[ Index ] |
PHP Cross Reference of WordPress |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * REST API: WP_REST_Meta_Fields class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 9 10 /** 11 * Core class to manage meta values for an object via the REST API. 12 * 13 * @since 4.7.0 14 */ 15 abstract class WP_REST_Meta_Fields { 16 17 /** 18 * Retrieves the object meta type. 19 * 20 * @since 4.7.0 21 * 22 * @return string One of 'post', 'comment', 'term', 'user', or anything 23 * else supported by `_get_meta_table()`. 24 */ 25 abstract protected function get_meta_type(); 26 27 /** 28 * Retrieves the object meta subtype. 29 * 30 * @since 4.9.8 31 * 32 * @return string Subtype for the meta type, or empty string if no specific subtype. 33 */ 34 protected function get_meta_subtype() { 35 return ''; 36 } 37 38 /** 39 * Retrieves the object type for register_rest_field(). 40 * 41 * @since 4.7.0 42 * 43 * @return string The REST field type, such as post type name, taxonomy name, 'comment', or `user`. 44 */ 45 abstract protected function get_rest_field_type(); 46 47 /** 48 * Registers the meta field. 49 * 50 * @since 4.7.0 51 * @deprecated 5.6.0 52 * 53 * @see register_rest_field() 54 */ 55 public function register_field() { 56 _deprecated_function( __METHOD__, '5.6.0' ); 57 58 register_rest_field( 59 $this->get_rest_field_type(), 60 'meta', 61 array( 62 'get_callback' => array( $this, 'get_value' ), 63 'update_callback' => array( $this, 'update_value' ), 64 'schema' => $this->get_field_schema(), 65 ) 66 ); 67 } 68 69 /** 70 * Retrieves the meta field value. 71 * 72 * @since 4.7.0 73 * 74 * @param int $object_id Object ID to fetch meta for. 75 * @param WP_REST_Request $request Full details about the request. 76 * @return array Array containing the meta values keyed by name. 77 */ 78 public function get_value( $object_id, $request ) { 79 $fields = $this->get_registered_fields(); 80 $response = array(); 81 82 foreach ( $fields as $meta_key => $args ) { 83 $name = $args['name']; 84 $all_values = get_metadata( $this->get_meta_type(), $object_id, $meta_key, false ); 85 86 if ( $args['single'] ) { 87 if ( empty( $all_values ) ) { 88 $value = $args['schema']['default']; 89 } else { 90 $value = $all_values[0]; 91 } 92 93 $value = $this->prepare_value_for_response( $value, $request, $args ); 94 } else { 95 $value = array(); 96 97 foreach ( $all_values as $row ) { 98 $value[] = $this->prepare_value_for_response( $row, $request, $args ); 99 } 100 } 101 102 $response[ $name ] = $value; 103 } 104 105 return $response; 106 } 107 108 /** 109 * Prepares a meta value for a response. 110 * 111 * This is required because some native types cannot be stored correctly 112 * in the database, such as booleans. We need to cast back to the relevant 113 * type before passing back to JSON. 114 * 115 * @since 4.7.0 116 * 117 * @param mixed $value Meta value to prepare. 118 * @param WP_REST_Request $request Current request object. 119 * @param array $args Options for the field. 120 * @return mixed Prepared value. 121 */ 122 protected function prepare_value_for_response( $value, $request, $args ) { 123 if ( ! empty( $args['prepare_callback'] ) ) { 124 $value = call_user_func( $args['prepare_callback'], $value, $request, $args ); 125 } 126 127 return $value; 128 } 129 130 /** 131 * Updates meta values. 132 * 133 * @since 4.7.0 134 * 135 * @param array $meta Array of meta parsed from the request. 136 * @param int $object_id Object ID to fetch meta for. 137 * @return null|WP_Error Null on success, WP_Error object on failure. 138 */ 139 public function update_value( $meta, $object_id ) { 140 $fields = $this->get_registered_fields(); 141 142 foreach ( $fields as $meta_key => $args ) { 143 $name = $args['name']; 144 if ( ! array_key_exists( $name, $meta ) ) { 145 continue; 146 } 147 148 $value = $meta[ $name ]; 149 150 /* 151 * A null value means reset the field, which is essentially deleting it 152 * from the database and then relying on the default value. 153 * 154 * Non-single meta can also be removed by passing an empty array. 155 */ 156 if ( is_null( $value ) || ( array() === $value && ! $args['single'] ) ) { 157 $args = $this->get_registered_fields()[ $meta_key ]; 158 159 if ( $args['single'] ) { 160 $current = get_metadata( $this->get_meta_type(), $object_id, $meta_key, true ); 161 162 if ( is_wp_error( rest_validate_value_from_schema( $current, $args['schema'] ) ) ) { 163 return new WP_Error( 164 'rest_invalid_stored_value', 165 /* translators: %s: Custom field key. */ 166 sprintf( __( 'The %s property has an invalid stored value, and cannot be updated to null.' ), $name ), 167 array( 'status' => 500 ) 168 ); 169 } 170 } 171 172 $result = $this->delete_meta_value( $object_id, $meta_key, $name ); 173 if ( is_wp_error( $result ) ) { 174 return $result; 175 } 176 continue; 177 } 178 179 if ( ! $args['single'] && is_array( $value ) && count( array_filter( $value, 'is_null' ) ) ) { 180 return new WP_Error( 181 'rest_invalid_stored_value', 182 /* translators: %s: Custom field key. */ 183 sprintf( __( 'The %s property has an invalid stored value, and cannot be updated to null.' ), $name ), 184 array( 'status' => 500 ) 185 ); 186 } 187 188 $is_valid = rest_validate_value_from_schema( $value, $args['schema'], 'meta.' . $name ); 189 if ( is_wp_error( $is_valid ) ) { 190 $is_valid->add_data( array( 'status' => 400 ) ); 191 return $is_valid; 192 } 193 194 $value = rest_sanitize_value_from_schema( $value, $args['schema'] ); 195 196 if ( $args['single'] ) { 197 $result = $this->update_meta_value( $object_id, $meta_key, $name, $value ); 198 } else { 199 $result = $this->update_multi_meta_value( $object_id, $meta_key, $name, $value ); 200 } 201 202 if ( is_wp_error( $result ) ) { 203 return $result; 204 } 205 } 206 207 return null; 208 } 209 210 /** 211 * Deletes a meta value for an object. 212 * 213 * @since 4.7.0 214 * 215 * @param int $object_id Object ID the field belongs to. 216 * @param string $meta_key Key for the field. 217 * @param string $name Name for the field that is exposed in the REST API. 218 * @return true|WP_Error True if meta field is deleted, WP_Error otherwise. 219 */ 220 protected function delete_meta_value( $object_id, $meta_key, $name ) { 221 $meta_type = $this->get_meta_type(); 222 223 if ( ! current_user_can( "delete_{$meta_type}_meta", $object_id, $meta_key ) ) { 224 return new WP_Error( 225 'rest_cannot_delete', 226 /* translators: %s: Custom field key. */ 227 sprintf( __( 'Sorry, you are not allowed to edit the %s custom field.' ), $name ), 228 array( 229 'key' => $name, 230 'status' => rest_authorization_required_code(), 231 ) 232 ); 233 } 234 235 if ( ! delete_metadata( $meta_type, $object_id, wp_slash( $meta_key ) ) ) { 236 return new WP_Error( 237 'rest_meta_database_error', 238 __( 'Could not delete meta value from database.' ), 239 array( 240 'key' => $name, 241 'status' => WP_Http::INTERNAL_SERVER_ERROR, 242 ) 243 ); 244 } 245 246 return true; 247 } 248 249 /** 250 * Updates multiple meta values for an object. 251 * 252 * Alters the list of values in the database to match the list of provided values. 253 * 254 * @since 4.7.0 255 * 256 * @param int $object_id Object ID to update. 257 * @param string $meta_key Key for the custom field. 258 * @param string $name Name for the field that is exposed in the REST API. 259 * @param array $values List of values to update to. 260 * @return true|WP_Error True if meta fields are updated, WP_Error otherwise. 261 */ 262 protected function update_multi_meta_value( $object_id, $meta_key, $name, $values ) { 263 $meta_type = $this->get_meta_type(); 264 265 if ( ! current_user_can( "edit_{$meta_type}_meta", $object_id, $meta_key ) ) { 266 return new WP_Error( 267 'rest_cannot_update', 268 /* translators: %s: Custom field key. */ 269 sprintf( __( 'Sorry, you are not allowed to edit the %s custom field.' ), $name ), 270 array( 271 'key' => $name, 272 'status' => rest_authorization_required_code(), 273 ) 274 ); 275 } 276 277 $current_values = get_metadata( $meta_type, $object_id, $meta_key, false ); 278 $subtype = get_object_subtype( $meta_type, $object_id ); 279 280 $to_remove = $current_values; 281 $to_add = $values; 282 283 foreach ( $to_add as $add_key => $value ) { 284 $remove_keys = array_keys( 285 array_filter( 286 $current_values, 287 function ( $stored_value ) use ( $meta_key, $subtype, $value ) { 288 return $this->is_meta_value_same_as_stored_value( $meta_key, $subtype, $stored_value, $value ); 289 } 290 ) 291 ); 292 293 if ( empty( $remove_keys ) ) { 294 continue; 295 } 296 297 if ( count( $remove_keys ) > 1 ) { 298 // To remove, we need to remove first, then add, so don't touch. 299 continue; 300 } 301 302 $remove_key = $remove_keys[0]; 303 304 unset( $to_remove[ $remove_key ] ); 305 unset( $to_add[ $add_key ] ); 306 } 307 308 /* 309 * `delete_metadata` removes _all_ instances of the value, so only call once. Otherwise, 310 * `delete_metadata` will return false for subsequent calls of the same value. 311 * Use serialization to produce a predictable string that can be used by array_unique. 312 */ 313 $to_remove = array_map( 'maybe_unserialize', array_unique( array_map( 'maybe_serialize', $to_remove ) ) ); 314 315 foreach ( $to_remove as $value ) { 316 if ( ! delete_metadata( $meta_type, $object_id, wp_slash( $meta_key ), wp_slash( $value ) ) ) { 317 return new WP_Error( 318 'rest_meta_database_error', 319 /* translators: %s: Custom field key. */ 320 sprintf( __( 'Could not update the meta value of %s in database.' ), $meta_key ), 321 array( 322 'key' => $name, 323 'status' => WP_Http::INTERNAL_SERVER_ERROR, 324 ) 325 ); 326 } 327 } 328 329 foreach ( $to_add as $value ) { 330 if ( ! add_metadata( $meta_type, $object_id, wp_slash( $meta_key ), wp_slash( $value ) ) ) { 331 return new WP_Error( 332 'rest_meta_database_error', 333 /* translators: %s: Custom field key. */ 334 sprintf( __( 'Could not update the meta value of %s in database.' ), $meta_key ), 335 array( 336 'key' => $name, 337 'status' => WP_Http::INTERNAL_SERVER_ERROR, 338 ) 339 ); 340 } 341 } 342 343 return true; 344 } 345 346 /** 347 * Updates a meta value for an object. 348 * 349 * @since 4.7.0 350 * 351 * @param int $object_id Object ID to update. 352 * @param string $meta_key Key for the custom field. 353 * @param string $name Name for the field that is exposed in the REST API. 354 * @param mixed $value Updated value. 355 * @return true|WP_Error True if the meta field was updated, WP_Error otherwise. 356 */ 357 protected function update_meta_value( $object_id, $meta_key, $name, $value ) { 358 $meta_type = $this->get_meta_type(); 359 360 if ( ! current_user_can( "edit_{$meta_type}_meta", $object_id, $meta_key ) ) { 361 return new WP_Error( 362 'rest_cannot_update', 363 /* translators: %s: Custom field key. */ 364 sprintf( __( 'Sorry, you are not allowed to edit the %s custom field.' ), $name ), 365 array( 366 'key' => $name, 367 'status' => rest_authorization_required_code(), 368 ) 369 ); 370 } 371 372 // Do the exact same check for a duplicate value as in update_metadata() to avoid update_metadata() returning false. 373 $old_value = get_metadata( $meta_type, $object_id, $meta_key ); 374 $subtype = get_object_subtype( $meta_type, $object_id ); 375 376 if ( 1 === count( $old_value ) && $this->is_meta_value_same_as_stored_value( $meta_key, $subtype, $old_value[0], $value ) ) { 377 return true; 378 } 379 380 if ( ! update_metadata( $meta_type, $object_id, wp_slash( $meta_key ), wp_slash( $value ) ) ) { 381 return new WP_Error( 382 'rest_meta_database_error', 383 /* translators: %s: Custom field key. */ 384 sprintf( __( 'Could not update the meta value of %s in database.' ), $meta_key ), 385 array( 386 'key' => $name, 387 'status' => WP_Http::INTERNAL_SERVER_ERROR, 388 ) 389 ); 390 } 391 392 return true; 393 } 394 395 /** 396 * Checks if the user provided value is equivalent to a stored value for the given meta key. 397 * 398 * @since 5.5.0 399 * 400 * @param string $meta_key The meta key being checked. 401 * @param string $subtype The object subtype. 402 * @param mixed $stored_value The currently stored value retrieved from get_metadata(). 403 * @param mixed $user_value The value provided by the user. 404 * @return bool 405 */ 406 protected function is_meta_value_same_as_stored_value( $meta_key, $subtype, $stored_value, $user_value ) { 407 $args = $this->get_registered_fields()[ $meta_key ]; 408 $sanitized = sanitize_meta( $meta_key, $user_value, $this->get_meta_type(), $subtype ); 409 410 if ( in_array( $args['type'], array( 'string', 'number', 'integer', 'boolean' ), true ) ) { 411 // The return value of get_metadata will always be a string for scalar types. 412 $sanitized = (string) $sanitized; 413 } 414 415 return $sanitized === $stored_value; 416 } 417 418 /** 419 * Retrieves all the registered meta fields. 420 * 421 * @since 4.7.0 422 * 423 * @return array Registered fields. 424 */ 425 protected function get_registered_fields() { 426 $registered = array(); 427 428 $meta_type = $this->get_meta_type(); 429 $meta_subtype = $this->get_meta_subtype(); 430 431 $meta_keys = get_registered_meta_keys( $meta_type ); 432 if ( ! empty( $meta_subtype ) ) { 433 $meta_keys = array_merge( $meta_keys, get_registered_meta_keys( $meta_type, $meta_subtype ) ); 434 } 435 436 foreach ( $meta_keys as $name => $args ) { 437 if ( empty( $args['show_in_rest'] ) ) { 438 continue; 439 } 440 441 $rest_args = array(); 442 443 if ( is_array( $args['show_in_rest'] ) ) { 444 $rest_args = $args['show_in_rest']; 445 } 446 447 $default_args = array( 448 'name' => $name, 449 'single' => $args['single'], 450 'type' => ! empty( $args['type'] ) ? $args['type'] : null, 451 'schema' => array(), 452 'prepare_callback' => array( $this, 'prepare_value' ), 453 ); 454 455 $default_schema = array( 456 'type' => $default_args['type'], 457 'description' => empty( $args['description'] ) ? '' : $args['description'], 458 'default' => isset( $args['default'] ) ? $args['default'] : null, 459 ); 460 461 $rest_args = array_merge( $default_args, $rest_args ); 462 $rest_args['schema'] = array_merge( $default_schema, $rest_args['schema'] ); 463 464 $type = ! empty( $rest_args['type'] ) ? $rest_args['type'] : null; 465 $type = ! empty( $rest_args['schema']['type'] ) ? $rest_args['schema']['type'] : $type; 466 467 if ( null === $rest_args['schema']['default'] ) { 468 $rest_args['schema']['default'] = static::get_empty_value_for_type( $type ); 469 } 470 471 $rest_args['schema'] = rest_default_additional_properties_to_false( $rest_args['schema'] ); 472 473 if ( ! in_array( $type, array( 'string', 'boolean', 'integer', 'number', 'array', 'object' ), true ) ) { 474 continue; 475 } 476 477 if ( empty( $rest_args['single'] ) ) { 478 $rest_args['schema'] = array( 479 'type' => 'array', 480 'items' => $rest_args['schema'], 481 ); 482 } 483 484 $registered[ $name ] = $rest_args; 485 } 486 487 return $registered; 488 } 489 490 /** 491 * Retrieves the object's meta schema, conforming to JSON Schema. 