Changeset 60820
- Timestamp:
- 09/30/2025 05:00:33 PM (8 weeks ago)
- Location:
- branches/6.6
- Files:
-
- 11 edited
-
. (modified) (1 prop)
-
src/js/_enqueues/lib/nav-menu.js (modified) (4 diffs)
-
src/js/_enqueues/wp/customize/nav-menus.js (modified) (2 diffs)
-
src/wp-includes/class-wp-customize-nav-menus.php (modified) (3 diffs)
-
src/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php (modified) (12 diffs)
-
src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php (modified) (1 diff)
-
src/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php (modified) (1 diff)
-
src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php (modified) (4 diffs)
-
tests/phpunit/tests/customize/nav-menu-item-setting.php (modified) (2 diffs)
-
tests/phpunit/tests/customize/nav-menus.php (modified) (4 diffs)
-
tests/phpunit/tests/rest-api/rest-users-controller.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
branches/6.6
- Property svn:mergeinfo changed
/trunk merged: 60814-60816
- Property svn:mergeinfo changed
-
branches/6.6/src/js/_enqueues/lib/nav-menu.js
r58306 r60820 1016 1016 1017 1017 if ( this.checked === true ) { 1018 $( '#pending-menu-items-to-delete ul' ).append( 1019 '<li data-menu-item-id="' + menuItemID + '">' + 1020 '<span class="pending-menu-item-name">' + menuItemName + '</span> ' + 1021 '<span class="pending-menu-item-type">(' + menuItemType + ')</span>' + 1022 '<span class="separator"></span>' + 1023 '</li>' 1024 ); 1018 const $li = $( '<li>', { 'data-menu-item-id': menuItemID } ); 1019 $li.append( $( '<span>', { 1020 'class': 'pending-menu-item-name', 1021 text: menuItemName 1022 } ) ); 1023 $li.append( ' ' ); 1024 $li.append( $( '<span>', { 1025 'class': 'pending-menu-item-type', 1026 text: '(' + menuItemType + ')', 1027 } ) ); 1028 $li.append( $( '<span>', { 'class': 'separator' } ) ); 1029 $( '#pending-menu-items-to-delete ul' ).append( $li ); 1025 1030 } 1026 1031 … … 1411 1416 1412 1417 eventOnClickMenuSave : function() { 1413 var locs = '', 1414 menuName = $('#menu-name'), 1415 menuNameVal = menuName.val(); 1418 var menuName = $('#menu-name'), 1419 menuNameVal = menuName.val(); 1416 1420 1417 1421 // Cancel and warn if invalid menu name. … … 1421 1425 } 1422 1426 // Copy menu theme locations. 1427 // Note: This appears to be dead code since #nav-menu-theme-locations no longer exists, perhaps removed in r32842. 1428 var $updateNavMenu = $('#update-nav-menu'); 1423 1429 $('#nav-menu-theme-locations select').each(function() { 1424 locs += '<input type="hidden" name="' + this.name + '" value="' + $(this).val() + '" />'; 1425 }); 1426 $('#update-nav-menu').append( locs ); 1430 $updateNavMenu.append( 1431 $( '<input>', { 1432 type: 'hidden', 1433 name: this.name, 1434 value: $( this ).val(), 1435 } ) 1436 ); 1437 }); 1427 1438 // Update menu item position data. 1428 1439 api.menuList.find('.menu-item-data-position').val( function(index) { return index + 1; } ); … … 1467 1478 1468 1479 if( ! $items.length ) { 1469 $('.categorychecklist', panel).html( '<li><p>' + wp.i18n.__( 'No results found.' ) + '</p></li>' ); 1480 const li = $( '<li>' ); 1481 const p = $( '<p>', { text: wp.i18n.__( 'No results found.' ) } ); 1482 li.append( p ); 1483 $('.categorychecklist', panel).empty().append( li ); 1470 1484 $( '.spinner', panel ).removeClass( 'is-active' ); 1471 1485 wrapper.addClass( 'has-no-menu-item' ); -
branches/6.6/src/js/_enqueues/wp/customize/nav-menus.js
r58306 r60820 527 527 } 528 528 529 this.currentMenuControl.addItemToMenu( menu_item.attributes ); 529 // Leave the title as empty to reuse the original title as a placeholder if set. 530 var nav_menu_item = Object.assign( {}, menu_item.attributes ); 531 if ( nav_menu_item.title === nav_menu_item.original_title ) { 532 nav_menu_item.title = ''; 533 } 534 535 this.currentMenuControl.addItemToMenu( nav_menu_item ); 530 536 531 537 $( menuitemTpl ).find( '.menu-item-handle' ).addClass( 'item-added' ); … … 3109 3115 { 3110 3116 nav_menu_term_id: menuControl.params.menu_id, 3111 original_title: item.title,3112 3117 position: position 3113 3118 } -
branches/6.6/src/wp-includes/class-wp-customize-nav-menus.php
r58306 r60820 192 192 } elseif ( 'post' !== $object_name && 0 === $page && $post_type->has_archive ) { 193 193 // Add a post type archive link. 194 $title = $post_type->labels->archives; 194 195 $items[] = array( 195 'id' => $object_name . '-archive', 196 'title' => $post_type->labels->archives, 197 'type' => 'post_type_archive', 198 'type_label' => __( 'Post Type Archive' ), 199 'object' => $object_name, 200 'url' => get_post_type_archive_link( $object_name ), 196 'id' => $object_name . '-archive', 197 'title' => $title, 198 'original_title' => $title, 199 'type' => 'post_type_archive', 200 'type_label' => __( 'Post Type Archive' ), 201 'object' => $object_name, 202 'url' => get_post_type_archive_link( $object_name ), 201 203 ); 202 204 } … … 245 247 } 246 248 249 $title = html_entity_decode( $post_title, ENT_QUOTES, get_bloginfo( 'charset' ) ); 247 250 $items[] = array( 248 'id' => "post-{$post->ID}", 249 'title' => html_entity_decode( $post_title, ENT_QUOTES, get_bloginfo( 'charset' ) ), 250 'type' => 'post_type', 251 'type_label' => $post_type_label, 252 'object' => $post->post_type, 253 'object_id' => (int) $post->ID, 254 'url' => get_permalink( (int) $post->ID ), 251 'id' => "post-{$post->ID}", 252 'title' => $title, 253 'original_title' => $title, 254 'type' => 'post_type', 255 'type_label' => $post_type_label, 256 'object' => $post->post_type, 257 'object_id' => (int) $post->ID, 258 'url' => get_permalink( (int) $post->ID ), 255 259 ); 256 260 } … … 277 281 278 282 foreach ( $terms as $term ) { 283 $title = html_entity_decode( $term->name, ENT_QUOTES, get_bloginfo( 'charset' ) ); 279 284 $items[] = array( 280 'id' => "term-{$term->term_id}", 281 'title' => html_entity_decode( $term->name, ENT_QUOTES, get_bloginfo( 'charset' ) ), 282 'type' => 'taxonomy', 283 'type_label' => get_taxonomy( $term->taxonomy )->labels->singular_name, 284 'object' => $term->taxonomy, 285 'object_id' => (int) $term->term_id, 286 'url' => get_term_link( (int) $term->term_id, $term->taxonomy ), 285 'id' => "term-{$term->term_id}", 286 'title' => $title, 287 'original_title' => $title, 288 'type' => 'taxonomy', 289 'type_label' => get_taxonomy( $term->taxonomy )->labels->singular_name, 290 'object' => $term->taxonomy, 291 'object_id' => (int) $term->term_id, 292 'url' => get_term_link( (int) $term->term_id, $term->taxonomy ), 287 293 ); 288 294 } -
branches/6.6/src/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php
r56548 r60820 57 57 'xfn' => '', 58 58 'status' => 'publish', 59 'original_title' => '',60 59 'nav_menu_term_id' => 0, // This will be supplied as the $menu_id arg for wp_update_nav_menu_item(). 61 60 '_invalid' => false, … … 211 210 */ 212 211 public function value() { 212 $type_label = null; 213 213 if ( $this->is_previewed && get_current_blog_id() === $this->_previewed_blog_id ) { 214 214 $undefined = new stdClass(); // Symbol. … … 219 219 } else { 220 220 $value = $post_value; 221 }222 if ( ! empty( $value ) && empty( $value['original_title'] ) ) {223 $value['original_title'] = $this->get_original_title( (object) $value );224 221 } 225 222 } elseif ( isset( $this->value ) ) { … … 234 231 $is_title_empty = empty( $post->post_title ); 235 232 $value = (array) wp_setup_nav_menu_item( $post ); 233 if ( isset( $value['type_label'] ) ) { 234 $type_label = $value['type_label']; 235 } 236 236 if ( $is_title_empty ) { 237 237 $value['title'] = ''; … … 250 250 } 251 251 252 if ( ! empty( $value ) && empty( $value['type_label'] ) ) { 253 $value['type_label'] = $this->get_type_label( (object) $value ); 252 // These properties are read-only and are part of the setting for use in the Customizer UI. 253 if ( is_array( $value ) ) { 254 $value_obj = (object) $value; 255 $value['type_label'] = isset( $type_label ) ? $type_label : $this->get_type_label( $value_obj ); 256 $value['original_title'] = $this->get_original_title( $value_obj ); 254 257 } 255 258 … … 258 261 259 262 /** 263 * Prepares the value for editing on the client. 264 * 265 * @since 6.8.3 266 * 267 * @return array|false Value prepared for the client. 268 */ 269 public function js_value() { 270 $value = parent::js_value(); 271 if ( is_array( $value ) && isset( $value['original_title'] ) ) { 272 // Decode entities for the sake of displaying the original title as a placeholder. 273 $value['original_title'] = html_entity_decode( $value['original_title'], ENT_QUOTES, get_bloginfo( 'charset' ) ); 274 } 275 return $value; 276 } 277 278 /** 260 279 * Get original title. 261 280 * … … 263 282 * 264 283 * @param object $item Nav menu item. 265 * @return string The original title .284 * @return string The original title, without entity decoding. 266 285 */ 267 286 protected function get_original_title( $item ) { … … 289 308 } 290 309 } 291 $original_title = html_entity_decode( $original_title, ENT_QUOTES, get_bloginfo( 'charset' ) );292 310 return $original_title; 293 311 } … … 345 363 $this->value['status'] = $this->value['post_status']; 346 364 unset( $this->value['post_status'] ); 347 }348 349 if ( ! isset( $this->value['original_title'] ) ) {350 $this->value['original_title'] = $this->get_original_title( (object) $this->value );351 365 } 352 366 … … 595 609 unset( $item->position ); 596 610 597 if ( empty( $item->original_title ) ) {598 $item->original_title = $this->get_original_title( $item );599 }600 611 if ( empty( $item->title ) && ! empty( $item->original_title ) ) { 601 $item->title = $item->original_title; 612 $item->title = $item->original_title; // This is NOT entity-decoded. It comes from self::get_original_title(). 602 613 } 603 614 if ( $item->title ) { … … 655 666 * @since 5.9.0 Renamed `$menu_item_value` to `$value` for PHP 8 named parameter support. 656 667 * 657 * @param array $value The menu item value to sanitize.668 * @param array|false $value The menu item value to sanitize. 658 669 * @return array|false|null|WP_Error Null or WP_Error if an input isn't valid. False if it is marked for deletion. 659 670 * Otherwise the sanitized value. … … 712 723 } 713 724 714 $menu_item_value['original_title'] = sanitize_text_field( $menu_item_value['original_title'] );715 716 725 // Apply the same filters as when calling wp_insert_post(). 717 726 -
branches/6.6/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php
r58326 r60820 385 385 386 386 foreach ( $query_result as $post ) { 387 if ( ! $this->check_read_permission( $post ) ) { 387 if ( 'edit' === $request['context'] ) { 388 $permission = $this->check_update_permission( $post ); 389 } else { 390 $permission = $this->check_read_permission( $post ); 391 } 392 393 if ( ! $permission ) { 388 394 continue; 389 395 } -
branches/6.6/src/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php
r57648 r60820 341 341 342 342 foreach ( $query_result as $term ) { 343 if ( 'edit' === $request['context'] && ! current_user_can( 'edit_term', $term->term_id ) ) { 344 continue; 345 } 346 343 347 $data = $this->prepare_item_for_response( $term, $request ); 344 348 $response[] = $this->prepare_response_for_collection( $data ); -
branches/6.6/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
r58408 r60820 221 221 return new WP_Error( 222 222 'rest_forbidden_context', 223 __( 'Sorry, you are not allowed to list users.' ),223 __( 'Sorry, you are not allowed to edit users.' ), 224 224 array( 'status' => rest_authorization_required_code() ) 225 225 ); … … 351 351 352 352 foreach ( $query->results as $user ) { 353 if ( 'edit' === $request['context'] && ! current_user_can( 'edit_user', $user->ID ) ) { 354 continue; 355 } 356 353 357 $data = $this->prepare_item_for_response( $user, $request ); 354 358 $users[] = $this->prepare_response_for_collection( $data ); … … 450 454 } 451 455 452 if ( 'edit' === $request['context'] && ! current_user_can( ' list_users') ) {453 return new WP_Error( 454 'rest_ user_cannot_view',455 __( 'Sorry, you are not allowed to list users.' ),456 if ( 'edit' === $request['context'] && ! current_user_can( 'edit_user', $user->ID ) ) { 457 return new WP_Error( 458 'rest_forbidden_context', 459 __( 'Sorry, you are not allowed to edit this user.' ), 456 460 array( 'status' => rest_authorization_required_code() ) 457 461 ); 458 } elseif ( ! count_user_posts( $user->ID, $types ) && ! current_user_can( 'edit_user', $user->ID ) && ! current_user_can( 'list_users' ) ) { 462 } 463 464 if ( ! current_user_can( 'edit_user', $user->ID ) && ! current_user_can( 'list_users' ) && ! count_user_posts( $user->ID, $types ) ) { 459 465 return new WP_Error( 460 466 'rest_user_cannot_view', … … 1051 1057 } 1052 1058 1053 if ( in_array( 'roles', $fields, true ) ) {1059 if ( in_array( 'roles', $fields, true ) && ( current_user_can( 'list_users' ) || current_user_can( 'edit_user', $user->ID ) ) ) { 1054 1060 // Defensively call array_values() to ensure an array is returned. 1055 1061 $data['roles'] = array_values( $user->roles ); -
branches/6.6/tests/phpunit/tests/customize/nav-menu-item-setting.php
r56421 r60820 90 90 'xfn' => '', 91 91 'status' => 'publish', 92 'original_title' => '',93 92 'nav_menu_term_id' => 0, 94 93 '_invalid' => false, … … 582 581 'xfn' => 'hello inject', 583 582 'status' => 'draft', 584 'original_title' => 'Hi ',583 'original_title' => 'Hi<script>unfilteredHtml()</script>', 585 584 'nav_menu_term_id' => 0, 586 585 ); -
branches/6.6/tests/phpunit/tests/customize/nav-menus.php
r56548 r60820 169 169 // Expected menu item array. 170 170 $expected = array( 171 'id' => "post-{$post_id}", 172 'title' => 'Post Title', 173 'type' => 'post_type', 174 'type_label' => 'Post', 175 'object' => 'post', 176 'object_id' => (int) $post_id, 177 'url' => get_permalink( (int) $post_id ), 171 'id' => "post-{$post_id}", 172 'title' => 'Post Title', 173 'original_title' => 'Post Title', 174 'type' => 'post_type', 175 'type_label' => 'Post', 176 'object' => 'post', 177 'object_id' => (int) $post_id, 178 'url' => get_permalink( (int) $post_id ), 178 179 ); 179 180 … … 201 202 // Expected menu item array. 202 203 $expected = array( 203 'id' => "post-{$page_id}", 204 'title' => 'Page Title', 205 'type' => 'post_type', 206 'type_label' => 'Page', 207 'object' => 'page', 208 'object_id' => (int) $page_id, 209 'url' => get_permalink( (int) $page_id ), 204 'id' => "post-{$page_id}", 205 'title' => 'Page Title', 206 'original_title' => 'Page Title', 207 'type' => 'post_type', 208 'type_label' => 'Page', 209 'object' => 'page', 210 'object_id' => (int) $page_id, 211 'url' => get_permalink( (int) $page_id ), 210 212 ); 211 213 … … 227 229 // Expected menu item array. 228 230 $expected = array( 229 'id' => "post-{$post_id}", 230 'title' => 'Post Title', 231 'type' => 'post_type', 232 'type_label' => 'Post', 233 'object' => 'post', 234 'object_id' => (int) $post_id, 235 'url' => get_permalink( (int) $post_id ), 231 'id' => "post-{$post_id}", 232 'title' => 'Post Title', 233 'original_title' => 'Post Title', 234 'type' => 'post_type', 235 'type_label' => 'Post', 236 'object' => 'post', 237 'object_id' => (int) $post_id, 238 'url' => get_permalink( (int) $post_id ), 236 239 ); 237 240 … … 253 256 // Expected menu item array. 254 257 $expected = array( 255 'id' => "term-{$term_id}", 256 'title' => 'Term Title', 257 'type' => 'taxonomy', 258 'type_label' => 'Category', 259 'object' => 'category', 260 'object_id' => (int) $term_id, 261 'url' => get_term_link( (int) $term_id, 'category' ), 258 'id' => "term-{$term_id}", 259 'title' => 'Term Title', 260 'original_title' => 'Term Title', 261 'type' => 'taxonomy', 262 'type_label' => 'Category', 263 'object' => 'category', 264 'object_id' => (int) $term_id, 265 'url' => get_term_link( (int) $term_id, 'category' ), 262 266 ); 263 267 -
branches/6.6/tests/phpunit/tests/rest-api/rest-users-controller.php
r58283 r60820 1205 1205 $request->set_param( 'context', 'edit' ); 1206 1206 $response = rest_get_server()->dispatch( $request ); 1207 $this->assertErrorResponse( 'rest_ user_cannot_view', $response, 401 );1207 $this->assertErrorResponse( 'rest_forbidden_context', $response, 401 ); 1208 1208 } 1209 1209
Note: See TracChangeset
for help on using the changeset viewer.