Changeset 60821
- Timestamp:
- 09/30/2025 05:00:43 PM (8 weeks ago)
- Location:
- branches/6.5
- Files:
-
- 11 edited
-
. (modified) (1 prop)
-
src/js/_enqueues/lib/nav-menu.js (modified) (4 diffs)
-
src/js/_enqueues/wp/customize/nav-menus.js (modified) (2 diffs)
-
src/wp-includes/class-wp-customize-nav-menus.php (modified) (3 diffs)
-
src/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php (modified) (12 diffs)
-
src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php (modified) (1 diff)
-
src/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php (modified) (1 diff)
-
src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php (modified) (4 diffs)
-
tests/phpunit/tests/customize/nav-menu-item-setting.php (modified) (2 diffs)
-
tests/phpunit/tests/customize/nav-menus.php (modified) (4 diffs)
-
tests/phpunit/tests/rest-api/rest-users-controller.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
branches/6.5
- Property svn:mergeinfo changed
/trunk merged: 60814-60816
- Property svn:mergeinfo changed
-
branches/6.5/src/js/_enqueues/lib/nav-menu.js
r54855 r60821 1010 1010 1011 1011 if ( this.checked === true ) { 1012 $( '#pending-menu-items-to-delete ul' ).append( 1013 '<li data-menu-item-id="' + menuItemID + '">' + 1014 '<span class="pending-menu-item-name">' + menuItemName + '</span> ' + 1015 '<span class="pending-menu-item-type">(' + menuItemType + ')</span>' + 1016 '<span class="separator"></span>' + 1017 '</li>' 1018 ); 1012 const $li = $( '<li>', { 'data-menu-item-id': menuItemID } ); 1013 $li.append( $( '<span>', { 1014 'class': 'pending-menu-item-name', 1015 text: menuItemName 1016 } ) ); 1017 $li.append( ' ' ); 1018 $li.append( $( '<span>', { 1019 'class': 'pending-menu-item-type', 1020 text: '(' + menuItemType + ')', 1021 } ) ); 1022 $li.append( $( '<span>', { 'class': 'separator' } ) ); 1023 $( '#pending-menu-items-to-delete ul' ).append( $li ); 1019 1024 } 1020 1025 … … 1405 1410 1406 1411 eventOnClickMenuSave : function() { 1407 var locs = '', 1408 menuName = $('#menu-name'), 1409 menuNameVal = menuName.val(); 1412 var menuName = $('#menu-name'), 1413 menuNameVal = menuName.val(); 1410 1414 1411 1415 // Cancel and warn if invalid menu name. … … 1415 1419 } 1416 1420 // Copy menu theme locations. 1421 // Note: This appears to be dead code since #nav-menu-theme-locations no longer exists, perhaps removed in r32842. 1422 var $updateNavMenu = $('#update-nav-menu'); 1417 1423 $('#nav-menu-theme-locations select').each(function() { 1418 locs += '<input type="hidden" name="' + this.name + '" value="' + $(this).val() + '" />'; 1419 }); 1420 $('#update-nav-menu').append( locs ); 1424 $updateNavMenu.append( 1425 $( '<input>', { 1426 type: 'hidden', 1427 name: this.name, 1428 value: $( this ).val(), 1429 } ) 1430 ); 1431 }); 1421 1432 // Update menu item position data. 1422 1433 api.menuList.find('.menu-item-data-position').val( function(index) { return index + 1; } ); … … 1461 1472 1462 1473 if( ! $items.length ) { 1463 $('.categorychecklist', panel).html( '<li><p>' + wp.i18n.__( 'No results found.' ) + '</p></li>' ); 1474 const li = $( '<li>' ); 1475 const p = $( '<p>', { text: wp.i18n.__( 'No results found.' ) } ); 1476 li.append( p ); 1477 $('.categorychecklist', panel).empty().append( li ); 1464 1478 $( '.spinner', panel ).removeClass( 'is-active' ); 1465 1479 wrapper.addClass( 'has-no-menu-item' ); -
branches/6.5/src/js/_enqueues/wp/customize/nav-menus.js
r57746 r60821 527 527 } 528 528 529 this.currentMenuControl.addItemToMenu( menu_item.attributes ); 529 // Leave the title as empty to reuse the original title as a placeholder if set. 530 var nav_menu_item = Object.assign( {}, menu_item.attributes ); 531 if ( nav_menu_item.title === nav_menu_item.original_title ) { 532 nav_menu_item.title = ''; 533 } 534 535 this.currentMenuControl.addItemToMenu( nav_menu_item ); 530 536 531 537 $( menuitemTpl ).find( '.menu-item-handle' ).addClass( 'item-added' ); … … 3034 3040 { 3035 3041 nav_menu_term_id: menuControl.params.menu_id, 3036 original_title: item.title,3037 3042 position: position 3038 3043 } -