492 * 493 * @since 4.7.0 494 * 495 * @return array Field schema data. 496 */ 497 public function get_field_schema() { 498 $fields = $this->get_registered_fields(); 499 500 $schema = array( 501 'description' => __( 'Meta fields.' ), 502 'type' => 'object', 503 'context' => array( 'view', 'edit' ), 504 'properties' => array(), 505 'arg_options' => array( 506 'sanitize_callback' => null, 507 'validate_callback' => array( $this, 'check_meta_is_array' ), 508 ), 509 ); 510 511 foreach ( $fields as $args ) { 512 $schema['properties'][ $args['name'] ] = $args['schema']; 513 } 514 515 return $schema; 516 } 517 518 /** 519 * Prepares a meta value for output. 520 * 521 * Default preparation for meta fields. Override by passing the 522 * `prepare_callback` in your `show_in_rest` options. 523 * 524 * @since 4.7.0 525 * 526 * @param mixed $value Meta value from the database. 527 * @param WP_REST_Request $request Request object. 528 * @param array $args REST-specific options for the meta key. 529 * @return mixed Value prepared for output. If a non-JsonSerializable object, null. 530 */ 531 public static function prepare_value( $value, $request, $args ) { 532 if ( $args['single'] ) { 533 $schema = $args['schema']; 534 } else { 535 $schema = $args['schema']['items']; 536 } 537 538 if ( '' === $value && in_array( $schema['type'], array( 'boolean', 'integer', 'number' ), true ) ) { 539 $value = static::get_empty_value_for_type( $schema['type'] ); 540 } 541 542 if ( is_wp_error( rest_validate_value_from_schema( $value, $schema ) ) ) { 543 return null; 544 } 545 546 return rest_sanitize_value_from_schema( $value, $schema ); 547 } 548 549 /** 550 * Check the 'meta' value of a request is an associative array. 551 * 552 * @since 4.7.0 553 * 554 * @param mixed $value The meta value submitted in the request. 555 * @param WP_REST_Request $request Full details about the request. 556 * @param string $param The parameter name. 557 * @return array|false The meta array, if valid, false otherwise. 558 */ 559 public function check_meta_is_array( $value, $request, $param ) { 560 if ( ! is_array( $value ) ) { 561 return false; 562 } 563 564 return $value; 565 } 566 567 /** 568 * Recursively add additionalProperties = false to all objects in a schema if no additionalProperties setting 569 * is specified. 570 * 571 * This is needed to restrict properties of objects in meta values to only 572 * registered items, as the REST API will allow additional properties by 573 * default. 574 * 575 * @since 5.3.0 576 * @deprecated 5.6.0 Use rest_default_additional_properties_to_false() instead. 577 * 578 * @param array $schema The schema array. 579 * @return array 580 */ 581 protected function default_additional_properties_to_false( $schema ) { 582 _deprecated_function( __METHOD__, '5.6.0', 'rest_default_additional_properties_to_false()' ); 583 584 return rest_default_additional_properties_to_false( $schema ); 585 } 586 587 /** 588 * Gets the empty value for a schema type. 589 * 590 * @since 5.3.0 591 * 592 * @param string $type The schema type. 593 * @return mixed 594 */ 595 protected static function get_empty_value_for_type( $type ) { 596 switch ( $type ) { 597 case 'string': 598 return ''; 599 case 'boolean': 600 return false; 601 case 'integer': 602 return 0; 603 case 'number': 604 return 0.0; 605 case 'array': 606 case 'object': 607 return array(); 608 default: 609 return null; 610 } 611 } 612 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Jan 20 01:00:03 2021 | Cross-referenced by PHPXref 0.7.1 |