Capabilities added in API

2018-01-09 12:57:10 -02:00 · 2018-01-09 12:57:10 -02:00 · 831a109287
parent b95161792b
commit 831a109287
5 changed files with 66 additions and 94 deletions
--- a/src/api/endpoints/class-tainacan-rest-collections-controller.php
+++ b/src/api/endpoints/class-tainacan-rest-collections-controller.php
@ -133,12 +133,8 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function get_items_permissions_check($request){
-		if(current_user_can('read')){
+		return $this->collections_repository->can_read($this->collection);
-			return true;
+	}
 		}
 		return false;
    }
 	/**
 	 *
@ -147,12 +143,9 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function  get_item_permissions_check($request){
-		if(current_user_can('read')){
+		$collection = $this->collections_repository->fetch($request['collection_id']);
-			return true;
+		return $this->collections_repository->can_read($collection);
-		}
+	}
 		return false;
    }
 	/**
 	 * Receive a JSON with the structure of a Collection and return, in case of success insert
@ -199,11 +192,7 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function create_item_permissions_check( $request ) {
-		if(current_user_can('edit_posts')){
+		return $this->collections_repository->can_edit($this->collection);
 			return true;
 		}
 		return false;
    }
 	/**
@ -251,11 +240,8 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function delete_item_permissions_check( $request ) {
-		if(current_user_can('delete_posts')){
+		$collection = $this->collections_repository->fetch($request['collection_id']);
-			return true;
+		return $this->collections_repository->can_delete($collection);
 		}
 		return false;
    }
 	/**
@ -285,13 +271,21 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller {
 		return false;
    }
-    public function get_collection_params() {
+	/**
 	 * @return array|mixed|void
 	 */
 	public function get_collection_params() {
 	    $query_params = $this->collections_repository->get_map();
        return apply_filters("rest_{$this->collection->get_post_type()}_collection_params", $query_params, $this->collection->get_post_type());
    }
-    public function get_endpoint_args_for_item_schema( $method = WP_REST_Server::CREATABLE ) {
+	/**
 	 * @param string $method
 	 *
 	 * @return array|mixed|void
 	 */
 	public function get_endpoint_args_for_item_schema( $method = WP_REST_Server::CREATABLE ) {
 	    $args = [
 	    	'Object' => [
 	    		'type'        => 'JSON',
@ -302,7 +296,10 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller {
 	    return apply_filters("rest_{$this->collection->get_post_type()}_collection_params", $args, $this->collection->get_post_type());
    }
-    public function get_item_schema() {
+	/**
 	 * @return array|mixed|void
 	 */
 	public function get_item_schema() {
 		$args = $this->collections_repository->get_map();
 		return apply_filters("rest_{$this->collection->get_post_type()}_collection_params", $args, $this->collection->get_post_type());
--- a/src/api/endpoints/class-tainacan-rest-items-controller.php
+++ b/src/api/endpoints/class-tainacan-rest-items-controller.php
@ -12,6 +12,7 @@ class TAINACAN_REST_Items_Controller extends WP_REST_Controller {
 	private $items_repository;
 	private $item;
 	private $item_metadata;
 	private $collections_repository;
 	/**
 	 * TAINACAN_REST_Items_Controller constructor.
@ -23,6 +24,7 @@ class TAINACAN_REST_Items_Controller extends WP_REST_Controller {
 		$this->items_repository = new Repositories\Items();
 		$this->item = new Entities\Item();
 		$this->item_metadata = new Repositories\Item_Metadata();
 		$this->collections_repository = new Repositories\Collections();
 		add_action('rest_api_init', array($this, 'register_routes'));
 	}
@ -132,19 +134,13 @@ class TAINACAN_REST_Items_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function get_item_permissions_check( $request ) {
-		if(current_user_can('read')){
+		$item = $this->items_repository->fetch($request['item_id']);
-			return true;
+		return $this->items_repository->can_read($item);
 		}
 		return false;
 	}
 	public function get_items_permissions_check( $request ) {
-		if(current_user_can('read')){
+		$collection = $this->collections_repository->fetch($request['collection_id']);
-			return true;
+		return $this->collections_repository->can_read($collection);
 		}
 		return false;
 	}
 	/**
@ -161,7 +157,7 @@ class TAINACAN_REST_Items_Controller extends WP_REST_Controller {
 			$this->item->$set_($value);
 		}
-		$collection = new Entities\Collection($request[1]);
+		$collection = $this->collections_repository->fetch($request[1]);
 		$this->item->set_collection($collection);
@ -229,11 +225,7 @@ class TAINACAN_REST_Items_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function create_item_permissions_check( $request ) {
-		if(current_user_can('edit_posts')){
+		return $this->items_repository->can_edit($this->item);
 			return true;
 		}
 		return false;
 	}
 	/**
@ -260,11 +252,8 @@ class TAINACAN_REST_Items_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function delete_item_permissions_check( $request ) {
-		if(current_user_can('delete_posts')){
+		$item = $this->items_repository->fetch($request['item_id']);
-			return true;
+		return $this->items_repository->can_delete($item);
 		}
 		return false;
 	}
 }
--- a/src/api/endpoints/class-tainacan-rest-metadata-controller.php
+++ b/src/api/endpoints/class-tainacan-rest-metadata-controller.php