branches/6.5/src/wp-includes/class-wp-customize-nav-menus.php
r57644 r60821 192 192 } elseif ( 'post' !== $object_name && 0 === $page && $post_type->has_archive ) { 193 193 // Add a post type archive link. 194 $title = $post_type->labels->archives; 194 195 $items[] = array( 195 'id' => $object_name . '-archive', 196 'title' => $post_type->labels->archives, 197 'type' => 'post_type_archive', 198 'type_label' => __( 'Post Type Archive' ), 199 'object' => $object_name, 200 'url' => get_post_type_archive_link( $object_name ), 196 'id' => $object_name . '-archive', 197 'title' => $title, 198 'original_title' => $title, 199 'type' => 'post_type_archive', 200 'type_label' => __( 'Post Type Archive' ), 201 'object' => $object_name, 202 'url' => get_post_type_archive_link( $object_name ), 201 203 ); 202 204 } … … 245 247 } 246 248 249 $title = html_entity_decode( $post_title, ENT_QUOTES, get_bloginfo( 'charset' ) ); 247 250 $items[] = array( 248 'id' => "post-{$post->ID}", 249 'title' => html_entity_decode( $post_title, ENT_QUOTES, get_bloginfo( 'charset' ) ), 250 'type' => 'post_type', 251 'type_label' => $post_type_label, 252 'object' => $post->post_type, 253 'object_id' => (int) $post->ID, 254 'url' => get_permalink( (int) $post->ID ), 251 'id' => "post-{$post->ID}", 252 'title' => $title, 253 'original_title' => $title, 254 'type' => 'post_type', 255 'type_label' => $post_type_label, 256 'object' => $post->post_type, 257 'object_id' => (int) $post->ID, 258 'url' => get_permalink( (int) $post->ID ), 255 259 ); 256 260 } … … 277 281 278 282 foreach ( $terms as $term ) { 283 $title = html_entity_decode( $term->name, ENT_QUOTES, get_bloginfo( 'charset' ) ); 279 284 $items[] = array( 280 'id' => "term-{$term->term_id}", 281 'title' => html_entity_decode( $term->name, ENT_QUOTES, get_bloginfo( 'charset' ) ), 282 'type' => 'taxonomy', 283 'type_label' => get_taxonomy( $term->taxonomy )->labels->singular_name, 284 'object' => $term->taxonomy, 285 'object_id' => (int) $term->term_id, 286 'url' => get_term_link( (int) $term->term_id, $term->taxonomy ), 285 'id' => "term-{$term->term_id}", 286 'title' => $title, 287 'original_title' => $title, 288 'type' => 'taxonomy', 289 'type_label' => get_taxonomy( $term->taxonomy )->labels->singular_name, 290 'object' => $term->taxonomy, 291 'object_id' => (int) $term->term_id, 292 'url' => get_term_link( (int) $term->term_id, $term->taxonomy ), 287 293 ); 288 294 } -
branches/6.5/src/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php
r56548 r60821 57 57 'xfn' => '', 58 58 'status' => 'publish', 59 'original_title' => '',60 59 'nav_menu_term_id' => 0, // This will be supplied as the $menu_id arg for wp_update_nav_menu_item(). 61 60 '_invalid' => false, … … 211 210 */ 212 211 public function value() { 212 $type_label = null; 213 213 if ( $this->is_previewed && get_current_blog_id() === $this->_previewed_blog_id ) { 214 214 $undefined = new stdClass(); // Symbol. … … 219 219 } else { 220 220 $value = $post_value; 221 }222 if ( ! empty( $value ) && empty( $value['original_title'] ) ) {223 $value['original_title'] = $this->get_original_title( (object) $value );224 221 } 225 222 } elseif ( isset( $this->value ) ) { … … 234 231 $is_title_empty = empty( $post->post_title ); 235 232 $value = (array) wp_setup_nav_menu_item( $post ); 233 if ( isset( $value['type_label'] ) ) { 234 $type_label = $value['type_label']; 235 } 236 236 if ( $is_title_empty ) { 237 237 $value['title'] = ''; … … 250 250 } 251 251 252 if ( ! empty( $value ) && empty( $value['type_label'] ) ) { 253 $value['type_label'] = $this->get_type_label( (object) $value ); 252 // These properties are read-only and are part of the setting for use in the Customizer UI. 253 if ( is_array( $value ) ) { 254 $value_obj = (object) $value; 255 $value['type_label'] = isset( $type_label ) ? $type_label : $this->get_type_label( $value_obj ); 256 $value['original_title'] = $this->get_original_title( $value_obj ); 254 257 } 255 258 … … 258 261 259 262 /** 263 * Prepares the value for editing on the client. 