WordPress · jorgefilipecosta · Oct 23, 2025 · Oct 24, 2025 · Oct 24, 2025 · Oct 24, 2025
diff --git a/src/wp-includes/abilities/wp-core-abilities.php b/src/wp-includes/abilities/wp-core-abilities.php
@@ -0,0 +1,271 @@
+<?php
+/**
+ * Core Abilities registration.
+ *
+ * @package WordPress
+ * @subpackage Abilities_API
+ * @since 6.9.0
+ */
+
+declare( strict_types = 1 );
+/**
+ * Registers the core abilities categories.
+ *
+ * @since 6.9.0
+ *
+ * @return void
+ */
+function wp_register_core_ability_categories(): void {
+	wp_register_ability_category(
+		'site',
+		array(
+			'label'       => __( 'Site' ),
+			'description' => __( 'Abilities that retrieve or modify site information and settings.' ),
+		)
+	);
+
+	wp_register_ability_category(
+		'user',
+		array(
+			'label'       => __( 'User' ),
+			'description' => __( 'Abilities that retrieve or modify user information and settings.' ),
+		)
+	);
+}
+
+/**
+ * Registers the default core abilities.
+ *
+ * @since 6.9.0
+ *
+ * @return void
+ */
+function wp_register_core_abilities(): void {
+	$category_site = 'site';
+	$category_user = 'user';
+
+	$site_info_fields = array(
+		'name',
+		'description',
+		'url',
+		'wpurl',
+		'admin_email',
+		'charset',
+		'language',
+		'version',
+	);
+
+	wp_register_ability(
+		'core/get-site-info',
+		array(
+			'label'               => __( 'Get Site Information' ),
+			'description'         => __( 'Returns site information configured in WordPress. By default returns all fields, or optionally a filtered subset.' ),
+			'category'            => $category_site,
+			'input_schema'        => array(
+				'type'                 => 'object',
+				'properties'           => array(
+					'fields' => array(
+						'type'        => 'array',
+						'items'       => array(
+							'type' => 'string',
+							'enum' => $site_info_fields,
+						),
+						'description' => __( 'Optional: Limit response to specific fields. If omitted, all fields are returned.' ),
+					),
+				),
+				'additionalProperties' => false,
+				'default'              => array(),
+			),
+			'output_schema'       => array(
+				'type'                 => 'object',
+				'properties'           => array(
+					'name'        => array(
+						'type'        => 'string',
+						'description' => __( 'The site title.' ),
+					),
+					'description' => array(
+						'type'        => 'string',
+						'description' => __( 'The site tagline.' ),
+					),
+					'url'         => array(
+						'type'        => 'string',
+						'description' => __( 'The site home URL.' ),
+					),
+					'wpurl'       => array(
+						'type'        => 'string',
+						'description' => __( 'The WordPress installation URL.' ),
+					),
+					'admin_email' => array(
+						'type'        => 'string',
+						'description' => __( 'The site administrator email address.' ),
+					),
+					'charset'     => array(
+						'type'        => 'string',
+						'description' => __( 'The site character encoding.' ),
+					),
+					'language'    => array(
+						'type'        => 'string',
+						'description' => __( 'The site language locale code.' ),
+					),
+					'version'     => array(
+						'type'        => 'string',
+						'description' => __( 'The WordPress version.' ),
+					),
+				),
+				'additionalProperties' => false,
+			),
+			'execute_callback'    => static function ( $input = array() ): array {
+				$input = is_array( $input ) ? $input : array();
+				$all_fields       = array( 'name', 'description', 'url', 'wpurl', 'admin_email', 'charset', 'language', 'version' );
+				$requested_fields = ! empty( $input['fields'] ) ? $input['fields'] : $all_fields;
+
+				$result = array();
+				foreach ( $requested_fields as $field ) {
+					$result[ $field ] = get_bloginfo( $field );
+				}
+
+				return $result;
+			},
+			'permission_callback' => static function (): bool {
+				return current_user_can( 'manage_options' );
+			},
+			'meta'                => array(
+				'annotations'  => array(
+					'readonly'    => true,
+					'destructive' => false,
+					'idempotent'  => true,
+				),
+				'show_in_rest' => true,
+			),
+		)
+	);
+
+	wp_register_ability(
+		'core/get-user-info',
+		array(
+			'label'               => __( 'Get User Information' ),
+			'description'         => __( 'Returns basic profile details for the current authenticated user to support personalization, auditing, and access-aware behavior.' ),
+			'category'            => $category_user,
+			'output_schema'       => array(
+				'type'                 => 'object',
+				'required'             => array( 'id', 'display_name', 'user_nicename', 'user_login', 'roles', 'locale' ),
+				'properties'           => array(
+					'id'            => array(
+						'type'        => 'integer',
+						'description' => __( 'The user ID.' ),
+					),
+					'display_name'  => array(
+						'type'        => 'string',
+						'description' => __( 'The display name of the user.' ),
+					),
+					'user_nicename' => array(
+						'type'        => 'string',
+						'description' => __( 'The URL-friendly name for the user.' ),
+					),
+					'user_login'    => array(
+						'type'        => 'string',
+						'description' => __( 'The login username for the user.' ),
+					),
+					'roles'         => array(
+						'type'        => 'array',
+						'description' => __( 'The roles assigned to the user.' ),
+						'items'       => array(
+							'type' => 'string',
+						),
+					),
+					'locale'        => array(
+						'type'        => 'string',
+						'description' => __( 'The locale string for the user, such as en_US.' ),
+					),
+				),
+				'additionalProperties' => false,
+			),
+			'execute_callback'    => static function (): array {
+				$current_user = wp_get_current_user();
+
+				return array(
+					'id'            => $current_user->ID,
+					'display_name'  => $current_user->display_name,
+					'user_nicename' => $current_user->user_nicename,
+					'user_login'    => $current_user->user_login,
+					'roles'         => $current_user->roles,
+					'locale'        => get_user_locale( $current_user ),
+				);
+			},
+			'permission_callback' => static function (): bool {
+				return is_user_logged_in();
+			},
+			'meta'                => array(
+				'annotations'  => array(
+					'readonly'    => true,
+					'destructive' => false,
+					'idempotent'  => true,
+				),
+				'show_in_rest' => false,
+			),
+		)
+	);
+
+	wp_register_ability(
+		'core/get-environment-info',
+		array(
+			'label'               => __( 'Get Environment Info' ),
+			'description'         => __( 'Returns core details about the site\'s runtime context for diagnostics and compatibility (environment, PHP runtime, database server info, WordPress version).' ),
+			'category'            => $category_site,
+			'output_schema'       => array(
+				'type'                 => 'object',
+				'required'             => array( 'environment', 'php_version', 'db_server_info', 'wp_version' ),
+				'properties'           => array(
+					'environment'    => array(
+						'type'        => 'string',
+						'description' => __( 'The site\'s runtime environment classification (can be one of these: production, staging, development, local).' ),
+						'enum'        => array( 'production', 'staging', 'development', 'local' ),
+					),
+					'php_version'    => array(
+						'type'        => 'string',
+						'description' => __( 'The PHP runtime version executing WordPress.' ),
+					),
+					'db_server_info' => array(
+						'type'        => 'string',
+						'description' => __( 'The database server vendor and version string reported by the driver.' ),
+						'examples'    => array( '8.0.34', '10.11.6-MariaDB' ),
+					),
+					'wp_version'     => array(
+						'type'        => 'string',
+						'description' => __( 'The WordPress core version running on this site.' ),
+					),
+				),
+				'additionalProperties' => false,
+			),
+			'execute_callback'    => static function (): array {
+				global $wpdb;
+
+				$env          = wp_get_environment_type();
+				$php_version  = phpversion();
+				$db_server_info  = '';
+				if ( isset( $wpdb ) && is_object( $wpdb ) && method_exists( $wpdb, 'db_server_info' ) ) {
+					$db_server_info = $wpdb->db_server_info() ?? '';
+				}
+				$wp_version   = get_bloginfo( 'version' );
+
+				return array(
+					'environment'    => $env,
+					'php_version'    => $php_version,
+					'db_server_info' => $db_server_info,
+					'wp_version'     => $wp_version,
+				);
+			},
+			'permission_callback' => static function (): bool {
+				return current_user_can( 'manage_options' );
+			},
+			'meta'                => array(
+				'annotations'  => array(
+					'readonly'    => true,
+					'destructive' => false,
+					'idempotent'  => true,
+				),
+				'show_in_rest' => true,
+			),
+		)
+	);
+}
diff --git a/src/wp-includes/default-filters.php b/src/wp-includes/default-filters.php
@@ -532,6 +532,10 @@
 add_action( 'rest_api_init', 'create_initial_rest_routes', 99 );
 add_action( 'parse_request', 'rest_api_loaded' );
 
+// Abilities API.
+add_action( 'wp_abilities_api_categories_init', 'wp_register_core_ability_categories' );
+add_action( 'wp_abilities_api_init', 'wp_register_core_abilities' );
+
 // Sitemaps actions.
 add_action( 'init', 'wp_sitemaps_get_server' );
 

diff --git a/src/wp-settings.php b/src/wp-settings.php
@@ -290,6 +290,7 @@
 require ABSPATH . WPINC . '/abilities-api/class-wp-ability.php';
 require ABSPATH . WPINC . '/abilities-api/class-wp-abilities-registry.php';
 require ABSPATH . WPINC . '/abilities-api.php';
+require ABSPATH . WPINC . '/abilities/wp-core-abilities.php';
 require ABSPATH . WPINC . '/rest-api.php';
 require ABSPATH . WPINC . '/rest-api/class-wp-rest-server.php';
 require ABSPATH . WPINC . '/rest-api/class-wp-rest-response.php';

diff --git a/tests/phpunit/tests/abilities-api/wpAbilitiesRegistry.php b/tests/phpunit/tests/abilities-api/wpAbilitiesRegistry.php
@@ -29,6 +29,14 @@ public function set_up(): void {
 
 		remove_all_filters( 'wp_register_ability_args' );
 
+		// Unregister all ability categories to ensure a clean slate for each test.
+		foreach ( wp_get_ability_categories() as $ability_category ) {
+			wp_unregister_ability_category( $ability_category->get_slug() );
+		}
+
+		// Remove core registration action to prevent re-registration.
+		remove_action( 'wp_abilities_api_categories_init', 'wp_register_core_ability_categories' );
+
 		// Fire the init hook to allow test ability category registration.
 		do_action( 'wp_abilities_api_categories_init' );
 		wp_register_ability_category(
@@ -87,6 +95,10 @@ public function tear_down(): void {
 		// Clean up registered test ability category.
 		wp_unregister_ability_category( 'math' );
 
+		// Re-add core registration action and re-register core categories.
+		add_action( 'wp_abilities_api_categories_init', 'wp_register_core_ability_categories' );
+		do_action( 'wp_abilities_api_categories_init' );
+
 		parent::tear_down();
 	}
 

diff --git a/tests/phpunit/tests/abilities-api/wpAbility.php b/tests/phpunit/tests/abilities-api/wpAbility.php
@@ -18,6 +18,14 @@ class Tests_Abilities_API_WpAbility extends WP_UnitTestCase {
 	public function set_up(): void {
 		parent::set_up();
 
+		// Unregister all ability categories to ensure a clean slate for each test.
+		foreach ( wp_get_ability_categories() as $ability_category ) {
+			wp_unregister_ability_category( $ability_category->get_slug() );
+		}
+
+		// Remove core registration action to prevent re-registration.
+		remove_action( 'wp_abilities_api_categories_init', 'wp_register_core_ability_categories' );
+
 		// Fire the init hook to allow test ability category registration.
 		do_action( 'wp_abilities_api_categories_init' );
 		wp_register_ability_category(
@@ -59,6 +67,10 @@ public function tear_down(): void {
 		// Clean up registered test ability category.
 		wp_unregister_ability_category( 'math' );
 
+		// Re-add core registration action and re-register core categories.
+		add_action( 'wp_abilities_api_categories_init', 'wp_register_core_ability_categories' );
+		do_action( 'wp_abilities_api_categories_init' );
+
 		parent::tear_down();
 	}