[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

Search

title

Body

[close]

/wp-includes/ -> abilities-api.php (source)

   1  <?php
   2  /**
   3   * Abilities API: core functions for registering and managing abilities.
   4   *
   5   * The Abilities API provides a unified, extensible framework for registering
   6   * and executing discrete capabilities within WordPress. An "ability" is a
   7   * self-contained unit of functionality with defined inputs, outputs, permissions,
   8   * and execution logic.
   9   *
  10   * ## Overview
  11   *
  12   * The Abilities API enables developers to:
  13   *
  14   *  - Register custom abilities with standardized interfaces.
  15   *  - Define permission checks and execution callbacks.
  16   *  - Organize abilities into logical categories.
  17   *  - Validate inputs and outputs using JSON Schema.
  18   *  - Expose abilities through the REST API.
  19   *
  20   * ## Working with Abilities
  21   *
  22   * Abilities must be registered on the `wp_abilities_api_init` action hook.
  23   * Attempting to register an ability outside of this hook will fail and
  24   * trigger a `_doing_it_wrong()` notice.
  25  
  26   * Example:
  27   *
  28   *     function my_plugin_register_abilities(): void {
  29   *         wp_register_ability(
  30   *             'my-plugin/export-users',
  31   *             array(
  32   *                 'label'               => __( 'Export Users', 'my-plugin' ),
  33   *                 'description'         => __( 'Exports user data to CSV format.', 'my-plugin' ),
  34   *                 'category'            => 'data-export',
  35   *                 'execute_callback'    => 'my_plugin_export_users',
  36   *                 'permission_callback' => function(): bool {
  37   *                     return current_user_can( 'export' );
  38   *                 },
  39   *                 'input_schema'        => array(
  40   *                     'type'        => 'string',
  41   *                     'enum'        => array( 'subscriber', 'contributor', 'author', 'editor', 'administrator' ),
  42   *                     'description' => __( 'Limits the export to users with this role.', 'my-plugin' ),
  43   *                     'required'    => false,
  44   *                 ),
  45   *                 'output_schema'       => array(
  46   *                     'type'        => 'string',
  47   *                     'description' => __( 'User data in CSV format.', 'my-plugin' ),
  48   *                     'required'    => true,
  49   *                 ),
  50   *                 'meta'                => array(
  51   *                     'show_in_rest' => true,
  52   *                 ),
  53   *             )
  54   *         );
  55   *     }
  56   *     add_action( 'wp_abilities_api_init', 'my_plugin_register_abilities' );
  57   *
  58   * Once registered, abilities can be checked, retrieved, and managed:
  59   *
  60   *     // Checks if an ability is registered, and prints its label.
  61   *     if ( wp_has_ability( 'my-plugin/export-users' ) ) {
  62   *         $ability = wp_get_ability( 'my-plugin/export-users' );
  63   *
  64   *         echo $ability->get_label();
  65   *     }
  66   *
  67   *     // Gets all registered abilities.
  68   *     $all_abilities = wp_get_abilities();
  69   *
  70   *     // Unregisters when no longer needed.
  71   *     wp_unregister_ability( 'my-plugin/export-users' );
  72   *
  73   * ## Best Practices
  74   *
  75   *  - Always register abilities on the `wp_abilities_api_init` hook.
  76   *  - Use namespaced ability names to prevent conflicts.
  77   *  - Implement robust permission checks in permission callbacks.
  78   *  - Provide an `input_schema` to ensure data integrity and document expected inputs.
  79   *  - Define an `output_schema` to describe return values and validate responses.
  80   *  - Return `WP_Error` objects for failures rather than throwing exceptions.
  81   *  - Use internationalization functions for all user-facing strings.
  82   *
  83   * @package WordPress
  84   * @subpackage Abilities_API
  85   * @since 6.9.0
  86   */
  87  
  88  declare( strict_types = 1 );
  89  
  90  /**
  91   * Registers a new ability using the Abilities API. It requires three steps:
  92   *
  93   *  1. Hook into the `wp_abilities_api_init` action.
  94   *  2. Call `wp_register_ability()` with a namespaced name and configuration.
  95   *  3. Provide execute and permission callbacks.
  96   *
  97   * Example:
  98   *
  99   *     function my_plugin_register_abilities(): void {
 100   *         wp_register_ability(
 101   *             'my-plugin/analyze-text',
 102   *             array(
 103   *                 'label'               => __( 'Analyze Text', 'my-plugin' ),
 104   *                 'description'         => __( 'Performs sentiment analysis on provided text.', 'my-plugin' ),
 105   *                 'category'            => 'text-processing',
 106   *                 'input_schema'        => array(
 107   *                     'type'        => 'string',
 108   *                     'description' => __( 'The text to be analyzed.', 'my-plugin' ),
 109   *                     'minLength'   => 10,
 110   *                     'required'    => true,
 111   *                 ),
 112   *                 'output_schema'       => array(
 113   *                     'type'        => 'string',
 114   *                     'enum'        => array( 'positive', 'negative', 'neutral' ),
 115   *                     'description' => __( 'The sentiment result: positive, negative, or neutral.', 'my-plugin' ),
 116   *                     'required'    => true,
 117   *                 ),
 118   *                 'execute_callback'    => 'my_plugin_analyze_text',
 119   *                 'permission_callback' => 'my_plugin_can_analyze_text',
 120   *                 'meta'                => array(
 121   *                     'annotations'   => array(
 122   *                         'readonly' => true,
 123   *                     ),
 124   *                     'show_in_rest' => true,
 125   *                 ),
 126   *             )
 127   *         );
 128   *     }
 129   *     add_action( 'wp_abilities_api_init', 'my_plugin_register_abilities' );
 130   *
 131   * ### Naming Conventions
 132   *
 133   * Ability names must follow these rules:
 134   *
 135   *  - Include a namespace prefix (e.g., `my-plugin/my-ability`).
 136   *  - Use only lowercase alphanumeric characters, dashes, and forward slashes.
 137   *  - Use descriptive, action-oriented names (e.g., `process-payment`, `generate-report`).
 138   *
 139   * ### Categories
 140   *
 141   * Abilities must be organized into categories. Ability categories provide better
 142   * discoverability and must be registered before the abilities that reference them:
 143   *
 144   *     function my_plugin_register_categories(): void {
 145   *         wp_register_ability_category(
 146   *             'text-processing',
 147   *             array(
 148   *                 'label'       => __( 'Text Processing', 'my-plugin' ),
 149   *                 'description' => __( 'Abilities for analyzing and transforming text.', 'my-plugin' ),
 150   *             )
 151   *         );
 152   *     }
 153   *     add_action( 'wp_abilities_api_categories_init', 'my_plugin_register_categories' );
 154   *
 155   * ### Input and Output Schemas
 156   *
 157   * Schemas define the expected structure, type, and constraints for ability inputs
 158   * and outputs using JSON Schema syntax. They serve two critical purposes: automatic
 159   * validation of data passed to and returned from abilities, and self-documenting
 160   * API contracts for developers.
 161   *
 162   * WordPress implements a validator based on a subset of the JSON Schema Version 4
 163   * specification (https://json-schema.org/specification-links.html#draft-4).
 164   * For details on supported JSON Schema properties and syntax, see the
 165   * related WordPress REST API Schema documentation:
 166   * https://developer.wordpress.org/rest-api/extending-the-rest-api/schema/#json-schema-basics
 167   *
 168   * Defining schemas is mandatory when there is a value to pass or return.
 169   * They ensure data integrity, improve developer experience, and enable
 170   * better documentation:
 171   *
 172   *     'input_schema' => array(
 173   *         'type'        => 'string',
 174   *         'description' => __( 'The text to be analyzed.', 'my-plugin' ),
 175   *         'minLength'   => 10,
 176   *         'required'    => true,
 177   *     ),
 178   *     'output_schema'       => array(
 179   *         'type'        => 'string',
 180   *         'enum'        => array( 'positive', 'negative', 'neutral' ),
 181   *         'description' => __( 'The sentiment result: positive, negative, or neutral.', 'my-plugin' ),
 182   *         'required'    => true,
 183   *     ),
 184   *
 185   * ### Callbacks
 186   *
 187   * #### Execute Callback
 188   *
 189   * The execute callback performs the ability's core functionality. It receives
 190   * optional input data and returns either a result or `WP_Error` on failure.
 191   *
 192   *     function my_plugin_analyze_text( string $input ): string|WP_Error {
 193   *         $score = My_Plugin::perform_sentiment_analysis( $input );
 194   *         if ( is_wp_error( $score ) ) {
 195   *             return $score;
 196   *         }
 197   *         return My_Plugin::interpret_sentiment_score( $score );
 198   *     }
 199   *
 200   * #### Permission Callback
 201   *
 202   * The permission callback determines whether the ability can be executed.
 203   * It receives the same input as the execute callback and must return a
 204   * boolean or `WP_Error`. Common use cases include checking user capabilities,
 205   * validating API keys, or verifying system state:
 206   *
 207   *     function my_plugin_can_analyze_text( string $input ): bool|WP_Error {
 208   *         return current_user_can( 'edit_posts' );
 209   *     }
 210   *
 211   * ### REST API Integration
 212   *
 213   * Abilities can be exposed through the REST API by setting `show_in_rest`
 214   * to `true` in the meta configuration:
 215   *
 216   *     'meta' => array(
 217   *         'show_in_rest' => true,
 218   *     ),
 219   *
 220   * This allows abilities to be invoked via HTTP requests to the WordPress REST API.
 221   *
 222   * @since 6.9.0
 223   *
 224   * @see WP_Abilities_Registry::register()
 225   * @see wp_register_ability_category()
 226   * @see wp_unregister_ability()
 227   *
 228   * @param string               $name The name of the ability. Must be a namespaced string containing
 229   *                                   a prefix, e.g., `my-plugin/my-ability`. Can only contain lowercase
 230   *                                   alphanumeric characters, dashes, and forward slashes.
 231   * @param array<string, mixed> $args {
 232   *     An associative array of arguments for configuring the ability.
 233   *
 234   *     @type string               $label               Required. The human-readable label for the ability.
 235   *     @type string               $description         Required. A detailed description of what the ability does
 236   *                                                     and when it should be used.
 237   *     @type string               $category            Required. The ability category slug this ability belongs to.
 238   *                                                     The ability category must be registered via `wp_register_ability_category()`
 239   *                                                     before registering the ability.
 240   *     @type callable             $execute_callback    Required. A callback function to execute when the ability is invoked.
 241   *                                                     Receives optional mixed input data and must return either a result
 242   *                                                     value (any type) or a `WP_Error` object on failure.
 243   *     @type callable             $permission_callback Required. A callback function to check permissions before execution.
 244   *                                                     Receives optional mixed input data (same as `execute_callback`) and
 245   *                                                     must return `true`/`false` for simple checks, or `WP_Error` for
 246   *                                                     detailed error responses.
 247   *     @type array<string, mixed> $input_schema        Optional. JSON Schema definition for validating the ability's input.
 248   *                                                     Must be a valid JSON Schema object defining the structure and
 249   *                                                     constraints for input data. Used for automatic validation and
 250   *                                                     API documentation.
 251   *     @type array<string, mixed> $output_schema       Optional. JSON Schema definition for the ability's output.
 252   *                                                     Describes the structure of successful return values from
 253   *                                                     `execute_callback`. Used for documentation and validation.
 254   *     @type array<string, mixed> $meta                {
 255   *         Optional. Additional metadata for the ability.
 256   *
 257   *         @type array<string, bool|null> $annotations  {
 258   *             Optional. Semantic annotations describing the ability's behavioral characteristics.
 259   *             These annotations are hints for tooling and documentation.
 260   *
 261   *             @type bool|null $readonly    Optional. If true, the ability does not modify its environment.
 262   *             @type bool|null $destructive Optional. If true, the ability may perform destructive updates to its environment.
 263   *                                          If false, the ability performs only additive updates.
 264   *             @type bool|null $idempotent  Optional. If true, calling the ability repeatedly with the same arguments
 265   *                                          will have no additional effect on its environment.
 266   *         }
 267   *         @type bool                     $show_in_rest Optional. Whether to expose this ability in the REST API.
 268   *                                                      When true, the ability can be invoked via HTTP requests.
 269   *                                                      Default false.
 270   *     }
 271   *     @type string               $ability_class       Optional. Fully-qualified custom class name to instantiate
 272   *                                                     instead of the default `WP_Ability` class. The custom class
 273   *                                                     must extend `WP_Ability`. Useful for advanced customization
 274   *                                                     of ability behavior.
 275   * }
 276   * @return WP_Ability|null The registered ability instance on success, `null` on failure.
 277   */
 278  function wp_register_ability( string $name, array $args ): ?WP_Ability {
 279      if ( ! doing_action( 'wp_abilities_api_init' ) ) {
 280          _doing_it_wrong(
 281              __FUNCTION__,
 282              sprintf(
 283                  /* translators: 1: wp_abilities_api_init, 2: string value of the ability name. */
 284                  __( 'Abilities must be registered on the %1$s action. The ability %2$s was not registered.' ),
 285                  '<code>wp_abilities_api_init</code>',
 286                  '<code>' . esc_html( $name ) . '</code>'
 287              ),
 288              '6.9.0'
 289          );
 290          return null;
 291      }
 292  
 293      $registry = WP_Abilities_Registry::get_instance();
 294      if ( null === $registry ) {
 295          return null;
 296      }
 297  
 298      return $registry->register( $name, $args );
 299  }
 300  
 301  /**
 302   * Unregisters an ability from the Abilities API.
 303   *
 304   * Removes a previously registered ability from the global registry. Use this to
 305   * disable abilities provided by other plugins or when an ability is no longer needed.
 306   *
 307   * Can be called at any time after the ability has been registered.
 308   *
 309   * Example:
 310   *
 311   *     if ( wp_has_ability( 'other-plugin/some-ability' ) ) {
 312   *         wp_unregister_ability( 'other-plugin/some-ability' );
 313   *     }
 314   *
 315   * @since 6.9.0
 316   *
 317   * @see WP_Abilities_Registry::unregister()
 318   * @see wp_register_ability()
 319   *
 320   * @param string $name The name of the ability to unregister, including namespace prefix
 321   *                     (e.g., 'my-plugin/my-ability').
 322   * @return WP_Ability|null The unregistered ability instance on success, `null` on failure.
 323   */
 324  function wp_unregister_ability( string $name ): ?WP_Ability {
 325      $registry = WP_Abilities_Registry::get_instance();
 326      if ( null === $registry ) {
 327          return null;
 328      }
 329  
 330      return $registry->unregister( $name );
 331  }
 332  
 333  /**
 334   * Checks if an ability is registered.
 335   *
 336   * Use this for conditional logic and feature detection before attempting to
 337   * retrieve or use an ability.
 338   *
 339   * Example:
 340   *
 341   *     // Displays different UI based on available abilities.
 342   *     if ( wp_has_ability( 'premium-plugin/advanced-export' ) ) {
 343   *         echo 'Export with Premium Features';
 344   *     } else {
 345   *         echo 'Basic Export';
 346   *     }
 347   *
 348   * @since 6.9.0
 349   *
 350   * @see WP_Abilities_Registry::is_registered()
 351   * @see wp_get_ability()
 352   *
 353   * @param string $name The name of the ability to check, including namespace prefix
 354   *                     (e.g., 'my-plugin/my-ability').
 355   * @return bool `true` if the ability is registered, `false` otherwise.
 356   */
 357  function wp_has_ability( string $name ): bool {
 358      $registry = WP_Abilities_Registry::get_instance();
 359      if ( null === $registry ) {
 360          return false;
 361      }
 362  
 363      return $registry->is_registered( $name );
 364  }
 365  
 366  /**
 367   * Retrieves a registered ability.
 368   *
 369   * Returns the ability instance for inspection or use. The instance provides access
 370   * to the ability's configuration, metadata, and execution methods.
 371   *
 372   * Example:
 373   *
 374   *     // Prints information about a registered ability.
 375   *     $ability = wp_get_ability( 'my-plugin/export-data' );
 376   *     if ( $ability ) {
 377   *         echo $ability->get_label() . ': ' . $ability->get_description();
 378   *     }
 379   *
 380   * @since 6.9.0
 381   *
 382   * @see WP_Abilities_Registry::get_registered()
 383   * @see wp_has_ability()
 384   *
 385   * @param string $name The name of the ability, including namespace prefix
 386   *                     (e.g., 'my-plugin/my-ability').
