-
Notifications
You must be signed in to change notification settings - Fork 4.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
REST API: Use posts endpoint for reusable blocks #10751
Changes from 1 commit
e681848
e3b1279
c8ad73a
9c1da9e
0235f5d
ac75c14
921f669
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
- Loading branch information
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
<?php | ||
/** | ||
* Reusable blocks REST API: WP_REST_Blocks_Controller class | ||
* | ||
* @package gutenberg | ||
* @since 0.10.0 | ||
*/ | ||
|
||
/** | ||
* Controller which provides a REST endpoint for Gutenberg to read, create, | ||
* edit and delete reusable blocks. Blocks are stored as posts with the wp_block | ||
* post type. | ||
* | ||
* @since 0.10.0 | ||
* | ||
* @see WP_REST_Controller | ||
*/ | ||
class WP_REST_Blocks_Controller extends WP_REST_Posts_Controller { | ||
/** | ||
* Checks if a block can be read. | ||
* | ||
* @since 2.1.0 | ||
* | ||
* @param object $post Post object that backs the block. | ||
* @return bool Whether the block can be read. | ||
*/ | ||
public function check_read_permission( $post ) { | ||
// Ensure that the user is logged in and has the read_blocks capability. | ||
$post_type = get_post_type_object( $post->post_type ); | ||
if ( ! current_user_can( $post_type->cap->read_post, $post->ID ) ) { | ||
return false; | ||
} | ||
|
||
return parent::check_read_permission( $post ); | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,179 @@ | ||
<?php | ||
/** | ||
* WP_REST_Blocks_Controller tests | ||
* | ||
* @package gutenberg | ||
*/ | ||
|
||
/** | ||
* Tests for WP_REST_Blocks_Controller. | ||
*/ | ||
class REST_Blocks_Controller_Test extends WP_UnitTestCase { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This change might make someone somewhere upset, but implementing 9 abstract methods when the controller implements only There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Yeah, it's annoying. We can improve upon it at some point. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I guess another option could be extending Or another way to signal "this is already tested elsewhere"? Extend (Not going to let this block merge) |
||
|
||
/** | ||
* Our fake block's post ID. | ||
* | ||
* @var int | ||
*/ | ||
protected static $post_id; | ||
|
||
/** | ||
* Our fake user's ID. | ||
* | ||
* @var int | ||
*/ | ||
protected static $user_id; | ||
|
||
/** | ||
* Create fake data before our tests run. | ||
* | ||
* @param WP_UnitTest_Factory $factory Helper that lets us create fake data. | ||
*/ | ||
public static function wpSetUpBeforeClass( $factory ) { | ||
self::$post_id = wp_insert_post( | ||
array( | ||
'post_type' => 'wp_block', | ||
'post_status' => 'publish', | ||
'post_title' => 'My cool block', | ||
'post_content' => '<!-- wp:core/paragraph --><p>Hello!</p><!-- /wp:core/paragraph -->', | ||
) | ||
); | ||
|
||
self::$user_id = $factory->user->create( | ||
array( | ||
'role' => 'editor', | ||
) | ||
); | ||
} | ||
|
||
/** | ||
* Delete our fake data after our tests run. | ||
*/ | ||
public static function wpTearDownAfterClass() { | ||
wp_delete_post( self::$post_id ); | ||
|
||
self::delete_user( self::$user_id ); | ||
} | ||
|
||
/** | ||
* Test cases for test_capabilities(). | ||
*/ | ||
public function data_capabilities() { | ||
return array( | ||
array( 'create', 'editor', 201 ), | ||
array( 'create', 'author', 201 ), | ||
array( 'create', 'contributor', 403 ), | ||
array( 'create', null, 401 ), | ||
|
||
array( 'read', 'editor', 200 ), | ||
array( 'read', 'author', 200 ), | ||
array( 'read', 'contributor', 200 ), | ||
