3 * REST API: WP_REST_Post_Statuses_Controller class
11 * Core class used to access post statuses via the REST API.
15 * @see WP_REST_Controller
17 class WP_REST_Post_Statuses_Controller extends WP_REST_Controller {
25 public function __construct() {
26 $this->namespace = 'wp/v2';
27 $this->rest_base = 'statuses';
31 * Registers the routes for the objects of the controller.
36 * @see register_rest_route()
38 public function register_routes() {
40 register_rest_route( $this->namespace, '/' . $this->rest_base, array(
42 'methods' => WP_REST_Server::READABLE,
43 'callback' => array( $this, 'get_items' ),
44 'permission_callback' => array( $this, 'get_items_permissions_check' ),
45 'args' => $this->get_collection_params(),
47 'schema' => array( $this, 'get_public_item_schema' ),
50 register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P<status>[\w-]+)', array(
53 'description' => __( 'An alphanumeric identifier for the status.' ),
58 'methods' => WP_REST_Server::READABLE,
59 'callback' => array( $this, 'get_item' ),
60 'permission_callback' => array( $this, 'get_item_permissions_check' ),
62 'context' => $this->get_context_param( array( 'default' => 'view' ) ),
65 'schema' => array( $this, 'get_public_item_schema' ),
70 * Checks whether a given request has permission to read post statuses.
75 * @param WP_REST_Request $request Full details about the request.
76 * @return WP_Error|bool True if the request has read access, WP_Error object otherwise.
78 public function get_items_permissions_check( $request ) {
79 if ( 'edit' === $request['context'] ) {
80 $types = get_post_types( array( 'show_in_rest' => true ), 'objects' );
82 foreach ( $types as $type ) {
83 if ( current_user_can( $type->cap->edit_posts ) ) {
87 return new WP_Error( 'rest_cannot_view', __( 'Sorry, you are not allowed to edit posts in this post type.' ), array( 'status' => rest_authorization_required_code() ) );
94 * Retrieves all post statuses, depending on user context.
99 * @param WP_REST_Request $request Full details about the request.
100 * @return WP_Error|WP_REST_Response Response object on success, or WP_Error object on failure.
102 public function get_items( $request ) {
104 $statuses = get_post_stati( array( 'internal' => false ), 'object' );
105 $statuses['trash'] = get_post_status_object( 'trash' );
107 foreach ( $statuses as $slug => $obj ) {
108 $ret = $this->check_read_permission( $obj );
114 $status = $this->prepare_item_for_response( $obj, $request );
115 $data[ $obj->name ] = $this->prepare_response_for_collection( $status );
118 return rest_ensure_response( $data );
122 * Checks if a given request has access to read a post status.
127 * @param WP_REST_Request $request Full details about the request.
128 * @return WP_Error|bool True if the request has read access for the item, WP_Error object otherwise.
130 public function get_item_permissions_check( $request ) {
131 $status = get_post_status_object( $request['status'] );
133 if ( empty( $status ) ) {
134 return new WP_Error( 'rest_status_invalid', __( 'Invalid status.' ), array( 'status' => 404 ) );
137 $check = $this->check_read_permission( $status );
140 return new WP_Error( 'rest_cannot_read_status', __( 'Cannot view status.' ), array( 'status' => rest_authorization_required_code() ) );
147 * Checks whether a given post status should be visible.
152 * @param object $status Post status.
153 * @return bool True if the post status is visible, otherwise false.
155 protected function check_read_permission( $status ) {
156 if ( true === $status->public ) {
160 if ( false === $status->internal || 'trash' === $status->name ) {
161 $types = get_post_types( array( 'show_in_rest' => true ), 'objects' );
163 foreach ( $types as $type ) {
164 if ( current_user_can( $type->cap->edit_posts ) ) {
174 * Retrieves a specific post status.
179 * @param WP_REST_Request $request Full details about the request.
180 * @return WP_Error|WP_REST_Response Response object on success, or WP_Error object on failure.
182 public function get_item( $request ) {
183 $obj = get_post_status_object( $request['status'] );
185 if ( empty( $obj ) ) {
186 return new WP_Error( 'rest_status_invalid', __( 'Invalid status.' ), array( 'status' => 404 ) );
189 $data = $this->prepare_item_for_response( $obj, $request );
191 return rest_ensure_response( $data );
195 * Prepares a post status object for serialization.
200 * @param stdClass $status Post status data.
201 * @param WP_REST_Request $request Full details about the request.
202 * @return WP_REST_Response Post status data.
204 public function prepare_item_for_response( $status, $request ) {
207 'name' => $status->label,
208 'private' => (bool) $status->private,
209 'protected' => (bool) $status->protected,
210 'public' => (bool) $status->public,
211 'queryable' => (bool) $status->publicly_queryable,
212 'show_in_list' => (bool) $status->show_in_admin_all_list,
213 'slug' => $status->name,
216 $context = ! empty( $request['context'] ) ? $request['context'] : 'view';
217 $data = $this->add_additional_fields_to_object( $data, $request );
218 $data = $this->filter_response_by_context( $data, $context );
220 $response = rest_ensure_response( $data );
222 if ( 'publish' === $status->name ) {
223 $response->add_link( 'archives', rest_url( 'wp/v2/posts' ) );
225 $response->add_link( 'archives', add_query_arg( 'status', $status->name, rest_url( 'wp/v2/posts' ) ) );
229 * Filters a status returned from the REST API.
231 * Allows modification of the status data right before it is returned.
235 * @param WP_REST_Response $response The response object.
236 * @param object $status The original status object.
237 * @param WP_REST_Request $request Request used to generate the response.
239 return apply_filters( 'rest_prepare_status', $response, $status, $request );
243 * Retrieves the post status' schema, conforming to JSON Schema.
248 * @return array Item schema data.
250 public function get_item_schema() {
252 '$schema' => 'http://json-schema.org/schema#',
255 'properties' => array(
257 'description' => __( 'The title for the status.' ),
259 'context' => array( 'embed', 'view', 'edit' ),
263 'description' => __( 'Whether posts with this status should be private.' ),
265 'context' => array( 'edit' ),
268 'protected' => array(
269 'description' => __( 'Whether posts with this status should be protected.' ),
271 'context' => array( 'edit' ),
275 'description' => __( 'Whether posts of this status should be shown in the front end of the site.' ),
277 'context' => array( 'view', 'edit' ),
280 'queryable' => array(
281 'description' => __( 'Whether posts with this status should be publicly-queryable.' ),
283 'context' => array( 'view', 'edit' ),
286 'show_in_list' => array(
287 'description' => __( 'Whether to include posts in the edit listing for their post type.' ),
289 'context' => array( 'edit' ),
293 'description' => __( 'An alphanumeric identifier for the status.' ),
295 'context' => array( 'embed', 'view', 'edit' ),
301 return $this->add_additional_fields_schema( $schema );
305 * Retrieves the query params for collections.
310 * @return array Collection parameters.
312 public function get_collection_params() {
314 'context' => $this->get_context_param( array( 'default' => 'view' ) ),