Changeset 49925

Timestamp:

01/03/2021 09:45:42 PM (4 years ago)

Author:

TimothyBlynJacobs

Message:

REST API: Expose all themes in the themes controller.

Previously, only the active theme was made available. This commit allows for all themes to be queried if the user has the switch_themes or manage_network_themes capabilities.

This commit also no longer exposes the page, per_page, search and context query parameters since they are not supported by this controller.

Props spacedmonkey, lpawlik, TimothyBlynJacobs.
Fixes #50152.

Location:

trunk

Files:

• src/wp-includes/rest-api/class-wp-rest-server.php (modified) (2 diffs)
• src/wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php (modified) (12 diffs)
• tests/phpunit/tests/rest-api/rest-schema-setup.php (modified) (1 diff)
• tests/phpunit/tests/rest-api/rest-server.php (modified) (2 diffs)
• tests/phpunit/tests/rest-api/rest-themes-controller.php (modified) (11 diffs)
• tests/qunit/fixtures/wp-api-generated.js (modified) (3 diffs)

trunk/src/wp-includes/rest-api/class-wp-rest-server.php

@@ -1245 +1245 @@
 
         $response = new WP_REST_Response( $available );
-
         $response->add_link( 'help', 'http://v2.wp-api.org/' );
+
 
         /**
@@ -1260 +1260 @@
          */
         return apply_filters( 'rest_index', $response );
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
     }
 

trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php

@@ -48 +48 @@
             )
         );
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
     }
 
@@ -59 +78 @@
      */
     public function get_items_permissions_check( $request ) {
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
         if ( current_user_can( 'edit_posts' ) ) {
             return true;
@@ -70 +140 @@
 
         return new WP_Error(
-            'rest_user_cannot_view',
-            __( 'Sorry, you are not allowed to view themes.' ),
+            'rest_',
+            __( 'Sorry, you are not allowed to view the.' ),
             array( 'status' => rest_authorization_required_code() )
         );
@@ -77 +147 @@
 
     /**
-     * Retrieves a collection of themes.
-     *
-     * @since 5.0.0
+     * Retrieves a .
+     *
+     * @since 5..0
      *
      * @param WP_REST_Request $request Full details about the request.
      * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
      */
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
     public function get_items( $request ) {
-        // Retrieve the list of registered collection query parameters.
-        $registered = $this->get_collection_params();
-        $themes     = array();
-
-        if ( isset( $registered['status'], $request['status'] ) && in_array( 'active', $request['status'], true ) ) {
-            $active_theme = wp_get_theme();
-            $active_theme = $this->prepare_item_for_response( $active_theme, $request );
-            $themes[]     = $this->prepare_response_for_collection( $active_theme );
+        $themes = array();
+
+        $active_themes = wp_get_themes();
+        $current_theme = wp_get_theme();
+        $status        = $request['status'];
+
+        foreach ( $active_themes as $theme_name => $theme ) {
+            $theme_status = ( $this->is_same_theme( $theme, $current_theme ) ) ? 'active' : 'inactive';
+            if ( is_array( $status ) && ! in_array( $theme_status, $status, true ) ) {
+                continue;
+            }
+
+            $prepared = $this->prepare_item_for_response( $theme, $request );
+            $themes[] = $this->prepare_response_for_collection( $prepared );
         }
 
@@ -98 +196 @@
 
         $response->header( 'X-WP-Total', count( $themes ) );
-        $response->header( 'X-WP-TotalPages', count( $themes ) );
+        $response->header( 'X-WP-TotalPages',  );
 
         return $response;
@@ -167 +265 @@
         }
 
-        if ( rest_is_field_included( 'theme_supports', $fields ) ) {
+        $current_theme = wp_get_theme();
+        if ( rest_is_field_included( 'status', $fields ) ) {
+            $data['status'] = ( $this->is_same_theme( $theme, $current_theme ) ) ? 'active' : 'inactive';
+        }
+
+        if ( rest_is_field_included( 'theme_supports', $fields ) && $this->is_same_theme( $theme, $current_theme ) ) {
             foreach ( get_registered_theme_features() as $feature => $config ) {
                 if ( ! is_array( $config['show_in_rest'] ) ) {
@@ -206 +309 @@
         // Wrap the data in a response object.
         $response = rest_ensure_response( $data );
+
+
 
         /**
@@ -220 +325 @@
 
     /**
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
      * Prepares the theme support value for inclusion in the REST API response.
      *
@@ -400 +538 @@
                     'readonly'    => true,
                 ),
+
+
+
+
+
             ),
         );
@@ -426 +569 @@
      */
     public function get_collection_params() {
-        $query_params = parent::get_collection_params();
-
-        $query_params['status'] = array(
-            'description'       => __( 'Limit result set to themes assigned one or more statuses.' ),
-            'type'              => 'array',
-            'items'             => array(
-                'enum' => array( 'active' ),
-                'type' => 'string',
+        $query_params = 
+            'status' => array(
+        
+            ,
+            
+            
+                ,
+                ,
             ),
-            'required'          => true,
-            'sanitize_callback' => array( $this, 'sanitize_theme_status' ),
         );
 
