Added User Meta Endpoints #3
Conversation
* ADDED: User meta endpoints
|
I noticed that I made a simple mistake in this PR with the permissions check function. I will be posting an update later today to fix it. |
* FIXED: The check for user permissions to access or edit the user has been fixed.
| /** | ||
| * Associated object type. | ||
| * | ||
| * @var string Type slug ("post", "user", or "comment") |
There was a problem hiding this comment.
This comment shouldn't need the "("post", "user", or "comment")"
* ADDED: Basic units tests for the user meta endpoint * FIXED: Changed user meta permission check caps
| $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/users/%d/meta', $user_id ) ); | ||
| $response = $this->server->dispatch( $request ); | ||
|
|
||
| $this->assertEquals( 200, $response->get_status() ); |
There was a problem hiding this comment.
This is the line that is failing to pass in travis. I am not 100% sure why it is failing since it is passing on my local install via VVV.
Failed: https://travis-ci.org/WP-API/wp-api-meta-endpoints/jobs/111276918#L300
@danielbachhuber thoughts?
There was a problem hiding this comment.
am not 100% sure why it is failing since it is passing on my local install via VVV.
How would it be passing locally?
In this test, you're requesting user meta in an unauthenticated request. I'd expect the test to fail with a 403 response, which it does locally.
There was a problem hiding this comment.
Ok I see why it would be passing locally. For some reason when I use the $this->factory->user->create() function I create a new temp user with the ID of 2, but my local admin user has an ID of 2. I am not 100% sure if this is effecting it but I just looked over the way you test in the wp-api repo and I think I understand how to authenticate properly now.
https://github.com/WP-API/WP-API/blob/develop/tests/test-rest-users-controller.php#L74
* FIXED: Unit testing did not perform the user authentication correctly
| if ( ! $this->parent_controller->check_read_permission( $parent ) ) { | ||
| return new WP_Error( 'rest_forbidden', __( 'Sorry, you cannot view this user.' ), array( 'status' => rest_authorization_required_code() ) ); | ||
| } | ||
| */ |
There was a problem hiding this comment.
Can you remove this commented code?
|
Couple of small comments. Looks good otherwise though. |
Added User Meta Endpoints
I wanted to learn more about the Rest API so I decided to take a crack at adding the User meta endpoints based on this issue #1. I love how you made the WP_REST_Meta_Controller class by the way.
One thing that I was not sure about how to do was the
check_read_permissionauthorization check. This is just a different use case from posts I think since we are displaying user data rather than post data, so wouldn't that data never be shown to logged out users? @danielbachhuber...or am I just overthinking it :)For now the
check_read_permissionfunction is commented out with@todoplaced above it. I have not added in the unit tests yet.