 387   * @return WP_Ability|null The registered ability instance, or `null` if not registered.
 388   */
 389  function wp_get_ability( string $name ): ?WP_Ability {
 390      $registry = WP_Abilities_Registry::get_instance();
 391      if ( null === $registry ) {
 392          return null;
 393      }
 394  
 395      return $registry->get_registered( $name );
 396  }
 397  
 398  /**
 399   * Retrieves registered abilities, optionally filtered by the given arguments.
 400   *
 401   * When called without arguments, returns all registered abilities. When called
 402   * with an $args array, returns only abilities that match every specified condition.
 403   *
 404   * Filtering pipeline (executed in order):
 405   *
 406   * 1. Declarative filters (`category`, `namespace`, `meta`) — per-item, AND logic between
 407   *    arg types.
 408   * 2. `item_include_callback` — per-item, caller-scoped. Return true to include, false to exclude.
 409   * 3. `wp_get_abilities_item_include` filter — per-item, ecosystem-scoped. Plugins can enforce
 410   *    universal inclusion rules regardless of what the caller passed.
 411   * 4. `result_callback` — on the full matched array, caller-scoped. Sort, slice, or reshape.
 412   * 5. `wp_get_abilities_result` filter — on the full array, ecosystem-scoped.
 413   *
 414   * Steps 1–3 run inside a single loop over the registry — no extra iteration.
 415   *
 416   * Examples:
 417   *
 418   *     // All abilities (unchanged behaviour).
 419   *     $abilities = wp_get_abilities();
 420   *
 421   *     // Filter by category.
 422   *     $abilities = wp_get_abilities( array( 'category' => 'content' ) );
 423   *
 424   *     // Filter by namespace.
 425   *     $abilities = wp_get_abilities( array( 'namespace' => 'woocommerce' ) );
 426   *
 427   *     // Filter by meta.
 428   *     $abilities = wp_get_abilities( array( 'meta' => array( 'show_in_rest' => true ) ) );
 429   *
 430   *     // Combine filters (AND logic between arg types).
 431   *     $abilities = wp_get_abilities( array(
 432   *         'category'  => 'content',
 433   *         'namespace' => 'core',
 434   *         'meta'      => array( 'show_in_rest' => true ),
 435   *     ) );
 436   *
 437   *     // Caller-scoped per-item callback.
 438   *     $abilities = wp_get_abilities( array(
 439   *         'item_include_callback' => function ( WP_Ability $ability ) {
 440   *             return current_user_can( 'manage_options' );
 441   *         },
 442   *     ) );
 443   *
 444   *     // Caller-scoped result callback (sort + paginate).
 445   *     $abilities = wp_get_abilities( array(
 446   *         'result_callback' => function ( array $abilities ) {
 447   *             usort( $abilities, fn( $a, $b ) => strcasecmp( $a->get_label(), $b->get_label() ) );
 448   *             return array_slice( $abilities, 0, 10 );
 449   *         },
 450   *     ) );
 451   *
 452   * The pipeline always runs, even when called with no arguments. This ensures that the
 453   * `wp_get_abilities_item_include` and `wp_get_abilities_result` filters always fire,
 454   * giving plugins a reliable place to enforce universal inclusion or shaping rules.
 455   * For raw, unfiltered registry data that bypasses the filter pipeline entirely, use
 456   * {@see WP_Abilities_Registry::get_all_registered()} directly.
 457   *
 458   * @since 6.9.0
 459   * @since 7.1.0 Added the `$args` parameter for filtering support.
 460   *
 461   * @see WP_Abilities_Registry::get_all_registered()
 462   *
 463   * @param array $args {
 464   *     Optional. Arguments to filter the returned abilities. Default empty array (returns all).
 465   *
 466   *     @type string          $category              Filter by category slug. Only abilities whose category
 467   *                                                  exactly matches the given slug are included.
 468   *     @type string          $namespace             Filter by ability namespace prefix. Pass the namespace
 469   *                                                  without a trailing slash, e.g. `'woocommerce'` matches
 470   *                                                  `'woocommerce/create-order'`.
 471   *     @type array           $meta                  Filter by meta key/value pairs. All conditions must
 472   *                                                  match (AND logic). Supports nested arrays for structured
 473   *                                                  meta, e.g. `array( 'mcp' => array( 'public' => true ) )`.
 474   *     @type callable        $item_include_callback Optional. A callback invoked per ability after declarative
 475   *                                                  filters. Receives a WP_Ability instance, returns bool.
 476   *                                                  Return true to include, false to exclude.
 477   *     @type callable        $result_callback       Optional. A callback invoked once on the full matched
 478   *                                                  array. Receives WP_Ability[], must return WP_Ability[].
 479   *                                                  Use for sorting, slicing, or reshaping the result.
 480   * }
 481   * @return WP_Ability[] An array of registered WP_Ability instances matching the given args,
 482   *                      keyed by ability name. Returns an empty array if no abilities are
 483   *                      registered, the registry is unavailable, or no abilities match the
 484   *                      given args.
 485   */
 486  function wp_get_abilities( array $args = array() ): array {
 487      $registry = WP_Abilities_Registry::get_instance();
 488      if ( null === $registry ) {
 489          return array();
 490      }
 491  
 492      $abilities = $registry->get_all_registered();
 493  
 494      $category              = isset( $args['category'] ) && is_string( $args['category'] ) ? $args['category'] : '';
 495      $namespace             = isset( $args['namespace'] ) && is_string( $args['namespace'] ) ? rtrim( $args['namespace'], '/' ) . '/' : '';
 496      $meta                  = isset( $args['meta'] ) && is_array( $args['meta'] ) ? $args['meta'] : array();
 497      $item_include_callback = isset( $args['item_include_callback'] ) && is_callable( $args['item_include_callback'] ) ? $args['item_include_callback'] : null;
 498      $result_callback       = isset( $args['result_callback'] ) && is_callable( $args['result_callback'] ) ? $args['result_callback'] : null;
 499  
 500      $matched = array();
 501  
 502      foreach ( $abilities as $name => $ability ) {
 503          // Step 1a: Filter by category.
 504          if ( '' !== $category && $ability->get_category() !== $category ) {
 505              continue;
 506          }
 507  
 508          // Step 1b: Filter by namespace prefix.
 509          if ( '' !== $namespace && ! str_starts_with( $ability->get_name(), $namespace ) ) {
 510              continue;
 511          }
 512  
 513          // Step 1c: Filter by meta key/value pairs (AND logic, supports nested arrays).
 514          if ( ! empty( $meta ) && ! _wp_get_abilities_match_meta( $ability->get_meta(), $meta ) ) {
 515              continue;
 516          }
 517  
 518          // Step 2: Caller-scoped per-item callback.
 519          $include = true;
 520          if ( null !== $item_include_callback ) {
 521              $include = (bool) call_user_func( $item_include_callback, $ability );
 522          }
 523  
 524          /**
 525           * Filters whether an individual ability should be included in the result set.
 526           *
 527           * Fires after the declarative filters and the caller-scoped item_include_callback.
 528           * Plugins can use this to enforce universal inclusion rules regardless of
 529           * what the caller passed in $args.
 530           *
 531           * @since 7.1.0
 532           *
 533           * @param bool       $include Whether to include the ability. Default true (after declarative filters pass).
 534           * @param WP_Ability $ability The ability instance being evaluated.
 535           * @param array      $args    The full $args array passed to wp_get_abilities().
 536           */
 537          $include = (bool) apply_filters( 'wp_get_abilities_item_include', $include, $ability, $args );
 538  
 539          if ( $include ) {
 540              $matched[ $name ] = $ability;
 541          }
 542      }
 543  
 544      // Step 4: Caller-scoped result callback.
 545      if ( null !== $result_callback ) {
 546          $matched = (array) call_user_func( $result_callback, $matched );
 547      }
 548  
 549      /**
 550       * Filters the full list of matched abilities after all per-item filtering is complete.
 551       *
 552       * Fires after the caller-scoped result_callback. Plugins can use this to sort,
 553       * paginate, or reshape the final result set universally.
 554       *
 555       * @since 7.1.0
 556       *
 557       * @param WP_Ability[] $matched The matched abilities after all filtering.
 558       * @param array        $args    The full $args array passed to wp_get_abilities().
 559       */
 560      return (array) apply_filters( 'wp_get_abilities_result', $matched, $args );
 561  }
 562  
 563  /**
 564   * Checks whether an ability's meta array matches a set of required key/value conditions.
 565   *
 566   * All conditions must match (AND logic). Supports nested arrays for structured meta,
 567   * e.g. `array( 'mcp' => array( 'public' => true ) )`.
 568   *
 569   * @since 7.1.0
 570   * @access private
 571   *
 572   * @param array $meta       The ability's meta array.
 573   * @param array $conditions The required key/value conditions to match against.
 574   * @return bool True if all conditions match, false otherwise.
 575   */
 576  function _wp_get_abilities_match_meta( array $meta, array $conditions ): bool {
 577      foreach ( $conditions as $key => $value ) {
 578          if ( ! array_key_exists( $key, $meta ) ) {
 579              return false;
 580          }
 581  
 582          if ( is_array( $value ) ) {
 583              if ( ! is_array( $meta[ $key ] ) || ! _wp_get_abilities_match_meta( $meta[ $key ], $value ) ) {
 584                  return false;
 585              }
 586          } elseif ( $meta[ $key ] !== $value ) {
 587              return false;
 588          }
 589      }
 590  
 591      return true;
 592  }
 593  
 594  /**
 595   * Registers a new ability category.
 596   *
 597   * Ability categories provide a way to organize and group related abilities for better
 598   * discoverability and management. Ability categories must be registered before abilities
 599   * that reference them.
 600   *
 601   * Ability categories must be registered on the `wp_abilities_api_categories_init` action hook.
 602   *
 603   * Example:
 604   *
 605   *     function my_plugin_register_categories() {
 606   *         wp_register_ability_category(
 607   *             'content-management',
 608   *             array(
 609   *                 'label'       => __( 'Content Management', 'my-plugin' ),
 610   *                 'description' => __( 'Abilities for managing and organizing content.', 'my-plugin' ),
 611   *             )
 612   *         );
 613   *     }
 614   *     add_action( 'wp_abilities_api_categories_init', 'my_plugin_register_categories' );
 615   *
 616   * @since 6.9.0
 617   *
 618   * @see WP_Ability_Categories_Registry::register()
 619   * @see wp_register_ability()
 620   * @see wp_unregister_ability_category()
 621   *
 622   * @param string               $slug The unique slug for the ability category. Must contain only lowercase
 623   *                                   alphanumeric characters and dashes (e.g., 'data-export').
 624   * @param array<string, mixed> $args {
 625   *     An associative array of arguments for the ability category.
 626   *
 627   *     @type string               $label       Required. The human-readable label for the ability category.
 628   *     @type string               $description Required. A description of what abilities in this category do.
 629   *     @type array<string, mixed> $meta        Optional. Additional metadata for the ability category.
 630   * }
 631   * @return WP_Ability_Category|null The registered ability category instance on success, `null` on failure.
 632   */
 633  function wp_register_ability_category( string $slug, array $args ): ?WP_Ability_Category {
 634      if ( ! doing_action( 'wp_abilities_api_categories_init' ) ) {
 635          _doing_it_wrong(
 636              __FUNCTION__,
 637              sprintf(
 638                  /* translators: 1: wp_abilities_api_categories_init, 2: ability category slug. */
 639                  __( 'Ability categories must be registered on the %1$s action. The ability category %2$s was not registered.' ),
 640                  '<code>wp_abilities_api_categories_init</code>',
 641                  '<code>' . esc_html( $slug ) . '</code>'
 642              ),
 643              '6.9.0'
 644          );
 645          return null;
 646      }
 647  
 648      $registry = WP_Ability_Categories_Registry::get_instance();
 649      if ( null === $registry ) {
 650          return null;
 651      }
 652  
 653      return $registry->register( $slug, $args );
 654  }
 655  
 656  /**
 657   * Unregisters an ability category.
 658   *
 659   * Removes a previously registered ability category from the global registry. Use this to
 660   * disable ability categories that are no longer needed.
 661   *
 662   * Can be called at any time after the ability category has been registered.
 663   *
 664   * Example:
 665   *
 666   *     if ( wp_has_ability_category( 'deprecated-category' ) ) {
 667   *         wp_unregister_ability_category( 'deprecated-category' );
 668   *     }
 669   *
 670   * @since 6.9.0
 671   *
 672   * @see WP_Ability_Categories_Registry::unregister()
 673   * @see wp_register_ability_category()
 674   *
 675   * @param string $slug The slug of the ability category to unregister.
 676   * @return WP_Ability_Category|null The unregistered ability category instance on success, `null` on failure.
 677   */
 678  function wp_unregister_ability_category( string $slug ): ?WP_Ability_Category {
 679      $registry = WP_Ability_Categories_Registry::get_instance();
 680      if ( null === $registry ) {
 681          return null;
 682      }
 683  
 684      return $registry->unregister( $slug );
 685  }
 686  
 687  /**
 688   * Checks if an ability category is registered.
 689   *
 690   * Use this for conditional logic and feature detection before attempting to
 691   * retrieve or use an ability category.
 692   *
 693   * Example:
 694   *
 695   *     // Displays different UI based on available ability categories.
 696   *     if ( wp_has_ability_category( 'premium-features' ) ) {
 697   *         echo 'Premium Features Available';
 698   *     } else {
 699   *         echo 'Standard Features';
 700   *     }
 701   *
 702   * @since 6.9.0
 703   *
 704   * @see WP_Ability_Categories_Registry::is_registered()
 705   * @see wp_get_ability_category()
 706   *
 707   * @param string $slug The slug of the ability category to check.
 708   * @return bool `true` if the ability category is registered, `false` otherwise.
 709   */
 710  function wp_has_ability_category( string $slug ): bool {
 711      $registry = WP_Ability_Categories_Registry::get_instance();
 712      if ( null === $registry ) {
 713          return false;
 714      }
 715  
 716      return $registry->is_registered( $slug );
 717  }
 718  
 719  /**
 720   * Retrieves a registered ability category.
 721   *
 722   * Returns the ability category instance for inspection or use. The instance provides access
 723   * to the ability category's configuration and metadata.
 724   *
 725   * Example:
 726   *
 727   *     // Prints information about a registered ability category.
 728   *     $ability_category = wp_get_ability_category( 'content-management' );
 729   *     if ( $ability_category ) {
 730   *         echo $ability_category->get_label() . ': ' . $ability_category->get_description();
 731   *     }
 732   *
 733   * @since 6.9.0
 734   *
 735   * @see WP_Ability_Categories_Registry::get_registered()
 736   * @see wp_has_ability_category()
 737   * @see wp_get_ability_categories()
 738   *
 739   * @param string $slug The slug of the ability category.
 740   * @return WP_Ability_Category|null The ability category instance, or `null` if not registered.
 741   */
 742  function wp_get_ability_category( string $slug ): ?WP_Ability_Category {
 743      $registry = WP_Ability_Categories_Registry::get_instance();
 744      if ( null === $registry ) {
 745          return null;
 746      }
 747  
 748      return $registry->get_registered( $slug );
 749  }
 750  
 751  /**
 752   * Retrieves all registered ability categories.
 753   *
 754   * Returns an array of all ability category instances currently registered in the system.
 755   * Use this for discovery, debugging, or building administrative interfaces.
 756   *
 757   * Example:
 758   *
 759   *     // Prints information about all available ability categories.
 760   *     $ability_categories = wp_get_ability_categories();
 761   *     foreach ( $ability_categories as $ability_category ) {
 762   *         echo $ability_category->get_label() . ': ' . $ability_category->get_description() . "\n";
 763   *     }
 764   *
 765   * @since 6.9.0
 766   *
 767   * @see WP_Ability_Categories_Registry::get_all_registered()
 768   * @see wp_get_ability_category()
 769   *
 770   * @return WP_Ability_Category[] An array of registered ability category instances. Returns an empty array
 771   *                               if no ability categories are registered or if the registry is unavailable.
 772   */
 773  function wp_get_ability_categories(): array {
 774      $registry = WP_Ability_Categories_Registry::get_instance();
 775      if ( null === $registry ) {
 776          return array();
 777      }
 778  
 779      return $registry->get_all_registered();
 780  }


Generated : Sun Jul 5 08:20:13 2026 Cross-referenced by PHPXref