tmt/tiger_frontend - Gogs: Simplico Git Service

/**

* Updates a comment.

* @since 4.7.0

* @param WP_REST_Request $request Full details about the request.

* @return WP_REST_Response|WP_Error Response object on success, or error object on failure.

public function update_item( $request ) {

$comment = $this->get_comment( $request['id'] );

if ( is_wp_error( $comment ) ) {

return $comment;

}

$id = $comment->comment_ID;

if ( isset( $request['type'] ) && get_comment_type( $id ) !== $request['type'] ) {

return new WP_Error(

'rest_comment_invalid_type',

__( 'Sorry, you are not allowed to change the comment type.' ),

array( 'status' => 404 )

);

}

$prepared_args = $this->prepare_item_for_database( $request );

if ( is_wp_error( $prepared_args ) ) {

return $prepared_args;

}

if ( ! empty( $prepared_args['comment_post_ID'] ) ) {

$post = get_post( $prepared_args['comment_post_ID'] );

if ( empty( $post ) ) {

return new WP_Error(

'rest_comment_invalid_post_id',

__( 'Invalid post ID.' ),

array( 'status' => 403 )

);

}

if ( empty( $prepared_args ) && isset( $request['status'] ) ) {

// Only the comment status is being changed.

$change = $this->handle_status_param( $request['status'], $id );

if ( ! $change ) {

return new WP_Error(

'rest_comment_failed_edit',

__( 'Updating comment status failed.' ),

array( 'status' => 500 )

);

}

} elseif ( ! empty( $prepared_args ) ) {

if ( is_wp_error( $prepared_args ) ) {

return $prepared_args;

}

if ( isset( $prepared_args['comment_content'] ) && empty( $prepared_args['comment_content'] ) ) {

return new WP_Error(

'rest_comment_content_invalid',

__( 'Invalid comment content.' ),

array( 'status' => 400 )

);

}

$prepared_args['comment_ID'] = $id;

$check_comment_lengths = wp_check_comment_data_max_lengths( $prepared_args );

if ( is_wp_error( $check_comment_lengths ) ) {

$error_code = $check_comment_lengths->get_error_code();

return new WP_Error(

$error_code,

__( 'Comment field exceeds maximum length allowed.' ),

array( 'status' => 400 )

);

}

$updated = wp_update_comment( wp_slash( (array) $prepared_args ), true );

if ( is_wp_error( $updated ) ) {

return new WP_Error(

'rest_comment_failed_edit',

__( 'Updating comment failed.' ),

array( 'status' => 500 )

);

}

if ( isset( $request['status'] ) ) {

$this->handle_status_param( $request['status'], $id );

}

$comment = get_comment( $id );

/** This action is documented in wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php */

do_action( 'rest_insert_comment', $comment, $request, false );

$schema = $this->get_item_schema();

if ( ! empty( $schema['properties']['meta'] ) && isset( $request['meta'] ) ) {

$meta_update = $this->meta->update_value( $request['meta'], $id );

if ( is_wp_error( $meta_update ) ) {

return $meta_update;

}

$fields_update = $this->update_additional_fields_for_object( $comment, $request );

if ( is_wp_error( $fields_update ) ) {

return $fields_update;

}

$request->set_param( 'context', 'edit' );

/** This action is documented in wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php */

do_action( 'rest_after_insert_comment', $comment, $request, false );

$response = $this->prepare_item_for_response( $comment, $request );

return rest_ensure_response( $response );

}

/**

* Checks if a given request has access to delete a comment.

* @since 4.7.0

* @param WP_REST_Request $request Full details about the request.

* @return true|WP_Error True if the request has access to delete the item, error object otherwise.

public function delete_item_permissions_check( $request ) {

$comment = $this->get_comment( $request['id'] );

if ( is_wp_error( $comment ) ) {

return $comment;

}

if ( ! $this->check_edit_permission( $comment ) ) {

return new WP_Error(

'rest_cannot_delete',

__( 'Sorry, you are not allowed to delete this comment.' ),

array( 'status' => rest_authorization_required_code() )

);

}

return true;

}

/**

* Deletes a comment.

* @since 4.7.0

* @param WP_REST_Request $request Full details about the request.