@@ -453 +594 @@
      *
      * @since 5.0.0
+
      *
      * @param string|array    $statuses  One or more theme statuses.
@@ -460 +602 @@
      */
     public function sanitize_theme_status( $statuses, $request, $parameter ) {
+
+
         $statuses = wp_parse_slug_list( $statuses );
 

trunk/tests/phpunit/tests/rest-api/rest-schema-setup.php

@@ -130 +130 @@
             '/wp/v2/settings',
             '/wp/v2/themes',
+
             '/wp/v2/plugins',
             '/wp/v2/plugins/(?P<plugin>[^.\/]+(?:\/[^.\/]+)?)',

trunk/tests/phpunit/tests/rest-api/rest-server.php

@@ -960 +960 @@
         $this->assertContains( 'DELETE', $route['methods'] );
         $this->assertArrayHasKey( '_links', $route );
+
+
+
     }
 
@@ -1997 +2000 @@
     }
 
+
+
+
+
+
+
+
+
+
+
     public function _validate_as_integer_123( $value, $request, $key ) {
         if ( ! is_int( $value ) ) {

trunk/tests/phpunit/tests/rest-api/rest-themes-controller.php

@@ -31 +31 @@
 
     /**
+
+
+
+
+
+
+
+
+
      * The current theme object.
      *
@@ -92 +101 @@
      */
     public static function wpSetUpBeforeClass( WP_UnitTest_Factory $factory ) {
+
+
+
+
+
         self::$subscriber_id  = $factory->user->create(
             array(
@@ -115 +129 @@
         self::delete_user( self::$subscriber_id );
         self::delete_user( self::$contributor_id );
+
     }
 
@@ -137 +152 @@
         $routes = rest_get_server()->get_routes();
         $this->assertArrayHasKey( self::$themes_route, $routes );
+
     }
 
@@ -152 +168 @@
         $this->check_get_theme_response( $response );
         $fields = array(
+
             'author',
             'author_uri',
@@ -159 +176 @@
             'requires_wp',
             'screenshot',
+
             'stylesheet',
             'tags',
@@ -171 +189 @@
 
     /**
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
      * @ticket 46723
-     */
-    public function test_get_items_logged_out() {
+     * @ticket 50152
+     * @dataProvider data_get_items_by_status
+     */
+    public function test_get_items_logged_out( $status, $error_code ) {
         wp_set_current_user( 0 );
-        $response = self::perform_active_theme_request();
-        $this->assertErrorResponse( 'rest_user_cannot_view', $response, 401 );
+        $request = new WP_REST_Request( 'GET', self::$themes_route );
+        $request->set_param( 'status', $status );
+
+        $response = rest_get_server()->dispatch( $request );
+        $this->assertErrorResponse( $error_code, $response, 401 );
     }
 
@@ -183 +263 @@
      *
      * @ticket 45016
-     */
-    public function test_get_items_no_permission() {
+     * @ticket 50152
+     * @dataProvider data_get_items_by_status
+     */
+    public function test_get_items_no_permission( $status, $error_code ) {
         wp_set_current_user( self::$subscriber_id );
-        $response = self::perform_active_theme_request();
-        $this->assertErrorResponse( 'rest_user_cannot_view', $response, 403 );
+        $request = new WP_REST_Request( 'GET', self::$themes_route );
+        $request->set_param( 'status', $status );
+
+        $response = rest_get_server()->dispatch( $request );
+        $this->assertErrorResponse( $error_code, $response, 403 );
+    }
+
+    public function data_get_items_by_status() {
+        return array(
+            array( 'active', 'rest_cannot_view_active_theme' ),
+            array( 'active, inactive', 'rest_cannot_view_themes' ),
+            array( 'inactive', 'rest_cannot_view_themes' ),
+            array( '', 'rest_cannot_view_themes' ),
+        );
+    }
+
+    /**
+     * @ticket 50152
+     * @dataProvider data_get_items_by_status_for_contributor
+     */
+    public function test_get_items_contributor( $status, $error_code ) {
+        wp_set_current_user( self::$contributor_id );
+        $request = new WP_REST_Request( 'GET', self::$themes_route );
+        $request->set_param( 'status', $status );
+
+        $response = rest_get_server()->dispatch( $request );
+
+        if ( $error_code ) {
+            $this->assertErrorResponse( $error_code, $response, 403 );
+        } else {
+            $this->assertEquals( 200, $response->get_status() );
+        }
+    }
+
+    public function data_get_items_by_status_for_contributor() {
+        return array(
+            array( 'active', '' ),
+            array( 'active, inactive', 'rest_cannot_view_themes' ),
+            array( 'inactive', 'rest_cannot_view_themes' ),
+            array( '', 'rest_cannot_view_themes' ),
+        );
     }
 