array( 'read', null, 401 ), | ||
|
||
array( 'update_delete_own', 'editor', 200 ), | ||
array( 'update_delete_own', 'author', 200 ), | ||
array( 'update_delete_own', 'contributor', 403 ), | ||
|
||
array( 'update_delete_others', 'editor', 200 ), | ||
array( 'update_delete_others', 'author', 403 ), | ||
array( 'update_delete_others', 'contributor', 403 ), | ||
array( 'update_delete_others', null, 401 ), | ||
); | ||
} | ||
|
||
/** | ||
* Exhaustively check that each role either can or cannot create, edit, | ||
* update, and delete reusable blocks. | ||
* | ||
* @dataProvider data_capabilities | ||
*/ | ||
public function test_capabilities( $action, $role, $expected_status ) { | ||
if ( $role ) { | ||
$user_id = $this->factory->user->create( array( 'role' => $role ) ); | ||
wp_set_current_user( $user_id ); | ||
} else { | ||
wp_set_current_user( 0 ); | ||
} | ||
|
||
switch ( $action ) { | ||
case 'create': | ||
$request = new WP_REST_Request( 'POST', '/wp/v2/blocks' ); | ||
$request->set_body_params( | ||
array( | ||
'title' => 'Test', | ||
'content' => '<!-- wp:core/paragraph --><p>Test</p><!-- /wp:core/paragraph -->', | ||
) | ||
); | ||
|
||
$response = rest_get_server()->dispatch( $request ); | ||
$this->assertEquals( $expected_status, $response->get_status() ); | ||
|
||
break; | ||
|
||
case 'read': | ||
$request = new WP_REST_Request( 'GET', '/wp/v2/blocks/' . self::$post_id ); | ||
|
||
$response = rest_get_server()->dispatch( $request ); | ||
$this->assertEquals( $expected_status, $response->get_status() ); | ||
|
||
break; | ||
|
||
case 'update_delete_own': | ||
$post_id = wp_insert_post( | ||
array( | ||
'post_type' => 'wp_block', | ||
'post_status' => 'publish', | ||
'post_title' => 'My cool block', | ||
'post_content' => '<!-- wp:core/paragraph --><p>Hello!</p><!-- /wp:core/paragraph -->', | ||
'post_author' => $user_id, | ||
) | ||
); | ||
|
||
$request = new WP_REST_Request( 'PUT', '/wp/v2/blocks/' . $post_id ); | ||
$request->set_body_params( | ||
array( | ||
'title' => 'Test', | ||
'content' => '<!-- wp:core/paragraph --><p>Test</p><!-- /wp:core/paragraph -->', | ||
) | ||
); | ||
|
||
$response = rest_get_server()->dispatch( $request ); | ||
$this->assertEquals( $expected_status, $response->get_status() ); | ||
|
||
$request = new WP_REST_Request( 'DELETE', '/wp/v2/blocks/' . $post_id ); | ||
|
||
$response = rest_get_server()->dispatch( $request ); | ||
$this->assertEquals( $expected_status, $response->get_status() ); | ||
|
||
wp_delete_post( $post_id ); | ||
|
||
break; | ||
|
||
case 'update_delete_others': | ||
$request = new WP_REST_Request( 'PUT', '/wp/v2/blocks/' . self::$post_id ); | ||
$request->set_body_params( | ||
array( | ||
'title' => 'Test', | ||
'content' => '<!-- wp:core/paragraph --><p>Test</p><!-- /wp:core/paragraph -->', | ||
) | ||
); | ||
|
||
$response = rest_get_server()->dispatch( $request ); | ||
$this->assertEquals( $expected_status, $response->get_status() ); | ||
|
||
$request = new WP_REST_Request( 'DELETE', '/wp/v2/blocks/' . self::$post_id ); | ||
|
||
$response = rest_get_server()->dispatch( $request ); | ||
$this->assertEquals( $expected_status, $response->get_status() ); | ||
|
||
break; | ||
|
||
default: | ||
$this->fail( "'$action' is not a valid action." ); | ||
} | ||
|
||
if ( isset( $user_id ) ) { | ||
self::delete_user( $user_id ); | ||
} | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Because the CPT now supports
title
andeditor
, we can go a step further and remove this line fromgutenberg.php:267
:This PR would then close #9964.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated in c8ad73a