Skip to content

Eduardo Lopes - Conclusão do desafio#80

Open
elopes-sv wants to merge 2 commits intoApiki:masterfrom
elopes-sv:eduardo-lopes
Open

Eduardo Lopes - Conclusão do desafio#80
elopes-sv wants to merge 2 commits intoApiki:masterfrom
elopes-sv:eduardo-lopes

Conversation

@elopes-sv
Copy link
Copy Markdown

Resumo

Implementa um plugin WordPress orientado a objetos para favoritar e desfavoritar posts de usuários autenticados via WP REST API, com persistência em tabela própria.

O que foi feito

  • criação do arquivo principal do plugin
  • criação da classe de ativação para gerar a tabela apiki_favorites
  • criação do repository para consultar, inserir e remover favoritos
  • criação do REST controller com as rotas de favorite e unfavorite
  • validação de autenticação
  • validação de existência do post e restrição ao post type post
  • documentação de instalação, endpoints e fluxo de validação

Endpoints

  • POST /wp-json/apiki/v1/posts/<post_id>/favorite
  • DELETE /wp-json/apiki/v1/posts/<post_id>/favorite

Como validar

  1. Instalar e ativar o plugin no WordPress.
  2. Confirmar a criação da tabela wp_apiki_favorites ou equivalente com o prefixo local.
  3. Executar POST /wp-json/apiki/v1/posts/<post_id>/favorite autenticado e validar 201.
  4. Repetir o POST e validar 409.
  5. Executar DELETE /wp-json/apiki/v1/posts/<post_id>/favorite e validar 200.
  6. Repetir o DELETE e validar 404.
  7. Testar sem autenticação e validar 401.
  8. Testar com post_id inexistente e validar 404.

Evidências

  • prints das respostas no Postman
image image image image image image

@elopes-sv elopes-sv changed the title feat(favorites): implementa plugin de favoritos via REST API Eduardo Lopes - Conclusão do desafio Apr 6, 2026
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 2211e47849

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

protected function get_valid_post( $post_id ) {
$post = get_post( $post_id );

if ( ! $post || 'post' !== $post->post_type ) {
Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Validate post visibility before favorite operations

get_valid_post only checks that get_post returns a post type, but get_post can return private/draft posts even when the current user is not allowed to read them. In practice, any authenticated user can favorite/unfavorite non-public posts and infer their existence from the response code (404 vs 201/409/200). Add a permission/status check (for example current_user_can( 'read_post', $post_id ) or equivalent visibility logic) before treating the post as valid.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant