Press Permit Pro now includes preliminary support for the new WordPress REST API. This provides a direct http interface to WordPress data, allowing for a decoupled architecture which appears to be the future of WordPress and much of the web. Although the current WordPress release (4.4) does not actually implement this API, you can activate the REST API (version 2) plugin to activate the endpoints to make it work. These are presumably similar to the default endpoints which will be included in WordPress 4.5.
Press Permit Pro development and testing to date has been against the REST API 2.0-beta9 plugin. Filtered data includes Posts, Terms and Post / Term relationships accessed through the standard WP_REST_Posts_Controller, WP_REST_Terms_Controller and WP_REST_Posts_Terms_Controller endpoints. Retrieval, creation, editing and deletion of this content is filtered and regulated to match your site’s normal front end and wp-admin access. For testing, I used the Postman extension for Chrome. I couldn’t get the user authentication working in a reasonable time, so I just implemented my own temporary authentication based on an http argument.
Here are a few notes on implementation:
In the current beta version of REST API, to remove post terms you must pass the force argument:
When using the REST API to retrieve posts or terms, the default behavior is to treat it as a “front end” result set. All readable items are returned. To allow for voluntary “What you see is what you can edit” filtering, I have implemented the following nonstandard http argument: operation.
To return editable pages:
To return assignable categories:
To return manageable categories: