-
Notifications
You must be signed in to change notification settings - Fork 442
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature/#17 Adding mediaItem mutations. #189
Feature/#17 Adding mediaItem mutations. #189
Conversation
@hughdevore there's a merge conflict? |
@jasonbahl, the conflicts were in the test file but there weren't actually any conflicts. You can check the last commit where I resolved it in browser. |
/** | ||
* Stop now if a user isn't allowed to create a mediaItem | ||
*/ | ||
if ( ! current_user_can( $post_type_object->cap->create_posts ) ) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So, there's a specific upload_files
permission we should check for instead of this.
See how the REST API is doing it here:
https://github.com/WordPress/WordPress/blob/master/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php#L72-L74
throw new \Exception( __( 'Sorry, you are not allowed to create mediaItems', 'wp-graphql' ) ); | ||
} | ||
|
||
/** |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should check to see if the user has permission to edit the related post (parentId
).
Here's how the REST API does that (their input is "post" and ours is "parentId")
* If the mediaItem being created is being assigned to another user that's not the current user, make sure | ||
* the current user has permission to edit others mediaItems | ||
*/ | ||
if ( ! empty( $input['authorId'] ) && get_current_user_id() !== $input['authorId'] && ! current_user_can( $post_type_object->cap->edit_others_posts ) ) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So, the REST API actually doesn't do this check for setting Authors on mediaItems. . .I'm not against keeping this, but I'm curious why they don't have a check like this. Might be worth looking into to make sure this makes sense here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I'd say we keep it. I'm kind of surprised they wouldn't have this check if they're allowing a user to create attachments under another user's ID. ¯_(ツ)_/¯
'inputFields' => [ | ||
'id' => [ | ||
'type' => Types::non_null( Types::id() ), | ||
// translators: The placeholder is the name of the post's post_type being deleted |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
don't need this translation note anymore
|
||
self::$mutation['mediaItem'] = Relay::mutationWithClientMutationId( [ | ||
'name' => esc_html( $mutation_name ), | ||
// translators: The placeholder is the name of the object type |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
don't need this translation note anymore.
/** | ||
* Delete the mediaItem | ||
*/ | ||
$deleted = wp_delete_attachment( $id_parts['id'], $force_delete ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since this can return false
on failure, we should account for that and throw an exception
|
||
if ( ! empty( $file['type'] ) ) { | ||
$insert_post_args['post_mime_type'] = $file['type']; | ||
} else if ( ! empty( $input['fileType'] ) ) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
elsif
} | ||
|
||
if ( ! empty( $input['dateGmt'] ) && false !== strtotime( $input['dateGmt'] ) ) { | ||
$insert_post_args['post_date_gmt'] = date("Y-m-d H:i:s", strtotime( $input['dateGmt'] ) ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
space
* NOTE: These are organized in the same order as: http://v2.wp-api.org/reference/media/#schema-meta | ||
*/ | ||
if ( ! empty( $input['date'] ) && false !== strtotime( $input['date'] ) ) { | ||
$insert_post_args['post_date'] = date("Y-m-d H:i:s", strtotime( $input['date'] ) ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
space & single quotes instead of double
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
space & single quotes instead of double
|
||
if ( ! empty( $input['title'] ) ) { | ||
$insert_post_args['post_title'] = $input['title']; | ||
} else if ( ! empty( $file['file'] ) ) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
elseif
/** | ||
* If the mediaItem file is from a local server, use wp_upload_bits before saving it to the uploads folder | ||
*/ | ||
if ( 'false' === filter_var( $input['filePath'], FILTER_VALIDATE_URL ) ) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should not be 'false'
but just false
without the single quotes.
@hughdevore overall this looks pretty good. All the comments are relatively minor. Then, good start on tests, but need more to get "fully covered". You can see the coverage reports here:
|
Thanks @jasonbahl! I'll start work on increasing the test coverage |
1 similar comment
@jasonbahl, finally increased coverage! But.. my builds are failing for older versions of php. |
@hughdevore fix it! |
1 similar comment
@hughdevore good work on this. Checking it out now and will let you know if I have any further feedback. Thanks! |
tests/test-media-item-mutations.php
Outdated
/** | ||
* download_url_file will equal true if the file is already included | ||
*/ | ||
$download_url_file = require_once( ABSPATH . 'wp-admin/includes/file.php' ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
so, I would actually test running a mutation where this file was already included (like if another plugin included it already) to make sure that the duplicate includes don't cause an issue.
So, something like:
require_once( ABSPATH . 'wp-admin/includes/file.php' );
$mutation = 'define your mutation here';
$variables = [ 'Define your variables here' ];
$actual = do_graphql_request( $mutation, 'createMediaItemWithDuplicateFileInclude', $variables );
// Then make your assertion(s) that the mutation processed without error. . .
If there was an error due to the functions in that file being defined multiple times or whatever, we'll find out here.
But right now the tests are only testing whether PHP's require_once
actually does require the file properly, which is fine, but we want to also make sure that requiring that file when it's already been required by another part of the code doesn't cause issues.
tests/test-media-item-mutations.php
Outdated
* @access public | ||
* @return void | ||
*/ | ||
public function testUmiInvalidId() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
let's update the test names to be more explicit.
testUmi
doesn't mean anything to me if I'm working on an unrelated feature and see that my code broke testUmi
. . .but if I see that I broke testUpdateMediaItemMutationInvalidID
then I have more clarity and don't have to waste time trying to find out what Umi
stands for
same with Cmi
and Dmi
. . .let's be explicit and use CreateMediaItem
and DeleteMediaItem
A quick search/replace should work 🤞
/** | ||
* Insert the mediaItem and retrieve it's data | ||
*/ | ||
$file = wp_handle_sideload( $file_data, $overrides ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not a big deal, but I'd prefer a line break between this and the next code comment block
/** | ||
* Stop now if a user isn't allowed to edit the parent post | ||
*/ | ||
// Attaching media to a post requires ability to edit said post. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the mixed use of comment styles here is weird, and the second one is maybe slightly misplaced?
/** | ||
* Insert the mediaItem | ||
*/ | ||
$attachment_id = wp_insert_attachment( $media_item_args, $file['file'], $attachment_parent_id ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line break
* Generate and update the mediaItem's metadata | ||
*/ | ||
$attachment_data = wp_generate_attachment_metadata( $attachment_id, $file['file'] ); | ||
$attachment_data_update = wp_update_attachment_metadata( $attachment_id, $attachment_data ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line break
/** | ||
* Delete the mediaItem | ||
*/ | ||
$deleted = wp_delete_attachment( $id_parts['id'], $force_delete ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line break
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hughdevore this looks pretty good. Some minor formatting requests, then some suggestions on the tests.
But I think this is about mergeable!
Good stuff.
@jasonbahl, we should be all set to merge here. Let me know if you have anything else. Thanks! |
No description provided.