extending user handling

README.md

@@ -692,6 +692,11 @@ Orderby will also accept an array of multiple identifiers.
 			overhead in generating the total count so this should only be turned on when needed.  This is 
 			automatically turned on if the 'paged' filter is used.</td>
 		</tr>
+		<tr>
+			<td>who</td>
+			<td>string</td>
+			<td>Filters to users based on a subset of roles.  Currently, only 'authors' is supported.</td>
+		</tr>
 		<tr>
 			<td>callback</td>
 			<td>string</td>

api/v1/controllers/Users.php

@@ -8,6 +8,10 @@ class UsersController {
 
 	private static $_model;
 
+	private static function get_list_users_cap() {
+		return apply_filters('thermal_list_users_cap', false);
+	}
+
 	public static function model() {
 		if ( !isset( self::$_model ) ) {
 			self::$_model = new UsersModel();
@@ -16,34 +20,26 @@ public static function model() {
 	}
 
 	public static function find( $app ) {
-		if ( !is_user_logged_in() ) {
-			$app->halt( '401', get_status_header_desc( '401' ) );
-		}
-
-		if ( !current_user_can( 'list_users' ) ) {
+		if ( ( $list_users_cap = self::get_list_users_cap() ) && !current_user_can( $list_users_cap ) ) {
 			$app->halt( '403', get_status_header_desc( '403' ) );
 		}
 
 		$found = 0;
-		$posts = array( );
+		$users = array( );
 		$request_args = $app->request()->get();
 
 		$args = self::convert_request( $request_args );
 
 		$model = self::model();
 
 		$users = $model->find( $args, $found );
-		array_walk( $posts, array( __CLASS__, 'format' ), 'read' );
+		array_walk( $users, array( __CLASS__, 'format' ), 'read' );
 
-		return empty( $request_args['no_found_rows'] ) ? compact( 'users', 'found' ) : compact( 'users' );
+		return $request_args['count_total'] ? compact( 'users', 'found' ) : compact( 'users' );
 	}
 
 	public static function findById( $app, $id ) {
-		if ( !is_user_logged_in() ) {
-			$app->halt( '401', get_status_header_desc( '401' ) );
-		}
-
-		if ( !current_user_can( 'list_users' ) && $id !== get_current_user_id() ) {
+		if ( ( $list_users_cap = self::get_list_users_cap() ) && !current_user_can( $list_users_cap ) && $id !== get_current_user_id() ) {
 			$app->halt( '403', get_status_header_desc( '403' ) );
 		}
 
@@ -97,8 +93,11 @@ public static function format( &$user, $state = 'read' ) {
 						'height' => 96,
 					)
 				),
-				'meta' => ( object ) array( )
-				) );
+				'meta' => ( object ) array(
+					'description' => get_user_meta($user->ID, 'description', true)
+					)
+				) 
+			);
 		}
 
 		$user = apply_filters_ref_array( 'thermal_user_entity', array( ( object ) $data, &$user, $state ) );
@@ -117,7 +116,8 @@ public static function convert_request( $request_args ) {
 			'orderby' => array( ),
 			'order' => array( ),
 			'in' => array( __NAMESPACE__ . '\\toArray', __NAMESPACE__ . '\\applyInt' ),
-			'include_found' => array( __NAMESPACE__ . '\\toBool' )
+			'include_found' => array( __NAMESPACE__ . '\\toBool' ),
+			'who' => array( )
 		);
 
 		//strip any nonsafe args
@@ -140,10 +140,11 @@ public static function convert_request( $request_args ) {
 			$request_args['per_page'] = MAX_USERS_PER_PAGE;
 		}
 
-		if ( empty( $request_args['paged'] ) && empty( $request_args['include_found'] ) ) {
-			$request_args['count_total'] = false;
-		}
+		$request_args['count_total'] = ! ( empty( $request_args['paged'] ) && empty( $request_args['include_found'] ) );
 
+		if ( !empty( $request_args['who']) && !in_array( $request_args['who'], array( 'authors' ) ) ) {
+			unset( $request_args['who'] );
+		}
 		return $request_args;
 	}
 

readme.txt

@@ -3,7 +3,7 @@ Contributors: voceplatforms
 Tags: thermal, JSON, API
 Requires at least: 3.5
 Tested up to: 3.5.1
-Stable tag: 0.7.7
+Stable tag: 0.8.0
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 
@@ -29,6 +29,12 @@ Thermal is the WordPress plugin that gives you the power of WP_Query in a RESTfu
 Yes. https://github.com/voceconnect/thermal-api
 
 == Changelog ==
+= 0.8.0 =
+* Made users publicly accessible
+* Added description to user's default meta
+* Added filter 'thermal_list_users_cap' to allow required cap to be set for viewing user listing
+* Fixed bug with how users were returned within index
+
 = 0.7.7 =
 * Added 'thermal_response' filter to allow modification of response object.
 

tests/APITestCase.php

@@ -22,7 +22,8 @@ protected function _getResponse( $envArgs ) {
 	}
 
 	public function setUp() {
-
+		parent::setUp();
+
 		\Slim\Slim::registerAutoloader();
 	}
 

tests/includes/bootstrap.php

@@ -4,8 +4,6 @@
  */
 
 
-require_once 'PHPUnit/Autoload.php';
-
 $config_file_path = dirname( __FILE__ ) . '/../wp-tests-config.php';
 
