[in progress] Add a core/content ability#739
Draft
jorgefilipecosta wants to merge 2 commits into
Draft
Conversation
Registers the read-only `core/content` ability, which retrieves one or more posts of a post type exposed to abilities. Fetch a single post by ID or by slug, or query multiple posts filtered by post type, status, author, or parent, with a `fields` selector and `page`/`per_page` pagination. Mirrors the WordPress core `WP_Content_Abilities` implementation so the two stay in sync, and overrides any core-provided copy. A self-contained Show_In_Abilities component polyfills the `show_in_abilities` flag onto curated core post types (post, page) so the ability returns data on a stock site.
✅ WordPress Plugin Check Report
📊 ReportAll checks passed! No errors or warnings found. 🤖 Generated by WordPress Plugin Check Action • Learn more about Plugin Check |
Mirrors the fixes from the core/settings review (#691) that also apply here: - Memoize the exposed post types so the input schema and the permission/execute callbacks derive from a single walk of the registered post types. - Default the input schema to an empty object so the type:object default serializes as {}. - Use __() instead of esc_html__(), and @SInCE x.x.x per CONTRIBUTING.md. - Harden input/value handling (type guards, capability resolver, non-negative int helper) so the new code passes PHPStan at the strictest level. The `content` ability-category fallback is kept on purpose: unlike `site`, `content` is a new category not present on the plugin's minimum WordPress (7.0).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds the read-only
core/contentability to the plugin, mirroring the WordPress coreWP_Content_Abilitiesimplementation (see the companion core PR) so the two stay in sync. It overrides any core-provided copy.Retrieves one or more posts of a post type exposed to abilities: fetch a single post by
idorslug, or query multiple posts filtered bypost_type,status,author,parent, with afieldsselector andpage/per_pagepagination. Output is{ posts, total, total_pages }.Security
Defense in depth: a coarse status/capability gate plus an authoritative per-post
read_postcheck on every row; default statuspublish; password-protected content withheld from non-editors; uniform not-found responses to avoid leaking post existence.Show_In_Abilities
WordPress core does not yet ship the
show_in_abilitiesflag this ability reads, so a self-containedShow_In_Abilitiescomponent polyfills it onto curated core post types (post,page). It is structured exactly like the settings polyfill from thecore/settingsPR (#691), so the two merge cleanly.This PR is independent of #691 and can be reviewed/merged on its own.
Tests
PHPUnit integration tests for the ability and the polyfill, plus an e2e spec (
tests/e2e/specs/abilities/core-content.spec.js) backed by a sample-content plugin that registers an ability-exposed post type.