@@ -222 +343 @@
         $data       = $response->get_data();
         $properties = $data['schema']['properties'];
-        $this->assertSame( 14, count( $properties ) );
+        $this->assertSame( 1, count( $properties ) );
 
         $this->assertArrayHasKey( 'author', $properties );
@@ -243 +364 @@
         $this->assertArrayHasKey( 'requires_wp', $properties );
         $this->assertArrayHasKey( 'screenshot', $properties );
+
         $this->assertArrayHasKey( 'stylesheet', $properties );
 
@@ -1084 +1206 @@
 
     /**
-     * The get_item() method does not exist for themes.
-     */
-    public function test_get_item() {}
+     * Test single theme
+     *
+     * @ticket 50152
+     */
+    public function test_get_item() {
+        wp_set_current_user( self::$admin_id );
+        $route    = sprintf( '%s/%s', self::$themes_route, WP_DEFAULT_THEME );
+        $request  = new WP_REST_Request( 'GET', $route );
+        $response = rest_get_server()->dispatch( $request );
+
+        $this->assertEquals( 200, $response->get_status() );
+        $data         = $response->get_data();
+        $links        = $response->get_links();
+        $fields       = array(
+            'author',
+            'author_uri',
+            'description',
+            'name',
+            'requires_php',
+            'requires_wp',
+            'screenshot',
+            'status',
+            'stylesheet',
+            'tags',
+            'template',
+            'textdomain',
+            'theme_uri',
+            'version',
+        );
+        $fields_links = array( 'collection', 'self' );
+
+        $this->assertEqualSets( $fields, array_keys( $data ) );
+        $this->assertEqualSets( $fields_links, array_keys( $links ) );
+    }
+
+    /**
+     * @ticket 50152
+     */
+    public function test_get_item_no_permission() {
+        wp_set_current_user( self::$subscriber_id );
+        $request  = new WP_REST_Request( 'GET', self::$themes_route . '/' . WP_DEFAULT_THEME );
+        $response = rest_get_server()->dispatch( $request );
+        $this->assertErrorResponse( 'rest_cannot_view_themes', $response, 403 );
+    }
+
+    /**
+     * @ticket 50152
+     */
+    public function test_get_active_item_no_permission() {
+        wp_set_current_user( self::$subscriber_id );
+        $request  = new WP_REST_Request( 'GET', self::$themes_route . '/' . get_stylesheet() );
+        $response = rest_get_server()->dispatch( $request );
+        $this->assertErrorResponse( 'rest_cannot_view_active_theme', $response, 403 );
+    }
+
+    /**
+     * @ticket 50152
+     */
+    public function test_get_item_invalid() {
+        wp_set_current_user( self::$admin_id );
+        $request  = new WP_REST_Request( 'GET', self::$themes_route . '/invalid' );
+        $response = rest_get_server()->dispatch( $request );
+        $this->assertErrorResponse( 'rest_theme_not_found', $response, 404 );
+    }
+
+    /**
+     * @ticket 50152
+     */
+    public function test_get_active_item_as_contributor() {
+        $route    = sprintf( '%s/%s', self::$themes_route, get_stylesheet() );
+        $request  = new WP_REST_Request( 'GET', $route );
+        $response = rest_get_server()->dispatch( $request );
+
+        $this->assertEquals( 200, $response->get_status() );
+    }
 
     /**

trunk/tests/qunit/fixtures/wp-api-generated.js

@@ -5785 +5785 @@
                     ],
                     "args": {
-                        "context": {
-                            "description": "Scope under which the request is made; determines fields present in response.",
-                            "type": "string",
-                            "required": false
-                        },
-                        "page": {
-                            "description": "Current page of the collection.",
-                            "type": "integer",
-                            "default": 1,
-                            "minimum": 1,
-                            "required": false
-                        },
-                        "per_page": {
-                            "description": "Maximum number of items to be returned in result set.",
-                            "type": "integer",
-                            "default": 10,
-                            "minimum": 1,
-                            "maximum": 100,
-                            "required": false
-                        },
-                        "search": {
-                            "description": "Limit results to those matching a string.",
-                            "type": "string",
-                            "required": false
-                        },
                         "status": {
                             "description": "Limit result set to themes assigned one or more statuses.",
@@ -5815 +5790 @@
                             "items": {
                                 "enum": [
-                                    "active"
+                                    "active",
+                                    "inactive"
                                 ],
                                 "type": "string"
                             },
-                            "required": true
+                            "required": e
                         }
                     }
@@ -5827 +5803 @@
                 "self": "http://example.org/index.php?rest_route=/wp/v2/themes"
             }
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
         },
         "/wp/v2/plugins": {