Address PR feedback and add active theme link to WP_REST_Server::get_…

…index
WordPress · spacedmonkey · May 12, 2020 · Jun 9, 2020 · Jun 9, 2020 · Jun 17, 2020
commit c2855ea53a2173ab2f643571ec1c3e0724e21af7
diff --git a/src/wp-includes/rest-api/class-wp-rest-server.php b/src/wp-includes/rest-api/class-wp-rest-server.php
@@ -1202,6 +1202,8 @@ public function get_index( $request ) {
 
 		$response->add_link( 'help', 'http://v2.wp-api.org/' );
 
+		$response = $this->maybe_add_current_theme_link( $response );
+
 		/**
 		 * Filters the API root index data.
 		 *
@@ -1507,4 +1509,24 @@ public function get_headers( $server ) {
 
 		return $headers;
 	}
+
+	/**
+	 * Add current theme link to API response for users who have proper permissions.
+	 *
+	 * @since 5.7.0
+	 *
+	 * @param WP_REST_Response $response REST API response.
+	 *
+	 * @return WP_REST_Response REST API response.
+	 */
+	protected function maybe_add_current_theme_link( \WP_REST_Response $response ) {
+		if ( ! current_user_can( 'switch_themes' ) && ! current_user_can( 'manage_network_themes' ) ) {
+			return $response;
+		}
+
+		$theme = wp_get_theme();
+		$response->add_link( 'active_theme', rest_url( 'wp/v2/themes/' . $theme->get_stylesheet() ) );
+
+		return $response;
+	}
 }
diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php
@@ -4,13 +4,13 @@
  *
  * @package WordPress
  * @subpackage REST_API
- * @since 5.0.0
+ * @since 5.7.0
  */
 
 /**
  * Core class used to manage themes via the REST API.
  *
- * @since 5.0.0
+ * @since 5.7.0
  *
  * @see WP_REST_Controller
  */
@@ -19,7 +19,7 @@ class WP_REST_Themes_Controller extends WP_REST_Controller {
 	/**
 	 * Constructor.
 	 *
-	 * @since 5.0.0
+	 * @since 5.7.0
 	 */
 	public function __construct() {
 		$this->namespace = 'wp/v2';
@@ -29,7 +29,7 @@ public function __construct() {
 	/**
 	 * Registers the routes for the objects of the controller.
 	 *
-	 * @since 5.0.0
+	 * @since 5.7.0
 	 *
 	 * @see register_rest_route()
 	 */
@@ -74,7 +74,7 @@ public function register_routes() {
 	/**
 	 * Checks if a given request has access to read the theme.
 	 *
-	 * @since 5.0.0
+	 * @since 5.7.0
 	 *
 	 * @param WP_REST_Request $request Full details about the request.
 	 * @return true|WP_Error True if the request has read access for the item, otherwise WP_Error object.
@@ -116,7 +116,7 @@ public function get_item_permissions_check( $request ) {
 		}
 
 		return new WP_Error(
-			'rest_user_cannot_view',
+			'rest_cannot_view_active_theme',
 			__( 'Sorry, you are not allowed to view themes.' ),
 			array( 'status' => rest_authorization_required_code() )
 		);
@@ -141,7 +141,7 @@ protected function check_read_active_theme_permission() {
 		}
 
 		return new WP_Error(
-			'rest_user_cannot_view',
+			'rest_cannot_view_active_theme',
 			__( 'Sorry, you are not allowed to view active theme.' ),
 			array( 'status' => rest_authorization_required_code() )
 		);
@@ -172,7 +172,7 @@ public function get_item( $request ) {
 	/**
 	 * Retrieves a collection of themes.
 	 *
-	 * @since 5.0.0
+	 * @since 5.7.0
 	 *
 	 * @param WP_REST_Request $request Full details about the request.
 	 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
@@ -204,7 +204,7 @@ public function get_items( $request ) {
 	/**
 	 * Prepares a single theme output for response.
 	 *
-	 * @since 5.0.0
+	 * @since 5.7.0
 	 *
 	 * @param WP_Theme        $theme   Theme object.
 	 * @param WP_REST_Request $request Request object.
@@ -319,7 +319,7 @@ public function prepare_item_for_response( $theme, $request ) {
 		/**
 		 * Filters theme data returned from the REST API.
 		 *
-		 * @since 5.0.0
+		 * @since 5.7.0
 		 *
 		 * @param WP_REST_Response $response The response object.
 		 * @param WP_Theme         $theme    Theme object used to create response.
@@ -390,7 +390,7 @@ protected function prepare_theme_support( $support, $args, $feature, $request )
 	/**
 	 * Retrieves the theme's schema, conforming to JSON Schema.
 	 *
-	 * @since 5.0.0
+	 * @since 5.7.0
 	 *
 	 * @return array Item schema data.
 	 */
@@ -569,7 +569,7 @@ public function get_item_schema() {
 	/**
 	 * Retrieves the search params for the themes collection.
 	 *
-	 * @since 5.0.0
+	 * @since 5.7.0
 	 *
 	 * @return array Collection parameters.
 	 */
@@ -589,7 +589,7 @@ public function get_collection_params() {
 		/**
 		 * Filters collection parameters for the themes controller.
 		 *
-		 * @since 5.0.0
+		 * @since 5.7.0
 		 *
 		 * @param array $query_params JSON Schema-formatted collection parameters.
 		 */
@@ -599,7 +599,7 @@ public function get_collection_params() {
 	/**
 	 * Sanitizes and validates the list of theme status.
 	 *
-	 * @since 5.0.0
+	 * @since 5.7.0
 	 *
 	 * @param string|array    $statuses  One or more theme statuses.
 	 * @param WP_REST_Request $request   Full details about the request.

diff --git a/tests/phpunit/tests/rest-api/rest-themes-controller.php b/tests/phpunit/tests/rest-api/rest-themes-controller.php
@@ -1192,7 +1192,7 @@ public function test_get_item_no_permission() {
 		wp_set_current_user( self::$subscriber_id );
 		$request  = new WP_REST_Request( 'GET', self::$themes_route . '/' . WP_DEFAULT_THEME );
 		$response = rest_get_server()->dispatch( $request );
-		$this->assertErrorResponse( 'rest_user_cannot_view', $response, 403 );
+		$this->assertErrorResponse( 'rest_cannot_view_active_theme', $response, 403 );
 	}
 
 	/**
@@ -1221,7 +1221,7 @@ public function test_context_param() {}
 
 	public function data_theme_status() {
 		return array(
-			array( 'active', 'rest_user_cannot_view' ),
+			array( 'active', 'rest_cannot_view_active_theme' ),
 			array( 'active, inactive', 'rest_user_cannot_view' ),
 			array( 'inactive', 'rest_user_cannot_view' ),
 			array( '', 'rest_user_cannot_view' ),