Block Directory: Use canUser() to determine install user permissions.#19830
Closed
StevenDufresne wants to merge 1 commit into
Closed
Block Directory: Use canUser() to determine install user permissions.#19830StevenDufresne wants to merge 1 commit into
StevenDufresne wants to merge 1 commit into
Conversation
aduth
reviewed
Jan 23, 2020
| } | ||
|
|
||
| const path = id ? `/wp/v2/${ resource }/${ id }` : `/wp/v2/${ resource }`; | ||
| const apiPrefix = resource && resource.isExperimental ? '/__experimental/' : '/wp/v2/'; |
Member
There was a problem hiding this comment.
I'm not so sure about the interface we've created for this.
A few thoughts occur to me:
- Depending on how we define the endpoint, can
__experimentalbe part of theresource?- i.e.
/wp/v2/__experimental/media
- i.e.
- Could the function signature allow one to customize the namespace altogether, vs. "experimental" as being a specialized concept?
- i.e.
{ endpoint: 'media', namespace: '/wp/__experimental' } - Aside: Is "endpoint" the correct verbiage here?
- i.e.
- Is there any potential reuse or conflict from the changes or ideas proposed at Core Data: Add support for fetching permissions of custom actions #18956 ?
Contributor
Author
There was a problem hiding this comment.
I can't speak to the history of how __experimental, which appears to be used in 3 different WP_REST_Controller extensions (widget-forms, block-directory & widget-areas) came to pass and the reasoning for not having them be part of the resource. I wouldn't be opposed to having to it but I don't know who would need to be looped in for context.
Contributor
Author
|
Closed this. We'll be moving out of the 'experimental' state before this would be moved in, and at that point we will reassess user permissions. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
The Block Directory package makes use of its own approach to check user permissions. This PR will align its approach to check permissions with the rest of the project by using
canUserfromcore-data.This PR does include a change to the
canUserfunction to be able to handle REST endpoints that are experimental.This PR has been opened early to initiate discussion.
To Do Before Merge
How has this been tested?
There is currently no new test added. They need to be.
Types of changes
Considering this makes changes to a well used, shared function, this refactor has an impact larger than this package.
Checklist: