From f8e19c34ea9aef5355e59d19743503f569df8891 Mon Sep 17 00:00:00 2001 From: Carlos Rodriguez Brito Date: Tue, 4 Nov 2025 14:13:17 +0000 Subject: [PATCH 1/2] Fix prevent error if executed callback return is not an array --- includes/Abilities/CustomPostTypes.php | 18 +++++++++--------- includes/Abilities/Media.php | 8 ++++---- includes/Abilities/RestApiCrud.php | 4 ++-- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/includes/Abilities/CustomPostTypes.php b/includes/Abilities/CustomPostTypes.php index b07c270..aa2097d 100644 --- a/includes/Abilities/CustomPostTypes.php +++ b/includes/Abilities/CustomPostTypes.php @@ -152,9 +152,9 @@ private function register_abilities(): void { 'execute_callback' => function ( $input ) { $post = get_post( intval( $input['id'] ) ); if ( ! $post || $post->post_type !== $input['post_type'] ) { - return new \WP_Error( 'post_not_found', 'Post not found' ); + return array('message' => 'Post not found'); } - return $post; + return array( $post ); }, 'permission_callback' => fn() => current_user_can( 'edit_posts' ), 'meta' => array( @@ -218,10 +218,10 @@ private function register_abilities(): void { $post_id = wp_insert_post( $post_data ); if ( is_wp_error( $post_id ) ) { - return $post_id; + return array('message' => 'Failed to create post'); } - return get_post( $post_id ); + return array( get_post( $post_id ) ); }, 'permission_callback' => fn() => current_user_can( 'edit_posts' ), 'meta' => array( @@ -274,7 +274,7 @@ private function register_abilities(): void { 'execute_callback' => function ( $input ) { $post = get_post( intval( $input['id'] ) ); if ( ! $post || $post->post_type !== $input['post_type'] ) { - return new \WP_Error( 'post_not_found', 'Post not found' ); + return array('message' => 'Post not found'); } $post_data = array( @@ -299,10 +299,10 @@ private function register_abilities(): void { $post_id = wp_update_post( $post_data ); if ( is_wp_error( $post_id ) ) { - return $post_id; + return array('message' => 'Failed to update post'); } - return get_post( $post_id ); + return array( get_post( $post_id ) ); }, 'permission_callback' => fn() => current_user_can( 'edit_posts' ), 'meta' => array( @@ -339,12 +339,12 @@ private function register_abilities(): void { 'execute_callback' => function ( $input ) { $post = get_post( intval( $input['id'] ) ); if ( ! $post || $post->post_type !== $input['post_type'] ) { - return new \WP_Error( 'post_not_found', 'Post not found' ); + return array('message' => 'Post not found'); } $result = wp_delete_post( $post->ID, true ); if ( ! $result ) { - return new \WP_Error( 'delete_failed', 'Failed to delete post' ); + return array('message' => 'Failed to delete post'); } return array( 'success' => true ); diff --git a/includes/Abilities/Media.php b/includes/Abilities/Media.php index c0bc529..1cae264 100644 --- a/includes/Abilities/Media.php +++ b/includes/Abilities/Media.php @@ -130,7 +130,7 @@ private function register_abilities(): void { } if ( ! file_exists( $file_path ) ) { - return new \WP_Error( 'size_not_found', 'Requested size not found' ); + return array( 'message' => 'Requested size not found' ); } $mime_type = get_post_mime_type( $id ); @@ -195,7 +195,7 @@ private function register_abilities(): void { $file_data = base64_decode( $base64_data, true ); if ( false === $file_data ) { - return new \WP_Error( 'invalid_file', 'Invalid base64 data' ); + return array( 'message', 'Invalid base64 data' ); } // Detect mime type @@ -208,7 +208,7 @@ private function register_abilities(): void { $upload = wp_upload_bits( $filename, null, $file_data ); if ( $upload['error'] ) { - return new \WP_Error( 'upload_failed', $upload['error'] ); + return array( 'message' => $upload['error'] ); } // Create attachment @@ -229,7 +229,7 @@ private function register_abilities(): void { update_post_meta( $attach_id, '_wp_attachment_image_alt', $input['alt_text'] ); } - return get_post( $attach_id ); + return array( get_post( $attach_id ) ); }, 'permission_callback' => fn() => current_user_can( 'upload_files' ), 'meta' => array( diff --git a/includes/Abilities/RestApiCrud.php b/includes/Abilities/RestApiCrud.php index 906e414..61c976b 100644 --- a/includes/Abilities/RestApiCrud.php +++ b/includes/Abilities/RestApiCrud.php @@ -104,7 +104,7 @@ private function register_abilities(): void { $routes = rest_get_server()->get_routes(); if ( ! isset( $routes[ $route ] ) ) { - return new \WP_Error( 'route_not_found', 'Route not found' ); + return array( 'message' => 'Route not found' ); } foreach ( $routes[ $route ] as $endpoint ) { @@ -113,7 +113,7 @@ private function register_abilities(): void { } } - return new \WP_Error( 'method_not_found', 'Method not found for this route' ); + return array( 'message' => 'Method not found for this route' ); }, 'permission_callback' => fn() => current_user_can( 'edit_posts' ), 'meta' => array( From 74aaa4cdb53f6131114f21b2ddb3c3b254996afc Mon Sep 17 00:00:00 2001 From: Carlos Rodriguez Brito Date: Tue, 4 Nov 2025 14:14:01 +0000 Subject: [PATCH 2/2] Set reassign as required parameter --- includes/Abilities/Users.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/Abilities/Users.php b/includes/Abilities/Users.php index d2faf9f..2668151 100644 --- a/includes/Abilities/Users.php +++ b/includes/Abilities/Users.php @@ -226,7 +226,7 @@ private function register_abilities(): void { 'description' => 'Reassign posts to this user ID', ), ), - 'required' => array( 'id' ), + 'required' => array( 'id', 'reassign' ), ), 'execute_callback' => function ( $input ) { $request = new \WP_REST_Request( 'DELETE', '/wp/v2/users/' . $input['id'] );