I'm trying to use a REST filter to require a certain parameter is set.
Using custom taxonomies and custom posts I've been able to make it so when I request
/wp-json/wp/v2/car?visible_to=123
That the only Cars that come back are ones with a visible_to taxonomy of 123.
However when someone asks for
/wp-json/wp/v2/car
I want to throw an error, saying that ?visible_to needs to be set.
I've tried hooking into rest_index, rest_pre_dispatch, and some others. Each only fires when I have ?visible_to set in the URL, without them the hooks don't fire.
For example, I would expect this to fire on every REST request
add_filter( 'rest_pre_dispatch','to_limit_access', 1, 3);
function to_limit_access($args, $request, $context) {
return new WP_Error( 'rest_disabled', __( 'The REST API is disabled on this site.' ), array( 'status' => 404 ) );
}
But it will only return a WP_Error on
/wp-json/wp/v2/car?visible_to=123
Both
/wp-json/wp/v2/car
And
/wp-json/wp/v2/car/6
Run without that filter being hit.
Can someone explain why this would be the case and what I can do to avoid it?
I've also tried specific filters like rest_prepare_car but I couldn't get it to fire at all.
I'm trying to use a REST filter to require a certain parameter is set.
Using custom taxonomies and custom posts I've been able to make it so when I request
/wp-json/wp/v2/car?visible_to=123
That the only Cars that come back are ones with a visible_to taxonomy of 123.
However when someone asks for
/wp-json/wp/v2/car
I want to throw an error, saying that ?visible_to needs to be set.
I've tried hooking into rest_index, rest_pre_dispatch, and some others. Each only fires when I have ?visible_to set in the URL, without them the hooks don't fire.
For example, I would expect this to fire on every REST request
add_filter( 'rest_pre_dispatch','to_limit_access', 1, 3);
function to_limit_access($args, $request, $context) {
return new WP_Error( 'rest_disabled', __( 'The REST API is disabled on this site.' ), array( 'status' => 404 ) );
}
But it will only return a WP_Error on
/wp-json/wp/v2/car?visible_to=123
Both
/wp-json/wp/v2/car
And
/wp-json/wp/v2/car/6
Run without that filter being hit.
Can someone explain why this would be the case and what I can do to avoid it?
I've also tried specific filters like rest_prepare_car but I couldn't get it to fire at all.
2 Answers
Reset to default 1If you want a parameter to be required for a post type's REST API endpoint you can use the rest_{$this->post_type}_collection_params filter to filter the $args of the GET endpoint:
add_filter(
'rest_car_collection_params',
function( array $query_params ) {
$query_params['visible_to']['required'] = true;
return $query_params;
}
);
In turns out we had a caching plugin enabled that was getting in the way of some requests but not others, leading to this inconsistency.