask "what types are available?" without reaching into a class internal.
This commit extracts three small functions into a new
lib/experimental/guidelines/guidelines.phpmodule and splits them into a public surface plugins can use, and internal hook callbacks they shouldn't:wp_guideline_types()— public. The registry of guideline types, filterable via thewp_guideline_typesfilter so plugins can add or relabel entries. Defaults toartifactandcontent; everything else can come from the filter._wp_guidelines_ensure_default_type_term()— internal (@access private). Hook callback forsave_post_wp_guidelinethat backfills the'artifact'term when a guideline is saved without a type. Replaces the static method that previously lived on the post-type class._wp_guidelines_maybe_map_term_label()— internal (@access private). Hook callback forwp_insert_term_datathat, when a type term is created lazily from a raw slug, replaces the auto-derived term name with the human-readable title fromwp_guideline_types()— so a term created viawp_set_object_terms( …, 'artifact' )ends up namedArtifactinstead ofartifact.The leading-underscore +
@access privateconvention follows what WP core uses for hook handlers (e.g._wp_filter_post_kses) so it's immediately obvious from the source which functions plugins can call. Each function is wrapped infunction_existsso the file is a no-op if/when these helpers ever ship in WP core. The post-type class shrinks accordingly and is now responsible only for registration and hook wiring. New unit tests cover each function and the lazy-creation behavior end-to-end.2. Make the admin look like a real post type, and create headroom for finer permissions
The CPT was registered with two labels (
name,singular_name) andcapability_type = 'post'. That gave a sparse admin UI (every screen says just "Guidelines") and meant guideline permissions were tied to standard post permissions, with no way to grant access to guidelines without also granting it to all posts.This commit fills out the full label set (with
_x()context for translators) for both the post type and its taxonomy, and switches tocapability_type = 'guideline'withmap_meta_cap = true. To avoid an unintended access change in this commit, the explicitcapabilitiesarray continues to map every meta cap back to the equivalent post cap — so today's behavior is unchanged. The new custom type just gives us room to introduce dedicatededit_guideline/publish_guidelines/ etc. primitives (and a "Guideline Editor" role) in a later pass.3. Lock down write access at the REST layer
After commit 2, users with
edit_posts(e.g. editors) could create, update, or delete guidelines through the REST API — the standard permission checks inherited fromWP_REST_Posts_Controllersay so. Until we have a deliberate role/capability model, the safer default is admin-only writes.This commit overrides the create / update / delete permission checks on the guidelines REST controller and the revision-restore check on the revisions controller to require
manage_options. Reads are intentionally left open to anyone who can edit posts, since editors need to be able to see the guidelines they're expected to follow. Error codes match what core uses (rest_cannot_create/_edit/_delete/_restore) so existing client error handling continues to work.Test plan
lib/experimental/guidelines/andphpunit/experimental/guidelines/.wp_set_object_terms), and the previously-failing editor-permission tests for the REST controller.🤖 Generated with Claude Code