renamte get user

jorgefilipecosta · jorgefilipecosta · commit 88f258914ed8 · 2026-01-22T19:40:39.000Z
diff --git a/src/wp-includes/abilities/class-wp-users-abilities.php b/src/wp-includes/abilities/class-wp-users-abilities.php
@@ -31,29 +31,27 @@ class WP_Users_Abilities {
 	 * @return void
 	 */
 	public static function register(): void {
-		self::register_get_current_user();
+		self::register_get_user();
 	}
 
 	/**
-	 * Registers the core/get-current-user ability.
+	 * Registers the core/get-user ability.
 	 *
 	 * @since 6.9.0
 	 *
 	 * @return void
 	 */
-	private static function register_get_current_user(): void {
+	private static function register_get_user(): void {
 		wp_register_ability(
-			'core/get-current-user',
+			'core/get-user',
 			array(
-				'label'               => __( 'Get Current User' ),
-				'description'         => __( 'Returns comprehensive profile details for the current authenticated user including identity, profile fields, and roles.' ),
+				'label'               => __( 'Get User' ),
+				'description'         => __( 'Returns comprehensive profile details for a user by id, username, or email.' ),
 				'category'            => 'user',
-				'input_schema'        => self::get_current_user_input_schema(),
-				'output_schema'       => self::get_current_user_output_schema(),
-				'execute_callback'    => array( __CLASS__, 'execute_get_current_user' ),
-				'permission_callback' => static function (): bool {
-					return is_user_logged_in();
-				},
+				'input_schema'        => self::get_user_input_schema(),
+				'output_schema'       => self::get_user_output_schema(),
+				'execute_callback'    => array( __CLASS__, 'execute_get_user' ),
+				'permission_callback' => array( __CLASS__, 'check_get_user_permission' ),
 				'meta'                => array(
 					'annotations'  => array(
 						'readonly'    => true,
@@ -67,35 +65,51 @@ private static function register_get_current_user(): void {
 	}
 
 	/**
-	 * Gets the input schema for the get-current-user ability.
+	 * Gets the input schema for the get-user ability.
 	 *
 	 * @since 6.9.0
 	 *
 	 * @return array<string, mixed> The input schema.
 	 */
-	private static function get_current_user_input_schema(): array {
+	private static function get_user_input_schema(): array {
 		return array(
 			'type'                 => 'object',
+			'oneOf'                => array(
+				array( 'required' => array( 'id' ) ),
+				array( 'required' => array( 'username' ) ),
+				array( 'required' => array( 'email' ) ),
+			),
 			'properties'           => array(
+				'id'                   => array(
+					'type'        => 'integer',
+					'description' => __( 'User ID.' ),
+				),
+				'username'             => array(
+					'type'        => 'string',
+					'description' => __( 'User login name.' ),
+				),
+				'email'                => array(
+					'type'        => 'string',
+					'description' => __( 'User email address.' ),
+				),
 				'include_capabilities' => array(
 					'type'        => 'boolean',
 					'description' => __( 'Whether to include the user capabilities in the response.' ),
 					'default'     => false,
 				),
 			),
 			'additionalProperties' => false,
-			'default'              => array(),
 		);
 	}
 
 	/**
-	 * Gets the output schema for the get-current-user ability.
+	 * Gets the output schema for the get-user ability.
 	 *
 	 * @since 6.9.0
 	 *
 	 * @return array<string, mixed> The output schema.
 	 */
-	private static function get_current_user_output_schema(): array {
+	private static function get_user_output_schema(): array {
 		return array(
 			'type'                 => 'object',
 			'required'             => array(
@@ -189,18 +203,72 @@ private static function get_current_user_output_schema(): array {
 	}
 
 	/**
-	 * Executes the get-current-user ability.
+	 * Finds a user by id, username, or email from input parameters.
+	 *
+	 * @since 6.9.0
+	 *
+	 * @param array<string, mixed> $input The input parameters.
+	 * @return WP_User|false The user object if found, false otherwise.
+	 */
+	private static function find_user( array $input ) {
+		if ( ! empty( $input['id'] ) ) {
+			return get_user_by( 'ID', (int) $input['id'] );
+		}
+
+		if ( ! empty( $input['username'] ) ) {
+			return get_user_by( 'login', sanitize_user( $input['username'] ) );
+		}
+
+		if ( ! empty( $input['email'] ) ) {
+			return get_user_by( 'email', sanitize_email( $input['email'] ) );
+		}
+
+		return false;
+	}
+
+	/**
+	 * Permission callback for the get-user ability.
+	 *
+	 * @since 6.9.0
+	 *
+	 * @param array<string, mixed> $input The input parameters.
+	 * @return bool Whether the user has permission.
+	 */
+	public static function check_get_user_permission( array $input = array() ): bool {
+		// Must be logged in.
+		if ( ! is_user_logged_in() ) {
+			return false;
+		}
+
+		$user           = self::find_user( $input );
+		$target_user_id = $user ? $user->ID : 0;
+
+		// Users can view their own profile.
+		if ( get_current_user_id() === $target_user_id ) {
+			return true;
+		}
+
+		// Otherwise require list_users capability.
+		return current_user_can( 'list_users' );
+	}
+
+	/**
+	 * Executes the get-user ability.
 	 *
 	 * @since 6.9.0
 	 *
 	 * @param array<string, mixed> $input The input parameters.
-	 * @return array<string, mixed> The current user data.
+	 * @return array<string, mixed>|WP_Error The user data or error.
 	 */
-	public static function execute_get_current_user( array $input = array() ): array {
+	public static function execute_get_user( array $input = array() ) {
 		$input                = is_array( $input ) ? $input : array();
 		$include_capabilities = ! empty( $input['include_capabilities'] ) && ( $input['include_capabilities'] === true || $input['include_capabilities'] === 'true' );
 
-		$user = wp_get_current_user();
+		$user = self::find_user( $input );
+
+		if ( ! $user || ! $user->exists() ) {
+			return new WP_Error( 'user_not_found', __( 'User not found.' ), array( 'status' => 404 ) );
+		}
 
 		$result = array(
 			'id'              => $user->ID,