* @return WP_REST_Response|WP_Error Response object on success, or error object on failure.

public function delete_item( $request ) {

$comment = $this->get_comment( $request['id'] );

if ( is_wp_error( $comment ) ) {

return $comment;

}

$force = isset( $request['force'] ) ? (bool) $request['force'] : false;

/**

* Filters whether a comment can be trashed via the REST API.

* Return false to disable trash support for the comment.

* @since 4.7.0

* @param bool $supports_trash Whether the comment supports trashing.

* @param WP_Comment $comment The comment object being considered for trashing support.

$supports_trash = apply_filters( 'rest_comment_trashable', ( EMPTY_TRASH_DAYS > 0 ), $comment );

$request->set_param( 'context', 'edit' );

if ( $force ) {

$previous = $this->prepare_item_for_response( $comment, $request );

$result = wp_delete_comment( $comment->comment_ID, true );

$response = new WP_REST_Response();

$response->set_data(

array(

'deleted' => true,

'previous' => $previous->get_data(),

)

);

} else {

// If this type doesn't support trashing, error out.

if ( ! $supports_trash ) {

return new WP_Error(

'rest_trash_not_supported',

/* translators: %s: force=true */

sprintf( __( "The comment does not support trashing. Set '%s' to delete." ), 'force=true' ),

array( 'status' => 501 )

);

}

if ( 'trash' === $comment->comment_approved ) {

return new WP_Error(

'rest_already_trashed',

__( 'The comment has already been trashed.' ),

array( 'status' => 410 )

);

}

$result = wp_trash_comment( $comment->comment_ID );

$comment = get_comment( $comment->comment_ID );

$response = $this->prepare_item_for_response( $comment, $request );

}

if ( ! $result ) {

return new WP_Error(

'rest_cannot_delete',

__( 'The comment cannot be deleted.' ),

array( 'status' => 500 )

);

}

/**

* Fires after a comment is deleted via the REST API.

* @since 4.7.0

* @param WP_Comment $comment The deleted comment data.

* @param WP_REST_Response $response The response returned from the API.

* @param WP_REST_Request $request The request sent to the API.

do_action( 'rest_delete_comment', $comment, $response, $request );

return $response;

}

/**

* Prepares a single comment output for response.

* @since 4.7.0

* @param WP_Comment $comment Comment object.

* @param WP_REST_Request $request Request object.

* @return WP_REST_Response Response object.

public function prepare_item_for_response( $comment, $request ) {

$fields = $this->get_fields_for_response( $request );

$data = array();

if ( in_array( 'id', $fields, true ) ) {

$data['id'] = (int) $comment->comment_ID;

}

if ( in_array( 'post', $fields, true ) ) {

$data['post'] = (int) $comment->comment_post_ID;

}

if ( in_array( 'parent', $fields, true ) ) {

$data['parent'] = (int) $comment->comment_parent;

}

if ( in_array( 'author', $fields, true ) ) {

$data['author'] = (int) $comment->user_id;

}

if ( in_array( 'author_name', $fields, true ) ) {

$data['author_name'] = $comment->comment_author;

}

if ( in_array( 'author_email', $fields, true ) ) {

$data['author_email'] = $comment->comment_author_email;

}

if ( in_array( 'author_url', $fields, true ) ) {

$data['author_url'] = $comment->comment_author_url;

}

if ( in_array( 'author_ip', $fields, true ) ) {

$data['author_ip'] = $comment->comment_author_IP;

}

if ( in_array( 'author_user_agent', $fields, true ) ) {

$data['author_user_agent'] = $comment->comment_agent;

}

if ( in_array( 'date', $fields, true ) ) {

$data['date'] = mysql_to_rfc3339( $comment->comment_date );

}

if ( in_array( 'date_gmt', $fields, true ) ) {

$data['date_gmt'] = mysql_to_rfc3339( $comment->comment_date_gmt );

}

if ( in_array( 'content', $fields, true ) ) {

$data['content'] = array(

/** This filter is documented in wp-includes/comment-template.php */

'rendered' => apply_filters( 'comment_text', $comment->comment_content, $comment ),

'raw' => $comment->comment_content,

);

}

if ( in_array( 'link', $fields, true ) ) {

$data['link'] = get_comment_link( $comment );

}

if ( in_array( 'status', $fields, true ) ) {

$data['status'] = $this->prepare_status_response( $comment->comment_approved );

}

if ( in_array( 'type', $fields, true ) ) {

$data['type'] = get_comment_type( $comment->comment_ID );

}

if ( in_array( 'author_avatar_urls', $fields, true ) ) {

$data['author_avatar_urls'] = rest_get_avatar_urls( $comment );

}

if ( in_array( 'meta', $fields, true ) ) {

$data['meta'] = $this->meta->get_value( $comment->comment_ID, $request );

}

$context = ! empty( $request['context'] ) ? $request['context'] : 'view';

$data = $this->add_additional_fields_to_object( $data, $request );

$data = $this->filter_response_by_context( $data, $context );

// Wrap the data in a response object.

$response = rest_ensure_response( $data );

$response->add_links( $this->prepare_links( $comment ) );

/**

* Filters a comment returned from the REST API.

* Allows modification of the comment right before it is returned.

* @since 4.7.0

* @param WP_REST_Response $response The response object.

* @param WP_Comment $comment The original comment object.

* @param WP_REST_Request $request Request used to generate the response.

return apply_filters( 'rest_prepare_comment', $response, $comment, $request );

}

/**

* Prepares links for the request.

* @since 4.7.0

* @param WP_Comment $comment Comment object.

* @return array Links for the given comment.

protected function prepare_links( $comment ) {

$links = array(

'self' => array(

'href' => rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $comment->comment_ID ) ),

'collection' => array(

'href' => rest_url( sprintf( '%s/%s', $this->namespace, $this->rest_base ) ),

);

if ( 0 !== (int) $comment->user_id ) {

$links['author'] = array(

'href' => rest_url( 'wp/v2/users/' . $comment->user_id ),

'embeddable' => true,

);

}

if ( 0 !== (int) $comment->comment_post_ID ) {

$post = get_post( $comment->comment_post_ID );

$post_route = rest_get_route_for_post( $post );

if ( ! empty( $post->ID ) && $post_route ) {

$links['up'] = array(

'href' => rest_url( $post_route ),

'embeddable' => true,

'post_type' => $post->post_type,

);

}

if ( 0 !== (int) $comment->comment_parent ) {

$links['in-reply-to'] = array(

'href' => rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $comment->comment_parent ) ),

'embeddable' => true,

);

}

// Only grab one comment to verify the comment has children.

$comment_children = $comment->get_children(

array(

'number' => 1,

'count' => true,

)

);

if ( ! empty( $comment_children ) ) {

$args = array(

'parent' => $comment->comment_ID,

);

$rest_url = add_query_arg( $args, rest_url( $this->namespace . '/' . $this->rest_base ) );

$links['children'] = array(

'href' => $rest_url,

);

}

return $links;

}

/**

* Prepends internal property prefix to query parameters to match our response fields.

* @since 4.7.0

* @param string $query_param Query parameter.

* @return string The normalized query parameter.

protected function normalize_query_param( $query_param ) {

$prefix = 'comment_';

switch ( $query_param ) {

case 'id':

$normalized = $prefix . 'ID';

break;

case 'post':

$normalized = $prefix . 'post_ID';

break;

case 'parent':

$normalized = $prefix . 'parent';

break;

case 'include':

$normalized = 'comment__in';

break;

default:

$normalized = $prefix . $query_param;

break;

}

return $normalized;

}

/**

* Checks comment_approved to set comment status for single comment output.

* @since 4.7.0

* @param string|int $comment_approved comment status.

* @return string Comment status.

protected function prepare_status_response( $comment_approved ) {

switch ( $comment_approved ) {

case 'hold':

case '0':

$status = 'hold';

break;

case 'approve':

case '1':

$status = 'approved';

break;

case 'spam':

case 'trash':

default:

$status = $comment_approved;

break;

}

return $status;

}

/**

* Prepares a single comment to be inserted into the database.

* @since 4.7.0

* @param WP_REST_Request $request Request object.

* @return array|WP_Error Prepared comment, otherwise WP_Error object.

protected function prepare_item_for_database( $request ) {

$prepared_comment = array();

* Allow the comment_content to be set via the 'content' or

* the 'content.raw' properties of the Request object.

if ( isset( $request['content'] ) && is_string( $request['content'] ) ) {

$prepared_comment['comment_content'] = trim( $request['content'] );

} elseif ( isset( $request['content']['raw'] ) && is_string( $request['content']['raw'] ) ) {

$prepared_comment['comment_content'] = trim( $request['content']['raw'] );

}

if ( isset( $request['post'] ) ) {

$prepared_comment['comment_post_ID'] = (int) $request['post'];

}

if ( isset( $request['parent'] ) ) {

$prepared_comment['comment_parent'] = $request['parent'];

}

if ( isset( $request['author'] ) ) {

$user = new WP_User( $request['author'] );

if ( $user->exists() ) {

$prepared_comment['user_id'] = $user->ID;

$prepared_comment['comment_author'] = $user->display_name;

$prepared_comment['comment_author_email'] = $user->user_email;

$prepared_comment['comment_author_url'] = $user->user_url;

} else {

return new WP_Error(

'rest_comment_author_invalid',

__( 'Invalid comment author ID.' ),

array( 'status' => 400 )

);

}

if ( isset( $request['author_name'] ) ) {

$prepared_comment['comment_author'] = $request['author_name'];

}

if ( isset( $request['author_email'] ) ) {

$prepared_comment['comment_author_email'] = $request['author_email'];

}

if ( isset( $request['author_url'] ) ) {

$prepared_comment['comment_author_url'] = $request['author_url'];

}

if ( isset( $request['author_ip'] ) && current_user_can( 'moderate_comments' ) ) {

$prepared_comment['comment_author_IP'] = $request['author_ip'];

} elseif ( ! empty( $_SERVER['REMOTE_ADDR'] ) && rest_is_ip_address( $_SERVER['REMOTE_ADDR'] ) ) {

$prepared_comment['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];

} else {

$prepared_comment['comment_author_IP'] = '127.0.0.1';

}

if ( ! empty( $request['author_user_agent'] ) ) {

$prepared_comment['comment_agent'] = $request['author_user_agent'];

} elseif ( $request->get_header( 'user_agent' ) ) {

$prepared_comment['comment_agent'] = $request->get_header( 'user_agent' );

}

if ( ! empty( $request['date'] ) ) {

$date_data = rest_get_date_with_gmt( $request['date'] );

if ( ! empty( $date_data ) ) {

list( $prepared_comment['comment_date'], $prepared_comment['comment_date_gmt'] ) = $date_data;

}

} elseif ( ! empty( $request['date_gmt'] ) ) {

$date_data = rest_get_date_with_gmt( $request['date_gmt'], true );

if ( ! empty( $date_data ) ) {

list( $prepared_comment['comment_date'], $prepared_comment['comment_date_gmt'] ) = $date_data;

}

/**

* Filters a comment added via the REST API after it is prepared for insertion into the database.

* Allows modification of the comment right after it is prepared for the database.

* @since 4.7.0

* @param array $prepared_comment The prepared comment data for `wp_insert_comment`.

* @param WP_REST_Request $request The current request.

return apply_filters( 'rest_preprocess_comment', $prepared_comment, $request );

}

/**

* Retrieves the comment's schema, conforming to JSON Schema.

* @since 4.7.0

* @return array

public function get_item_schema() {

if ( $this->schema ) {

return $this->add_additional_fields_schema( $this->schema );

}

$schema = array(

'$schema' => 'http://json-schema.org/draft-04/schema#',

'title' => 'comment',

'type' => 'object',

'properties' => array(

'id' => array(

'description' => __( 'Unique identifier for the comment.' ),

'type' => 'integer',

'context' => array( 'view', 'edit', 'embed' ),

'readonly' => true,

'author' => array(

'description' => __( 'The ID of the user object, if author was a user.' ),

'type' => 'integer',

'context' => array( 'view', 'edit', 'embed' ),

'author_email' => array(

'description' => __( 'Email address for the comment author.' ),

'type' => 'string',

'format' => 'email',

'context' => array( 'edit' ),

'arg_options' => array(

'sanitize_callback' => array( $this, 'check_comment_author_email' ),

'validate_callback' => null, // Skip built-in validation of 'email'.