@ -8,6 +8,7 @@ class TAINACAN_REST_Metadata_Controller extends WP_REST_Controller {
 	private $metadata_repository;
 	private $item_metadata_repository;
 	private $item_repository;
 	private $collection_repository;
 	public function __construct() {
 		$this->namespace = 'tainacan/v2';
@ -17,6 +18,7 @@ class TAINACAN_REST_Metadata_Controller extends WP_REST_Controller {
 		$this->metadata_repository = new Repositories\Metadatas();
 		$this->item_metadata_repository = new Repositories\Item_Metadata();
 		$this->item_repository = new Repositories\Items();
 		$this->collection_repository = new Repositories\Collections();
 		add_action('rest_api_init', array($this, 'register_routes'));
 	}
@ -48,7 +50,7 @@ class TAINACAN_REST_Metadata_Controller extends WP_REST_Controller {
 				array(
 					'methods'             => WP_REST_Server::DELETABLE,
 					'callback'            => array($this, 'delete_item'),
-					'permission_callback' => array($this, 'delete_teim_permissions_check')
+					'permission_callback' => array($this, 'delete_item_permissions_check')
 				)
 			)
 		);
@ -168,11 +170,11 @@ class TAINACAN_REST_Metadata_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function create_item_permissions_check( $request ) {
-		if(current_user_can('edit_posts')){
+		if(!empty($request['item_id'])){
-			return true;
+			return $this->item_repository->can_edit(new Entities\Item());
 		}
-		return false;
+		return $this->collection_repository->can_edit(new Entities\Collection());
 	}
 	/**
@ -227,30 +229,17 @@ class TAINACAN_REST_Metadata_Controller extends WP_REST_Controller {
 		return new WP_REST_Response($prepared_item, 200);
 	}
 	/**
 	 * @param WP_REST_Request $request
 	 *
 	 * @return bool|WP_Error
 	 */
 	public function get_item_permissions_check( $request ) {
 		if(current_user_can('read')){
 			return true;
 		}
 		return false;
 	}
 	/**
 	 * @param WP_REST_Request $request
 	 *
 	 * @return bool|WP_Error
 	 */
 	public function get_items_permissions_check( $request ) {
-		if(current_user_can('read')){
+		if(!empty($request['item_id'])){
-			return true;
+			return $this->item_repository->can_read(new Entities\Item());
 		}
-		return false;
+		return $this->collection_repository->can_read(new Entities\Collection());
 	}
 	/**
@ -282,11 +271,11 @@ class TAINACAN_REST_Metadata_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function delete_item_permissions_check( $request ) {
-		if(current_user_can('delete_posts')){
+		if(!empty($request['item_id'])){
-			return true;
+			return $this->item_repository->can_delete(new Entities\Item());
 		}
-		return false;
+		return $this->collection_repository->can_delete(new Entities\Collection());
 	}
 }
--- a/src/api/endpoints/class-tainacan-rest-taxonomies-controller.php
+++ b/src/api/endpoints/class-tainacan-rest-taxonomies-controller.php
@ -106,13 +106,15 @@ class TAINACAN_REST_Taxonomies_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function get_item_permissions_check( $request ) {
-		if(current_user_can('read')){
+		$taxonomy = $this->taxonomy_repository->fetch($request['taxonomy_id']);
-			return true;
+		return $this->taxonomy_repository->can_read($taxonomy);
 		}
 		return false;
 	}
 	/**
 	 * @param WP_REST_Request $request
 	 *
 	 * @return WP_Error|WP_REST_Response
 	 */
 	public function delete_item( $request ) {
 		$taxonomy_id = $request['taxonomy_id'];
@ -160,11 +162,8 @@ class TAINACAN_REST_Taxonomies_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function delete_item_permissions_check( $request ) {
-		if (current_user_can('delete_posts')){
+		$taxonomy = $this->taxonomy_repository->fetch($request['taxonomy_id']);
-			return true;
+		return $this->taxonomy_repository->can_delete($taxonomy);
 		}
 		return false;
 	}
 	/**
@ -186,11 +185,7 @@ class TAINACAN_REST_Taxonomies_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function get_items_permissions_check( $request ) {
-		if (current_user_can('read')){
+		return $this->taxonomy_repository->can_read($this->taxonomy);
 			return true;
 		}
 		return false;
 	}
 	/**
@ -229,11 +224,7 @@ class TAINACAN_REST_Taxonomies_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function create_item_permissions_check( $request ) {
-		if(current_user_can('edit_posts')){
+		return $this->taxonomy_repository->can_edit($this->taxonomy);
 			return true;
 		}
 		return false;
 	}
 }
--- a/src/api/endpoints/class-tainacan-rest-terms-controller.php
+++ b/src/api/endpoints/class-tainacan-rest-terms-controller.php
@ -36,6 +36,11 @@ class TAINACAN_REST_Terms_Controller extends WP_REST_Controller {
 		);
 	}
 	/**
 	 * @param WP_REST_Request $to_prepare
 	 *
 	 * @return object|void|WP_Error
 	 */
 	public function prepare_item_for_database( $to_prepare ) {
 		$attributes = $to_prepare[0];
 		$taxonomy = $to_prepare[1];
@ -53,6 +58,11 @@ class TAINACAN_REST_Terms_Controller extends WP_REST_Controller {
 		$this->term->set_taxonomy($taxonomy);
 	}
 	/**
 	 * @param WP_REST_Request $request
 	 *
 	 * @return WP_Error|WP_REST_Response
 	 */
 	public function create_item( $request ) {
 		$taxonomy_id = $request['taxonomy_id'];
 		$body = json_decode($request->get_body(), true);
@ -90,11 +100,7 @@ class TAINACAN_REST_Terms_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function create_item_permissions_check( $request ) {
-		if(current_user_can('edit_posts')){
+		return $this->terms_repository->can_edit($this->term);
 			return true;
 		}
 		return false;
 	}
 	public function delete_item( $request ) {