Feature/#17 Adding mediaItem mutations. #189
Conversation
|
@hughdevore there's a merge conflict? |
|
@jasonbahl, the conflicts were in the test file but there weren't actually any conflicts. You can check the last commit where I resolved it in browser. |
| /** | ||
| * Stop now if a user isn't allowed to create a mediaItem | ||
| */ | ||
| if ( ! current_user_can( $post_type_object->cap->create_posts ) ) { |
There was a problem hiding this comment.
So, there's a specific upload_files permission we should check for instead of this.
See how the REST API is doing it here:
https://github.com/WordPress/WordPress/blob/master/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php#L72-L74
| throw new \Exception( __( 'Sorry, you are not allowed to create mediaItems', 'wp-graphql' ) ); | ||
| } | ||
|
|
||
| /** |
There was a problem hiding this comment.
We should check to see if the user has permission to edit the related post (parentId).
Here's how the REST API does that (their input is "post" and ours is "parentId")
| * If the mediaItem being created is being assigned to another user that's not the current user, make sure | ||
| * the current user has permission to edit others mediaItems | ||
| */ | ||
| if ( ! empty( $input['authorId'] ) && get_current_user_id() !== $input['authorId'] && ! current_user_can( $post_type_object->cap->edit_others_posts ) ) { |
There was a problem hiding this comment.
So, the REST API actually doesn't do this check for setting Authors on mediaItems. . .I'm not against keeping this, but I'm curious why they don't have a check like this. Might be worth looking into to make sure this makes sense here.
There was a problem hiding this comment.
Yeah, I'd say we keep it. I'm kind of surprised they wouldn't have this check if they're allowing a user to create attachments under another user's ID. ¯_(ツ)_/¯
| 'inputFields' => [ | ||
| 'id' => [ | ||
| 'type' => Types::non_null( Types::id() ), | ||
| // translators: The placeholder is the name of the post's post_type being deleted |
There was a problem hiding this comment.
don't need this translation note anymore
|
|
||
| self::$mutation['mediaItem'] = Relay::mutationWithClientMutationId( [ | ||
| 'name' => esc_html( $mutation_name ), | ||
| // translators: The placeholder is the name of the object type |
There was a problem hiding this comment.
don't need this translation note anymore.
| /** | ||
| * Delete the mediaItem | ||
| */ | ||
| $deleted = wp_delete_attachment( $id_parts['id'], $force_delete ); |
There was a problem hiding this comment.
Since this can return false on failure, we should account for that and throw an exception
|
|
||
| if ( ! empty( $file['type'] ) ) { | ||
| $insert_post_args['post_mime_type'] = $file['type']; | ||
| } else if ( ! empty( $input['fileType'] ) ) { |
| } | ||
|
|
||
| if ( ! empty( $input['dateGmt'] ) && false !== strtotime( $input['dateGmt'] ) ) { | ||
| $insert_post_args['post_date_gmt'] = date("Y-m-d H:i:s", strtotime( $input['dateGmt'] ) ); |
| * NOTE: These are organized in the same order as: http://v2.wp-api.org/reference/media/#schema-meta | ||
| */ | ||
| if ( ! empty( $input['date'] ) && false !== strtotime( $input['date'] ) ) { | ||
| $insert_post_args['post_date'] = date("Y-m-d H:i:s", strtotime( $input['date'] ) ); |
There was a problem hiding this comment.
space & single quotes instead of double
There was a problem hiding this comment.
space & single quotes instead of double
|
|
||
| if ( ! empty( $input['title'] ) ) { | ||
| $insert_post_args['post_title'] = $input['title']; | ||
| } else if ( ! empty( $file['file'] ) ) { |
| /** | ||
| * If the mediaItem file is from a local server, use wp_upload_bits before saving it to the uploads folder | ||
| */ | ||
| if ( 'false' === filter_var( $input['filePath'], FILTER_VALIDATE_URL ) ) { |
There was a problem hiding this comment.
Should not be 'false' but just false without the single quotes.
|
@hughdevore overall this looks pretty good. All the comments are relatively minor. Then, good start on tests, but need more to get "fully covered". You can see the coverage reports here:
|
|
Thanks @jasonbahl! I'll start work on increasing the test coverage |
1 similar comment
|
@jasonbahl, finally increased coverage! But.. my builds are failing for older versions of php. |
|
@hughdevore fix it! |
1 similar comment
|
@hughdevore good work on this. Checking it out now and will let you know if I have any further feedback. Thanks! |
tests/test-media-item-mutations.php
Outdated
| /** | ||
| * download_url_file will equal true if the file is already included | ||
| */ | ||
| $download_url_file = require_once( ABSPATH . 'wp-admin/includes/file.php' ); |
There was a problem hiding this comment.
so, I would actually test running a mutation where this file was already included (like if another plugin included it already) to make sure that the duplicate includes don't cause an issue.
So, something like:
require_once( ABSPATH . 'wp-admin/includes/file.php' );
$mutation = 'define your mutation here';
$variables = [ 'Define your variables here' ];
$actual = do_graphql_request( $mutation, 'createMediaItemWithDuplicateFileInclude', $variables );
// Then make your assertion(s) that the mutation processed without error. . .
If there was an error due to the functions in that file being defined multiple times or whatever, we'll find out here.
But right now the tests are only testing whether PHP's require_once actually does require the file properly, which is fine, but we want to also make sure that requiring that file when it's already been required by another part of the code doesn't cause issues.
tests/test-media-item-mutations.php
Outdated
| * @access public | ||
| * @return void | ||
| */ | ||
| public function testUmiInvalidId() { |
There was a problem hiding this comment.
let's update the test names to be more explicit.
testUmi doesn't mean anything to me if I'm working on an unrelated feature and see that my code broke testUmi. . .but if I see that I broke testUpdateMediaItemMutationInvalidID then I have more clarity and don't have to waste time trying to find out what Umi stands for
same with Cmi and Dmi. . .let's be explicit and use CreateMediaItem and DeleteMediaItem
A quick search/replace should work 🤞
| /** | ||
| * Insert the mediaItem and retrieve it's data | ||
| */ | ||
| $file = wp_handle_sideload( $file_data, $overrides ); |
There was a problem hiding this comment.
not a big deal, but I'd prefer a line break between this and the next code comment block
| /** | ||
| * Stop now if a user isn't allowed to edit the parent post | ||
| */ | ||
| // Attaching media to a post requires ability to edit said post. |
There was a problem hiding this comment.
the mixed use of comment styles here is weird, and the second one is maybe slightly misplaced?
| /** | ||
| * Insert the mediaItem | ||
| */ | ||
| $attachment_id = wp_insert_attachment( $media_item_args, $file['file'], $attachment_parent_id ); |
| * Generate and update the mediaItem's metadata | ||
| */ | ||
| $attachment_data = wp_generate_attachment_metadata( $attachment_id, $file['file'] ); | ||
| $attachment_data_update = wp_update_attachment_metadata( $attachment_id, $attachment_data ); |
| /** | ||
| * Delete the mediaItem | ||
| */ | ||
| $deleted = wp_delete_attachment( $id_parts['id'], $force_delete ); |
There was a problem hiding this comment.
@hughdevore this looks pretty good. Some minor formatting requests, then some suggestions on the tests.
But I think this is about mergeable!
Good stuff.
|
@jasonbahl, we should be all set to merge here. Let me know if you have anything else. Thanks! |
No description provided.