Skip to content

feat(bulk-editor): exclude password-protected posts from bulk editing#23428

Open
JorPV wants to merge 4 commits into
trunkfrom
bulk-editor/filter-out-floating-elements
Open

feat(bulk-editor): exclude password-protected posts from bulk editing#23428
JorPV wants to merge 4 commits into
trunkfrom
bulk-editor/filter-out-floating-elements

Conversation

@JorPV

@JorPV JorPV commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Context

Password-protected posts should not be offered for bulk editing. This implements that part of Yoast/reserved-tasks#1328. (Private and trashed posts were already excluded — see below.)

We initially also excluded Elementor's "Floating Elements" (e-floating-buttons) from the content-types navigation, but decided that it should be Elementor's duty filter them (see 🧵 thread), so that exclusion is no longer part of this PR.

Summary

This PR can be summarized in the following changelog entry:

  • Excludes password-protected posts from the bulk editor list.

Relevant technical choices:

  • Password-protected posts — the indexable collector filters is_protected = false (Yoast sets is_protected from post_password !== ''); the WP_Query fallback collector uses has_password => false.
  • Private & trash need no change — the bulk editor's status whitelist (publish / draft / pending / future, enum-validated on the route) never includes private or trash, so those are already excluded.

Test instructions

Test instructions for the acceptance test before the PR gets merged

Password-protected posts:

  • Go to Yoast SEO → Tools → Bulk editor.
  • Create a published post and set a password on it (Visibility → Password protected).
  • In the bulk editor for that content type, confirm the password-protected post does not appear in the list.

Private / trash (regression):

  • Confirm private posts and trashed posts do not appear in the bulk editor list (they were already excluded).

Relevant test scenarios

  • Changes should be tested with the browser console open
  • Changes should be tested on different posts/pages/taxonomies/custom post types/custom taxonomies
  • Changes should be tested on different editors (Default Block/Gutenberg/Classic/Elementor/other)
  • Changes should be tested on different browsers
  • Changes should be tested on multisite

Test instructions for QA when the code is in the RC

  • QA should use the same steps as above.

Impact check

This PR affects the following parts of the plugin, which may require extra testing:

  • The bulk editor content-types navigation and post list. Filtering only — no change to indexing, saving, or the update endpoints.

Documentation

  • I have written documentation for this change. (Code comments.)

Quality assurance

  • I have tested this code to the best of my abilities.
  • During testing, I had activated all plugins that Yoast SEO provides integrations for.
  • I have added unit tests to verify the code works as intended.
  • If any part of the code is behind a feature flag, my test instructions also cover cases where the feature flag is switched off.
  • I have written this PR in accordance with my team's definition of done.
  • I have checked that the base branch is correctly set.

Innovation

  • No innovation project is applicable for this PR.
  • This PR falls under an innovation project. I have attached the innovation label.
  • I have added my hours to the WBSO document.

Fixes Yoast/reserved-tasks#1328

@JorPV JorPV added innovation Innovative issue. Relating to performance, memory or data-flow. changelog: non-user-facing Needs to be included in the 'Non-userfacing' category in the changelog labels Jul 2, 2026
@JorPV JorPV requested a review from Copilot July 2, 2026 11:05

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR tightens what the Yoast SEO Bulk Editor surfaces by (1) excluding Elementor’s utility post type Floating Elements (e-floating-buttons) from the content-type navigation, and (2) excluding password-protected posts from bulk-editable post lists (both for the indexables-based collector and the WP_Query fallback).

Changes:

  • Add a bulk-editor-scoped, filterable post-type exclusion list via wpseo_bulk_editor_excluded_post_types (defaulting to ['e-floating-buttons']).
  • Filter out password-protected content in both collectors (is_protected = false on indexables; has_password => false in WP_Query args).
  • Extend unit tests to cover the new indexables filter and the excluded post type scenario.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
src/bulk-editor/infrastructure/content-types/content-types-collector.php Adds a filterable exclusion list to hide specific indexable post types (e.g., Elementor Floating Elements) from Bulk Editor navigation.
src/bulk-editor/infrastructure/posts/indexable-posts-collector.php Excludes password-protected posts from the indexables-based Bulk Editor query via is_protected = false.
src/bulk-editor/infrastructure/posts/post-meta-posts-collector.php Excludes password-protected posts from the WP_Query fallback using has_password => false.
tests/Unit/Bulk_Editor/Infrastructure/Posts/Indexable_Posts_Collector/Get_Posts_Test.php Updates expectations to assert the new is_protected = false constraint is applied.
tests/Unit/Bulk_Editor/Infrastructure/Content_Types/Content_Types_Collector/Get_Content_Types_Test.php Adds a dataset asserting excluded post types are skipped (but currently misses stubbing apply_filters).

@JorPV JorPV added this to the feature/bulk-editor milestone Jul 2, 2026
@coveralls

coveralls commented Jul 2, 2026

Copy link
Copy Markdown

Coverage Report for CI Build 0

Warning

Build has drifted: This PR's base is out of sync with its target branch, so coverage data may include unrelated changes.
Quick fix: rebase this PR. Learn more →

Coverage at 51.633% (no base build to compare)

Details

  • Coverage remained the same as the base build.
  • Patch coverage: 1 uncovered change across 1 file (3 of 4 lines covered, 75.0%).
  • No coverage regressions found.

Uncovered Changes

File Changed Covered %
src/bulk-editor/infrastructure/posts/post-meta-posts-collector.php 1 0 0.0%
Total (2 files) 4 3 75.0%

Coverage Regressions

No coverage regressions found.


Coverage Stats

Coverage Status
Relevant Lines: 42506
Covered Lines: 21947
Line Coverage: 51.63%
Coverage Strength: 4.18 hits per line

💛 - Coveralls

@thijsoo thijsoo left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As discussed we want to remove the excluded part and the filter. We do want to keep the pw protected part.

We decided to include Floating Elements (Elementor's e-floating-buttons) in the
bulk editor after all, so remove the content-types exclusion and its filter.
Only password-protected posts remain excluded.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@JorPV JorPV changed the title feat(bulk-editor): exclude Floating Elements and password-protected posts feat(bulk-editor): exclude password-protected posts from bulk editing Jul 2, 2026
Base automatically changed from feature/bulk-editor to trunk July 3, 2026 09:47
@JorPV JorPV modified the milestones: feature/bulk-editor, 28.1 Jul 3, 2026

@leonidasmi leonidasmi left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CR + Acceptance : Almost ✅ , a very minor and quick suggestion below

Comment thread src/bulk-editor/infrastructure/posts/indexable-posts-collector.php Outdated
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

changelog: non-user-facing Needs to be included in the 'Non-userfacing' category in the changelog innovation Innovative issue. Relating to performance, memory or data-flow.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants