Skip to content

Commit e0876da

Browse files
committed
Registered a new Ability of Get User info
1 parent e12ddb3 commit e0876da

1 file changed

Lines changed: 216 additions & 0 deletions

File tree

src/wp-includes/abilities.php

Lines changed: 216 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -196,6 +196,222 @@ function wp_register_core_abilities(): void {
196196
)
197197
);
198198

199+
wp_register_ability(
200+
'core/get-user',
201+
array(
202+
'label' => __( 'Get User' ),
203+
'description' => __( 'Returns profile data for a specific user looked up by ID, username, or email. Users can view their own record; viewing others requires the list_users capability.' ),
204+
'category' => $category_user,
205+
'input_schema' => array(
206+
'type' => 'object',
207+
'oneOf' => array(
208+
array(
209+
'required' => array( 'id' ),
210+
'properties' => array(
211+
'id' => array(
212+
'type' => 'integer',
213+
'description' => __( 'The user ID.' ),
214+
'minimum' => 1,
215+
),
216+
),
217+
),
218+
array(
219+
'required' => array( 'username' ),
220+
'properties' => array(
221+
'username' => array(
222+
'type' => 'string',
223+
'description' => __( 'The user login name.' ),
224+
),
225+
),
226+
),
227+
array(
228+
'required' => array( 'email' ),
229+
'properties' => array(
230+
'email' => array(
231+
'type' => 'string',
232+
'description' => __( 'The user email address.' ),
233+
),
234+
),
235+
),
236+
),
237+
'properties' => array(
238+
'id' => array(
239+
'type' => 'integer',
240+
'description' => __( 'The user ID.' ),
241+
'minimum' => 1,
242+
),
243+
'username' => array(
244+
'type' => 'string',
245+
'description' => __( 'The user login name.' ),
246+
),
247+
'email' => array(
248+
'type' => 'string',
249+
'description' => __( 'The user email address.' ),
250+
),
251+
'include_capabilities' => array(
252+
'type' => 'boolean',
253+
'description' => __( 'Whether to include the user\'s capabilities in the response.' ),
254+
'default' => false,
255+
),
256+
),
257+
'additionalProperties' => false,
258+
),
259+
'output_schema' => array(
260+
'type' => 'object',
261+
'required' => array( 'id', 'username', 'email', 'display_name', 'first_name', 'last_name', 'nickname', 'description', 'url', 'link', 'slug', 'registered_date', 'roles', 'locale', 'avatar_urls' ),
262+
'properties' => array(
263+
'id' => array(
264+
'type' => 'integer',
265+
'description' => __( 'The user ID.' ),
266+
),
267+
'username' => array(
268+
'type' => 'string',
269+
'description' => __( 'The login username for the user.' ),
270+
),
271+
'email' => array(
272+
'type' => 'string',
273+
'description' => __( 'The email address for the user.' ),
274+
),
275+
'display_name' => array(
276+
'type' => 'string',
277+
'description' => __( 'The display name for the user.' ),
278+
),
279+
'first_name' => array(
280+
'type' => 'string',
281+
'description' => __( 'The first name for the user.' ),
282+
),
283+
'last_name' => array(
284+
'type' => 'string',
285+
'description' => __( 'The last name for the user.' ),
286+
),
287+
'nickname' => array(
288+
'type' => 'string',
289+
'description' => __( 'The nickname for the user.' ),
290+
),
291+
'description' => array(
292+
'type' => 'string',
293+
'description' => __( 'The biographical description for the user.' ),
294+
),
295+
'url' => array(
296+
'type' => 'string',
297+
'description' => __( 'The URL of the user\'s website.' ),
298+
),
299+
'link' => array(
300+
'type' => 'string',
301+
'description' => __( 'The URL to the user\'s author archive page.' ),
302+
),
303+
'slug' => array(
304+
'type' => 'string',
305+
'description' => __( 'The URL-friendly slug for the user.' ),
306+
),
307+
'registered_date' => array(
308+
'type' => 'string',
309+
'description' => __( 'The date the user was registered, as a UTC ISO 8601 date string.' ),
310+
),
311+
'roles' => array(
312+
'type' => 'array',
313+
'description' => __( 'The roles assigned to the user.' ),
314+
'items' => array(
315+
'type' => 'string',
316+
),
317+
),
318+
'locale' => array(
319+
'type' => 'string',
320+
'description' => __( 'The locale for the user.' ),
321+
),
322+
'avatar_urls' => array(
323+
'type' => 'object',
324+
'description' => __( 'Avatar URLs for the user, keyed by size in pixels.' ),
325+
'additionalProperties' => array(
326+
'type' => 'string',
327+
),
328+
),
329+
'capabilities' => array(
330+
'type' => 'object',
331+
'description' => __( 'All capabilities assigned to the user. Only present when include_capabilities is true.' ),
332+
'additionalProperties' => array(
333+
'type' => 'boolean',
334+
),
335+
),
336+
),
337+
'additionalProperties' => false,
338+
),
339+
'execute_callback' => static function ( $input = array() ) {
340+
$input = is_array( $input ) ? $input : array();
341+
$user = null;
342+
343+
if ( isset( $input['id'] ) ) {
344+
$user = get_user_by( 'id', $input['id'] );
345+
} elseif ( isset( $input['username'] ) ) {
346+
$user = get_user_by( 'login', $input['username'] );
347+
} elseif ( isset( $input['email'] ) ) {
348+
$user = get_user_by( 'email', $input['email'] );
349+
}
350+
351+
if ( ! $user instanceof WP_User ) {
352+
return new WP_Error( 'user_not_found', __( 'No user was found matching the provided identifier.' ), array( 'status' => 404 ) );
353+
}
354+
355+
$data = array(
356+
'id' => $user->ID,
357+
'username' => $user->user_login,
358+
'email' => $user->user_email,
359+
'display_name' => $user->display_name,
360+
'first_name' => $user->first_name,
361+
'last_name' => $user->last_name,
362+
'nickname' => $user->nickname,
363+
'description' => $user->description,
364+
'url' => $user->user_url,
365+
'link' => get_author_posts_url( $user->ID, $user->user_nicename ),
366+
'slug' => $user->user_nicename,
367+
'registered_date' => gmdate( 'Y-m-d\TH:i:s\Z', strtotime( $user->user_registered ) ),
368+
'roles' => array_values( $user->roles ),
369+
'locale' => get_user_locale( $user ),
370+
'avatar_urls' => rest_get_avatar_urls( $user ),
371+
);
372+
373+
if ( ! empty( $input['include_capabilities'] ) ) {
374+
$data['capabilities'] = $user->allcaps;
375+
}
376+
377+
return $data;
378+
},
379+
'permission_callback' => static function ( $input = array() ): bool {
380+
if ( ! is_user_logged_in() ) {
381+
return false;
382+
}
383+
384+
$input = is_array( $input ) ? $input : array();
385+
386+
// Determine the target user from the input identifiers.
387+
$requested_user = null;
388+
if ( isset( $input['id'] ) ) {
389+
$requested_user = get_user_by( 'id', $input['id'] );
390+
} elseif ( isset( $input['username'] ) ) {
391+
$requested_user = get_user_by( 'login', $input['username'] );
392+
} elseif ( isset( $input['email'] ) ) {
393+
$requested_user = get_user_by( 'email', $input['email'] );
394+
}
395+
396+
// Users may always view their own record.
397+
if ( $requested_user instanceof WP_User && get_current_user_id() === $requested_user->ID ) {
398+
return true;
399+
}
400+
401+
// Viewing any other user requires list_users.
402+
return current_user_can( 'list_users' );
403+
},
404+
'meta' => array(
405+
'annotations' => array(
406+
'readonly' => true,
407+
'destructive' => false,
408+
'idempotent' => true,
409+
),
410+
'show_in_rest' => true,
411+
),
412+
)
413+
);
414+
199415
wp_register_ability(
200416
'core/get-environment-info',
201417
array(

0 commit comments

Comments
 (0)