-
Notifications
You must be signed in to change notification settings - Fork 4.3k
/
Copy pathclass-wp-rest-widget-utils-controller.php
160 lines (145 loc) · 4.19 KB
/
class-wp-rest-widget-utils-controller.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
<?php
/**
* Start: Include for phase 2
* Widget Updater REST API: WP_REST_Widget_Forms class
*
* @package gutenberg
* @since 5.2.0
*/
/**
* Controller which provides REST endpoint for updating a widget.
*
* @since 5.2.0
*
* @see WP_REST_Controller
*/
class WP_REST_Widget_Utils_Controller extends WP_REST_Controller {
/**
* Constructs the controller.
*
* @access public
*/
public function __construct() {
$this->namespace = '__experimental';
$this->rest_base = 'widget-utils';
}
/**
* Registers the necessary REST API route.
*
* @access public
*/
public function register_routes() {
register_rest_route(
$this->namespace,
'/' . $this->rest_base . '/form/(?P<widget_class>[^/]*)/',
array(
'args' => array(
'widget_class' => array(
'description' => __( 'Class name of the widget.', 'gutenberg' ),
'type' => 'string',
'required' => true,
'validate_callback' => array( $this, 'is_valid_widget' ),
),
'instance' => array(
'description' => __( 'Current widget instance', 'gutenberg' ),
'type' => 'object',
'default' => array(),
),
),
array(
'methods' => WP_REST_Server::EDITABLE,
'permission_callback' => array( $this, 'permissions_check' ),
'callback' => array( $this, 'compute_widget_form' ),
),
)
);
}
/**
* Checks if the user has permissions to make the request.
*
* @return true|WP_Error True if the request has read access, WP_Error object otherwise.
* @since 5.2.0
* @access public
*/
public function permissions_check() {
// Verify if the current user has edit_theme_options capability.
// This capability is required to access the widgets screen.
if ( ! current_user_can( 'edit_theme_options' ) ) {
return new WP_Error(
'widgets_cannot_access',
__( 'Sorry, you are not allowed to access widgets on this site.', 'gutenberg' ),
array(
'status' => rest_authorization_required_code(),
)
);
}
return true;
}
/**
* Checks if the widget being referenced is valid.
*
* @param string $widget_class Name of the class the widget references.
*
* @return boolean| True if the widget being referenced exists and false otherwise.
* @since 5.2.0
* @access public
*/
public function is_valid_widget( $widget_class ) {
$widget_class = urldecode( $widget_class );
global $wp_widget_factory;
if ( ! $widget_class ) {
return false;
}
return isset( $wp_widget_factory->widgets[ $widget_class ] ) &&
( $wp_widget_factory->widgets[ $widget_class ] instanceof WP_Widget );
}
/**
* Returns the new widget instance and the form that represents it.
*
* @param WP_REST_Request $request Full details about the request.
*
* @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
* @since 5.7.0
* @access public
*/
public function compute_widget_form( $request ) {
$widget_class = urldecode( $request->get_param( 'widget_class' ) );
$instance = $request->get_param( 'instance' );
global $wp_widget_factory;
$widget_obj = $wp_widget_factory->widgets[ $widget_class ];
$widget_obj->_set( -1 );
ob_start();
$instance = apply_filters( 'widget_form_callback', $instance, $widget_obj );
$return = null;
if ( false !== $instance ) {
$return = $widget_obj->form( $instance );
/**
* Fires at the end of the widget control form.
*
* Use this hook to add extra fields to the widget form. The hook
* is only fired if the value passed to the 'widget_form_callback'
* hook is not false.
*
* Note: If the widget has no form, the text echoed from the default
* form method can be hidden using CSS.
*
* @param WP_Widget $widget_obj The widget instance (passed by reference).
* @param null $return Return null if new fields are added.
* @param array $instance An array of the widget's settings.
*
* @since 5.2.0
*/
do_action_ref_array( 'in_widget_form', array( &$widget_obj, &$return, $instance ) );
}
$form = ob_get_clean();
return rest_ensure_response(
array(
'instance' => $instance,
'form' => $form,
)
);
}
}
/**
* End: Include for phase 2
*/