 /*

tests/v1/controllers/UsersTest.php

@@ -8,32 +8,125 @@
 
 class UsersControllerTest extends APITestCase {
 
+	private function getTestUserData() {
+		return array(
+			array(
+				'user_login' => 'test1_login',
+				'user_pass' => wp_generate_password(),
+				'user_email' => '[email protected]',
+				'user_nicename' => 'test1',
+				'user_url' => 'http://example.org',
+				'display_name' => 'Test User1',
+				'description' => 'Test Description',
+				'role' => 'administrator'
+			),
+			array(
+				'user_login' => 'test2_login',
+				'user_pass' => wp_generate_password(),
+				'user_email' => '[email protected]',
+				'user_nicename' => 'test2',
+				'user_url' => 'http://example.org',
+				'display_name' => 'Test User2',
+				'description' => 'Test Description',
+				'role' => 'editor'
+			),
+			array(
+				'user_login' => 'test3_login',
+				'user_pass' => wp_generate_password(),
+				'user_email' => '[email protected]',
+				'user_nicename' => 'test3',
+				'user_url' => 'http://example.org',
+				'display_name' => 'Test User3',
+				'description' => 'Test Description',
+				'role' => 'author'
+			),
+			array(
+				'user_login' => 'test4_login',
+				'user_pass' => wp_generate_password(),
+				'user_email' => '[email protected]',
+				'user_nicename' => 'test4',
+				'user_url' => 'http://example.org',
+				'display_name' => 'Test User4',
+				'description' => 'Test Description',
+				'role' => 'subscriber'
+			),
+		);
+	}
+
 	public function testGetUsers() {
+
+		$user = array_shift($this->getTestUserData());
+		$user['role'] = 'subscriber';
+		$user['id'] = wp_insert_user($user);
+
 		list($status, $headers, $body) = $this->_getResponse( array(
 			'REQUEST_METHOD' => 'GET',
 			'PATH_INFO' => Voce\Thermal\get_api_base() . 'v1/users/',
-			'QUERY_STRING' => '',
+			'QUERY_STRING' => 'who=authors',
 			) );
 
 		$data = json_decode( $body );
-		$this->assertEquals('401', $status);
+		$this->assertEquals( '200', $status );
+		$this->assertInternalType( 'object', $data );
+		$this->assertObjectHasAttribute( 'users', $data );
+		$this->assertInternalType( 'array', $data->users );
+		$this->assertGreaterThanOrEqual( 1, count( $data->users ) );
+		$this->assertObjectNotHasAttribute( 'found', $data );
+
+		//clean up
+		wp_delete_user($user['id']);
 	}
-	
+
 	public function testGetUser() {
-		$user_id = wp_insert_user(array(
-			'user_login' => 'test_get_user',
-		));
-		if(is_wp_error($user_id)) {
-			$user_id = get_user_by('login', 'test_get_user')->ID;
-		}
-
+		$user = array_shift($this->getTestUserData());
+		$user['role'] = 'editor';
+		$user['id'] = wp_insert_user($user);
+
 		list($status, $headers, $body) = $this->_getResponse( array(
 			'REQUEST_METHOD' => 'GET',
-			'PATH_INFO' => Voce\Thermal\get_api_base() . 'v1/users/' . $user_id,
+			'PATH_INFO' => Voce\Thermal\get_api_base() . 'v1/users/' . $user['id'],
 			'QUERY_STRING' => '',
 			) );
 
 		$data = json_decode( $body );
-		$this->assertEquals('401', $status);
+
+		$this->assertEquals( '200', $status );
+		$this->assertInternalType( 'object', $data );
+
+		$this->assertObjectHasAttribute('id', $data );
+		$this->assertInternalType( 'int', $data->id );
+		$this->assertEquals( $user['id'], $data->id );
+
+		$this->assertObjectHasAttribute('id_str', $data );
+		$this->assertInternalType( 'string', $data->id_str );
+		$this->assertEquals( (string) $user['id'], $data->id_str );
+
+		$this->assertObjectHasAttribute('nicename', $data );
+		$this->assertInternalType( 'string', $data->nicename);
+		$this->assertEquals( $user['user_nicename'], $data->nicename );
+
+		$this->assertObjectHasAttribute('display_name', $data );
+		$this->assertInternalType( 'string', $data->display_name );
+		$this->assertEquals( $user['display_name'], $data->display_name );
+
+		$this->assertObjectHasAttribute('user_url', $data );
+		$this->assertInternalType( 'string', $data->user_url );
+		$this->assertEquals( $user['user_url'], $data->user_url );
+
+		$this->assertObjectHasAttribute('posts_url', $data );
+		$this->assertInternalType( 'string', $data->posts_url );
+
+		$this->assertObjectHasAttribute('avatar', $data );
+		$this->assertInternalType( 'array', $data->avatar );
+
+		$this->assertObjectHasAttribute('meta', $data );
+		$this->assertInternalType( 'object', $data->meta );
+
+		$data = json_decode( $body );
+
+		//clean up
+		wp_delete_user($user['id']);
 	}
 }
+
+

thermal-api.php

@@ -2,7 +2,7 @@
 
 /*
   Plugin Name: Thermal API
-  Version:     0.7.7
+  Version:     0.8.0
   Plugin URI:  http://thermal-api.com/
   Description: The power of WP_Query in a RESTful API.
   Author:      Voce Platforms