'author_ip' => array(

'description' => __( 'IP address for the comment author.' ),

'type' => 'string',

'format' => 'ip',

'context' => array( 'edit' ),

'author_name' => array(

'description' => __( 'Display name for the comment author.' ),

'type' => 'string',

'context' => array( 'view', 'edit', 'embed' ),

'arg_options' => array(

'sanitize_callback' => 'sanitize_text_field',

'author_url' => array(

'description' => __( 'URL for the comment author.' ),

'type' => 'string',

'format' => 'uri',

'context' => array( 'view', 'edit', 'embed' ),

'author_user_agent' => array(

'description' => __( 'User agent for the comment author.' ),

'type' => 'string',

'context' => array( 'edit' ),

'arg_options' => array(

'sanitize_callback' => 'sanitize_text_field',

'content' => array(

'description' => __( 'The content for the comment.' ),

'type' => 'object',

'context' => array( 'view', 'edit', 'embed' ),

'arg_options' => array(

'sanitize_callback' => null, // Note: sanitization implemented in self::prepare_item_for_database().

'validate_callback' => null, // Note: validation implemented in self::prepare_item_for_database().

'properties' => array(

'raw' => array(

'description' => __( 'Content for the comment, as it exists in the database.' ),

'type' => 'string',

'context' => array( 'edit' ),

'rendered' => array(

'description' => __( 'HTML content for the comment, transformed for display.' ),

'type' => 'string',

'context' => array( 'view', 'edit', 'embed' ),

'readonly' => true,

'date' => array(

'description' => __( "The date the comment was published, in the site's timezone." ),

'type' => 'string',

'format' => 'date-time',

'context' => array( 'view', 'edit', 'embed' ),

'date_gmt' => array(

'description' => __( 'The date the comment was published, as GMT.' ),

'type' => 'string',

'format' => 'date-time',

'context' => array( 'view', 'edit' ),

'link' => array(

'description' => __( 'URL to the comment.' ),

'type' => 'string',

'format' => 'uri',

'context' => array( 'view', 'edit', 'embed' ),

'readonly' => true,

'parent' => array(

'description' => __( 'The ID for the parent of the comment.' ),

'type' => 'integer',

'context' => array( 'view', 'edit', 'embed' ),

'default' => 0,

'post' => array(

'description' => __( 'The ID of the associated post object.' ),

'type' => 'integer',

'context' => array( 'view', 'edit' ),

'default' => 0,

'status' => array(

'description' => __( 'State of the comment.' ),

'type' => 'string',

'context' => array( 'view', 'edit' ),

'arg_options' => array(

'sanitize_callback' => 'sanitize_key',

'type' => array(

'description' => __( 'Type of the comment.' ),

'type' => 'string',

'context' => array( 'view', 'edit', 'embed' ),

'readonly' => true,

);

if ( get_option( 'show_avatars' ) ) {

$avatar_properties = array();

$avatar_sizes = rest_get_avatar_sizes();

foreach ( $avatar_sizes as $size ) {

$avatar_properties[ $size ] = array(

/* translators: %d: Avatar image size in pixels. */

'description' => sprintf( __( 'Avatar URL with image size of %d pixels.' ), $size ),

'type' => 'string',

'format' => 'uri',

'context' => array( 'embed', 'view', 'edit' ),

);

}

$schema['properties']['author_avatar_urls'] = array(

'description' => __( 'Avatar URLs for the comment author.' ),

'type' => 'object',

'context' => array( 'view', 'edit', 'embed' ),

'readonly' => true,

'properties' => $avatar_properties,

);

}

$schema['properties']['meta'] = $this->meta->get_field_schema();

$this->schema = $schema;

return $this->add_additional_fields_schema( $this->schema );

}

/**

* Retrieves the query params for collections.

* @since 4.7.0

* @return array Comments collection parameters.

public function get_collection_params() {

$query_params = parent::get_collection_params();

$query_params['context']['default'] = 'view';

$query_params['after'] = array(

'description' => __( 'Limit response to comments published after a given ISO8601 compliant date.' ),

'type' => 'string',

'format' => 'date-time',

);

$query_params['author'] = array(

'description' => __( 'Limit result set to comments assigned to specific user IDs. Requires authorization.' ),

'type' => 'array',

'items' => array(

'type' => 'integer',

);

$query_params['author_exclude'] = array(

'description' => __( 'Ensure result set excludes comments assigned to specific user IDs. Requires authorization.' ),

'type' => 'array',

'items' => array(

'type' => 'integer',

);

$query_params['author_email'] = array(

'default' => null,

'description' => __( 'Limit result set to that from a specific author email. Requires authorization.' ),

'format' => 'email',

'type' => 'string',

);

$query_params['before'] = array(

'description' => __( 'Limit response to comments published before a given ISO8601 compliant date.' ),

'type' => 'string',

'format' => 'date-time',

);

$query_params['exclude'] = array(

'description' => __( 'Ensure result set excludes specific IDs.' ),

'type' => 'array',

'items' => array(

'type' => 'integer',

'default' => array(),

);

$query_params['include'] = array(

'description' => __( 'Limit result set to specific IDs.' ),

'type' => 'array',

'items' => array(

'type' => 'integer',

'default' => array(),

);

$query_params['offset'] = array(

'description' => __( 'Offset the result set by a specific number of items.' ),

'type' => 'integer',

);

$query_params['order'] = array(

'description' => __( 'Order sort attribute ascending or descending.' ),

'type' => 'string',

'default' => 'desc',

'enum' => array(

'asc',

'desc',

);

$query_params['orderby'] = array(

'description' => __( 'Sort collection by comment attribute.' ),

'type' => 'string',

'default' => 'date_gmt',

'enum' => array(

'date',

'date_gmt',

'id',

'include',

'post',

'parent',

'type',

);

$query_params['parent'] = array(

'default' => array(),

'description' => __( 'Limit result set to comments of specific parent IDs.' ),

'type' => 'array',

'items' => array(

'type' => 'integer',

);

$query_params['parent_exclude'] = array(

'default' => array(),

'description' => __( 'Ensure result set excludes specific parent IDs.' ),

'type' => 'array',

'items' => array(

'type' => 'integer',

);

$query_params['post'] = array(

'default' => array(),

'description' => __( 'Limit result set to comments assigned to specific post IDs.' ),

'type' => 'array',

'items' => array(

'type' => 'integer',

);

$query_params['status'] = array(

'default' => 'approve',

'description' => __( 'Limit result set to comments assigned a specific status. Requires authorization.' ),

'sanitize_callback' => 'sanitize_key',

'type' => 'string',

'validate_callback' => 'rest_validate_request_arg',

);

$query_params['type'] = array(

'default' => 'comment',

'description' => __( 'Limit result set to comments assigned a specific type. Requires authorization.' ),

'sanitize_callback' => 'sanitize_key',

'type' => 'string',

'validate_callback' => 'rest_validate_request_arg',

);

$query_params['password'] = array(

'description' => __( 'The password for the post if it is password protected.' ),

'type' => 'string',

);

/**

* Filters REST API collection parameters for the comments controller.

* This filter registers the collection parameter, but does not map the

* collection parameter to an internal WP_Comment_Query parameter. Use the

* `rest_comment_query` filter to set WP_Comment_Query parameters.

* @since 4.7.0

* @param array $query_params JSON Schema-formatted collection parameters.

return apply_filters( 'rest_comment_collection_params', $query_params );

}

/**

* Sets the comment_status of a given comment object when creating or updating a comment.

* @since 4.7.0

* @param string|int $new_status New comment status.

* @param int $comment_id Comment ID.

* @return bool Whether the status was changed.

protected function handle_status_param( $new_status, $comment_id ) {

$old_status = wp_get_comment_status( $comment_id );

if ( $new_status === $old_status ) {

return false;

}

switch ( $new_status ) {

case 'approved':

case 'approve':

case '1':

$changed = wp_set_comment_status( $comment_id, 'approve' );

break;

case 'hold':

case '0':

$changed = wp_set_comment_status( $comment_id, 'hold' );

break;

case 'spam':

$changed = wp_spam_comment( $comment_id );

break;

case 'unspam':

$changed = wp_unspam_comment( $comment_id );

break;

case 'trash':

$changed = wp_trash_comment( $comment_id );

break;

case 'untrash':

$changed = wp_untrash_comment( $comment_id );

break;

default:

$changed = false;

break;

}

return $changed;

}

/**

* Checks if the post can be read.

* Correctly handles posts with the inherit status.

* @since 4.7.0

* @param WP_Post $post Post object.

* @param WP_REST_Request $request Request data to check.

* @return bool Whether post can be read.

protected function check_read_post_permission( $post, $request ) {

$post_type = get_post_type_object( $post->post_type );

// Return false if custom post type doesn't exist

if ( ! $post_type ) {

return false;

}

$posts_controller = $post_type->get_rest_controller();

// Ensure the posts controller is specifically a WP_REST_Posts_Controller instance

// before using methods specific to that controller.

if ( ! $posts_controller instanceof WP_REST_Posts_Controller ) {

$posts_controller = new WP_REST_Posts_Controller( $post->post_type );

}

$has_password_filter = false;

// Only check password if a specific post was queried for or a single comment

$requested_post = ! empty( $request['post'] ) && ( ! is_array( $request['post'] ) || 1 === count( $request['post'] ) );

$requested_comment = ! empty( $request['id'] );

if ( ( $requested_post || $requested_comment ) && $posts_controller->can_access_password_content( $post, $request ) ) {

add_filter( 'post_password_required', '__return_false' );

$has_password_filter = true;

}

if ( post_password_required( $post ) ) {

$result = current_user_can( 'edit_post', $post->ID );

} else {

$result = $posts_controller->check_read_permission( $post );

}

if ( $has_password_filter ) {

remove_filter( 'post_password_required', '__return_false' );

}

return $result;

}

/**

* Checks if the comment can be read.

* @since 4.7.0

* @param WP_Comment $comment Comment object.

* @param WP_REST_Request $request Request data to check.

* @return bool Whether the comment can be read.

protected function check_read_permission( $comment, $request ) {

if ( ! empty( $comment->comment_post_ID ) ) {

$post = get_post( $comment->comment_post_ID );

if ( $post ) {

if ( $this->check_read_post_permission( $post, $request ) && 1 === (int) $comment->comment_approved ) {

return true;

}

if ( 0 === get_current_user_id() ) {

return false;

}

if ( empty( $comment->comment_post_ID ) && ! current_user_can( 'moderate_comments' ) ) {

return false;

}

if ( ! empty( $comment->user_id ) && get_current_user_id() === (int) $comment->user_id ) {

return true;

}

return current_user_can( 'edit_comment', $comment->comment_ID );

}

/**

* Checks if a comment can be edited or deleted.

* @since 4.7.0

* @param WP_Comment $comment Comment object.

* @return bool Whether the comment can be edited or deleted.

protected function check_edit_permission( $comment ) {

if ( 0 === (int) get_current_user_id() ) {

return false;

}

if ( current_user_can( 'moderate_comments' ) ) {

return true;

}

return current_user_can( 'edit_comment', $comment->comment_ID );

}

/**

* Checks a comment author email for validity.

* Accepts either a valid email address or empty string as a valid comment

* author email address. Setting the comment author email to an empty

* string is allowed when a comment is being updated.

* @since 4.7.0

* @param string $value Author email value submitted.

* @param WP_REST_Request $request Full details about the request.

* @param string $param The parameter name.

* @return string|WP_Error The sanitized email address, if valid,

* otherwise an error.

public function check_comment_author_email( $value, $request, $param ) {

$email = (string) $value;

if ( empty( $email ) ) {

return $email;

}

$check_email = rest_validate_request_arg( $email, $request, $param );

if ( is_wp_error( $check_email ) ) {

return $check_email;

}

return $email;

}

/**

* If empty comments are not allowed, checks if the provided comment content is not empty.

* @since 5.6.0

* @param array $prepared_comment The prepared comment data.

* @return bool True if the content is allowed, false otherwise.

protected function check_is_comment_content_allowed( $prepared_comment ) {

$check = wp_parse_args(

$prepared_comment,

array(

'comment_post_ID' => 0,

'comment_parent' => 0,

'user_ID' => 0,

'comment_author' => null,

'comment_author_email' => null,

'comment_author_url' => null,

)

);

/** This filter is documented in wp-includes/comment.php */

$allow_empty = apply_filters( 'allow_empty_comment', false, $check );

if ( $allow_empty ) {

return true;

}

* Do not allow a comment to be created with missing or empty

* comment_content. See wp_handle_comment_submission().

return '' !== $check['comment_content'];

}

tmt/tiger_frontend - Gogs: Simplico Git Service

No Description

golf 77628cf8bf first comm		2 years ago
..
index.js	77628cf8bf first comm	2 years ago