264 * 265 * @since 6.8.3 266 * 267 * @return array|false Value prepared for the client. 268 */ 269 public function js_value() { 270 $value = parent::js_value(); 271 if ( is_array( $value ) && isset( $value['original_title'] ) ) { 272 // Decode entities for the sake of displaying the original title as a placeholder. 273 $value['original_title'] = html_entity_decode( $value['original_title'], ENT_QUOTES, get_bloginfo( 'charset' ) ); 274 } 275 return $value; 276 } 277 278 /** 260 279 * Get original title. 261 280 * … … 263 282 * 264 283 * @param object $item Nav menu item. 265 * @return string The original title .284 * @return string The original title, without entity decoding. 266 285 */ 267 286 protected function get_original_title( $item ) { … … 289 308 } 290 309 } 291 $original_title = html_entity_decode( $original_title, ENT_QUOTES, get_bloginfo( 'charset' ) );292 310 return $original_title; 293 311 } … … 345 363 $this->value['status'] = $this->value['post_status']; 346 364 unset( $this->value['post_status'] ); 347 }348 349 if ( ! isset( $this->value['original_title'] ) ) {350 $this->value['original_title'] = $this->get_original_title( (object) $this->value );351 365 } 352 366 … … 595 609 unset( $item->position ); 596 610 597 if ( empty( $item->original_title ) ) {598 $item->original_title = $this->get_original_title( $item );599 }600 611 if ( empty( $item->title ) && ! empty( $item->original_title ) ) { 601 $item->title = $item->original_title; 612 $item->title = $item->original_title; // This is NOT entity-decoded. It comes from self::get_original_title(). 602 613 } 603 614 if ( $item->title ) { … … 655 666 * @since 5.9.0 Renamed `$menu_item_value` to `$value` for PHP 8 named parameter support. 656 667 * 657 * @param array $value The menu item value to sanitize.668 * @param array|false $value The menu item value to sanitize. 658 669 * @return array|false|null|WP_Error Null or WP_Error if an input isn't valid. False if it is marked for deletion. 659 670 * Otherwise the sanitized value. … … 712 723 } 713 724 714 $menu_item_value['original_title'] = sanitize_text_field( $menu_item_value['original_title'] );715 716 725 // Apply the same filters as when calling wp_insert_post(). 717 726 -
branches/6.5/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php
r57648 r60821 379 379 380 380 foreach ( $query_result as $post ) { 381 if ( ! $this->check_read_permission( $post ) ) { 381 if ( 'edit' === $request['context'] ) { 382 $permission = $this->check_update_permission( $post ); 383 } else { 384 $permission = $this->check_read_permission( $post ); 385 } 386 387 if ( ! $permission ) { 382 388 continue; 383 389 } -
branches/6.5/src/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php
r57648 r60821 341 341 342 342 foreach ( $query_result as $term ) { 343 if ( 'edit' === $request['context'] && ! current_user_can( 'edit_term', $term->term_id ) ) { 344 continue; 345 } 346 343 347 $data = $this->prepare_item_for_response( $term, $request ); 344 348 $response[] = $this->prepare_response_for_collection( $data ); -
branches/6.5/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
r57648 r60821 211 211 return new WP_Error( 212 212 'rest_forbidden_context', 213 __( 'Sorry, you are not allowed to list users.' ),213 __( 'Sorry, you are not allowed to edit users.' ), 214 214 array( 'status' => rest_authorization_required_code() ) 215 215 ); … … 341 341 342 342 foreach ( $query->results as $user ) { 343 if ( 'edit' === $request['context'] && ! current_user_can( 'edit_user', $user->ID ) ) { 344 continue; 345 } 346 343 347 $data = $this->prepare_item_for_response( $user, $request ); 344 348 $users[] = $this->prepare_response_for_collection( $data ); … … 440 444 } 441 445 442 if ( 'edit' === $request['context'] && ! current_user_can( ' list_users') ) {443 return new WP_Error( 444 'rest_ user_cannot_view',445 __( 'Sorry, you are not allowed to list users.' ),446 if ( 'edit' === $request['context'] && ! current_user_can( 'edit_user', $user->ID ) ) { 447 return new WP_Error( 448 'rest_forbidden_context', 449 __( 'Sorry, you are not allowed to edit this user.' ), 446 450 array( 'status' => rest_authorization_required_code() ) 447 451 ); 448 } elseif ( ! count_user_posts( $user->ID, $types ) && ! current_user_can( 'edit_user', $user->ID ) && ! current_user_can( 'list_users' ) ) { 452 } 453 454 if ( ! current_user_can( 'edit_user', $user->ID ) && ! current_user_can( 'list_users' ) && ! count_user_posts( $user->ID, $types ) ) { 449 455 return new WP_Error( 450 456 'rest_user_cannot_view', … … 1041 1047 } 1042 1048 1043 if ( in_array( 'roles', $fields, true ) ) {1049 if ( in_array( 'roles', $fields, true ) && ( current_user_can( 'list_users' ) || current_user_can( 'edit_user', $user->ID ) ) ) { 1044 1050 // Defensively call array_values() to ensure an array is returned. 1045 1051 $data['roles'] = array_values( $user->roles ); -
branches/6.5/tests/phpunit/tests/customize/nav-menu-item-setting.php
r56421 r60821 90 90 'xfn' => '', 91 91 'status' => 'publish', 92 'original_title' => '',93 92 'nav_menu_term_id' => 0, 94 93 '_invalid' => false, … … 582 581 'xfn' => 'hello inject', 583 582 'status' => 'draft', 584 'original_title' => 'Hi ',583 'original_title' => 'Hi<script>unfilteredHtml()</script>', 585 584 'nav_menu_term_id' => 0, 586 585 ); -
branches/6.5/tests/phpunit/tests/customize/nav-menus.php
r56548 r60821 169 169 // Expected menu item array. 170 170 $expected = array( 171 'id' => "post-{$post_id}", 172 'title' => 'Post Title', 173 'type' => 'post_type', 174 'type_label' => 'Post', 175 'object' => 'post', 176 'object_id' => (int) $post_id, 177 'url' => get_permalink( (int) $post_id ), 171 'id' => "post-{$post_id}", 172 'title' => 'Post Title', 173 'original_title' => 'Post Title', 174 'type' => 'post_type', 175 'type_label' => 'Post', 176 'object' => 'post', 177 'object_id' => (int) $post_id, 178 'url' => get_permalink( (int) $post_id ), 178 179 ); 179 180 … … 201 202 // Expected menu item array. 202 203 $expected = array( 203 'id' => "post-{$page_id}", 204 'title' => 'Page Title', 205 'type' => 'post_type', 206 'type_label' => 'Page', 207 'object' => 'page', 208 'object_id' => (int) $page_id, 209 'url' => get_permalink( (int) $page_id ), 204 'id' => "post-{$page_id}", 205 'title' => 'Page Title', 206 'original_title' => 'Page Title', 207 'type' => 'post_type', 208 'type_label' => 'Page', 209 'object' => 'page', 210 'object_id' => (int) $page_id, 211 'url' => get_permalink( (int) $page_id ), 210 212 ); 211 213 … … 227 229 // Expected menu item array. 228 230 $expected = array( 229 'id' => "post-{$post_id}", 230 'title' => 'Post Title', 231 'type' => 'post_type', 232 'type_label' => 'Post', 233 'object' => 'post', 234 'object_id' => (int) $post_id, 235 'url' => get_permalink( (int) $post_id ), 231 'id' => "post-{$post_id}", 232 'title' => 'Post Title', 233 'original_title' => 'Post Title', 234 'type' => 'post_type', 235 'type_label' => 'Post', 236 'object' => 'post', 237 'object_id' => (int) $post_id, 238 'url' => get_permalink( (int) $post_id ), 236 239 ); 237 240 … … 253 256 // Expected menu item array. 254 257 $expected = array( 255 'id' => "term-{$term_id}", 256 'title' => 'Term Title', 257 'type' => 'taxonomy', 258 'type_label' => 'Category', 259 'object' => 'category', 260 'object_id' => (int) $term_id, 261 'url' => get_term_link( (int) $term_id, 'category' ), 258 'id' => "term-{$term_id}", 259 'title' => 'Term Title', 260 'original_title' => 'Term Title', 261 'type' => 'taxonomy', 262 'type_label' => 'Category', 263 'object' => 'category', 264 'object_id' => (int) $term_id, 265 'url' => get_term_link( (int) $term_id, 'category' ), 262 266 ); 263 267 -
branches/6.5/tests/phpunit/tests/rest-api/rest-users-controller.php
r57239 r60821 1203 1203 $request->set_param( 'context', 'edit' ); 1204 1204 $response = rest_get_server()->dispatch( $request ); 1205 $this->assertErrorResponse( 'rest_ user_cannot_view', $response, 401 );1205 $this->assertErrorResponse( 'rest_forbidden_context', $response, 401 ); 1206 1206 } 1207 1207
Note: See TracChangeset
for help on using the changeset viewer.