Font Library: font family and font uploads capability checks

[creativecoder]

What?

Fixes https://github.com/WordPress/gutenberg/issues/55280

• Adds a meta capability for uploading fonts
• Adds an editor setting that enables/disables font uploads
• Adds capability checks in the Font Library UI for creating/installing fonts, uploading font files, and deleting fonts

Combines approaches from https://github.com/WordPress/gutenberg/pull/58957 and https://github.com/WordPress/gutenberg/pull/59104

Note that in the future, it should be possible to create/install fonts from a collection without uploading a font file to the site, as font-faces support using an existing url as the src. The font could be loaded from a CDN provided by the collection. Or a plugin could provide bundled fonts that don't need the font files to be uploaded to the site because they're included with the plugin. See https://github.com/WordPress/gutenberg/issues/58229.

For this reason, font upload and font creation capabilities are separate, so that it's possible to install a font without the ability to upload font files.

Why?

• Ensures that customizing capabilities for font post types is reflected in the UI
• Respects the DISALLOW_FILE_MODS constant to prevent font uploads for sites that don't allow file modification

How?

• Adds an upload_fonts meta capability that's tied to DISALLOW_FILE_MODS/wp_is_file_mod_allowed
• Checks the upload_fonts capability before allowing font file uploads on the font-faces endpoint
• Adds a fontUploadsEnabled setting the site editor that checks the upload_fonts capability
• Hides font uploads and font collections tabs in the font library when the user does not have the capability to upload or create fonts
• Hides the delete button when the user does not have the capability to delete fonts

Testing Instructions

IMPORTANT: Test with WP 6.4 to ensure you are running the Gutenberg code from this PR

Test with DISALLOW_FILE_MODS

• Add define( 'DISALLOW_FILE_MODS', true ); in wp-config.php
• In the font library, you should not see the "Upload" or "Install Fonts" tabs
• If you create a font that includes a font file, it will error (POST wp/v2/font-families/<id>/font-faces)

Test with custom permissions

Add the following to your site

add_filter( 'register_post_type_args', function( $args, $post_type ) {
	if ( $post_type === 'wp_font_family' ) {
		$args['capabilities']['create_posts'] = 'do_not_allow';
		$args['capabilities']['delete_published_posts'] = 'do_not_allow';
	}
	return $args;
}, 10, 2 );

• In the font library, you should not see the "Upload" or "Install Fonts" tabs
• For fonts that are already installed, you should not see a "Delete" button

[github-actions[bot]]

The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the props-bot label.

If you're merging code through a pull request on GitHub, copy and paste the following into the bottom of the merge commit message.

Co-authored-by: creativecoder <[email protected]>
Co-authored-by: matiasbenedetto <[email protected]>
Co-authored-by: anton-vlasenko <[email protected]>
Co-authored-by: peterwilsoncc <[email protected]>
Co-authored-by: swissspidy <[email protected]>
Co-authored-by: mikachan <[email protected]>
Co-authored-by: felixarntz <[email protected]>
Co-authored-by: azaozz <[email protected]>
Co-authored-by: jasmussen <[email protected]>
Co-authored-by: hellofromtonya <[email protected]>
Co-authored-by: jffng <[email protected]>
Co-authored-by: getdave <[email protected]>
Co-authored-by: joemcgill <[email protected]>
Co-authored-by: mtias <[email protected]>
Co-authored-by: aaronjorbin <[email protected]>

To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook.

[github-actions[bot]]

This pull request has changed or added PHP files. Please confirm whether these changes need to be synced to WordPress Core, and therefore featured in the next release of WordPress.

If so, it is recommended to create a new Trac ticket and submit a pull request to the WordPress Core Github repository soon after this pull request is merged.

If you're unsure, you can always ask for help in the #core-editor channel in WordPress Slack.

Thank you! :heart:

View changed files

:grey_question: phpunit/tests/fonts/font-library/deleteFontPostMetaCaps.php
:grey_question: phpunit/tests/fonts/font-library/maybeGrantUploadFontCap.php
:grey_question: lib/compat/wordpress-6.5/fonts/class-wp-rest-font-faces-controller.php
:grey_question: lib/compat/wordpress-6.5/fonts/fonts.php

[github-actions[bot]]

Size Change: +383 B (0%)

Total Size: 1.71 MB

Filename	Size	Change
build/block-editor/content-rtl.css	4.36 kB	+6 B (0%)
build/block-editor/content.css	4.36 kB	+6 B (0%)
build/block-editor/index.min.js	250 kB	+137 B (0%)
build/block-editor/style-rtl.css	15.5 kB	+33 B (0%)
build/block-editor/style.css	15.5 kB	+33 B (0%)
build/data/index.min.js	8.95 kB	+12 B (0%)
build/edit-site/index.min.js	214 kB	+149 B (0%)
build/edit-site/style-rtl.css	15.3 kB	+1 B (0%)
build/edit-site/style.css	15.3 kB	+1 B (0%)
build/editor/index.min.js	63.9 kB	+5 B (0%)

ℹ️ View Unchanged

Filename	Size
build/a11y/index.min.js	955 B
build/annotations/index.min.js	2.69 kB
build/api-fetch/index.min.js	2.32 kB
build/autop/index.min.js	2.1 kB
build/blob/index.min.js	578 B
build/block-directory/index.min.js	7.22 kB
build/block-directory/style-rtl.css	1.02 kB
build/block-directory/style.css	1.02 kB
build/block-editor/default-editor-styles-rtl.css	381 B
build/block-editor/default-editor-styles.css	381 B
build/block-library/blocks/archives/editor-rtl.css	61 B
build/block-library/blocks/archives/editor.css	60 B
build/block-library/blocks/archives/style-rtl.css	90 B
build/block-library/blocks/archives/style.css	90 B
build/block-library/blocks/audio/editor-rtl.css	150 B
build/block-library/blocks/audio/editor.css	150 B
build/block-library/blocks/audio/style-rtl.css	122 B
build/block-library/blocks/audio/style.css	122 B
build/block-library/blocks/audio/theme-rtl.css	126 B
build/block-library/blocks/audio/theme.css	126 B
build/block-library/blocks/avatar/editor-rtl.css	116 B
build/block-library/blocks/avatar/editor.css	116 B
build/block-library/blocks/avatar/style-rtl.css	104 B
build/block-library/blocks/avatar/style.css	104 B
build/block-library/blocks/block/editor-rtl.css	305 B
build/block-library/blocks/block/editor.css	305 B
build/block-library/blocks/button/editor-rtl.css	415 B
build/block-library/blocks/button/editor.css	414 B
build/block-library/blocks/button/style-rtl.css	627 B
build/block-library/blocks/button/style.css	626 B
build/block-library/blocks/buttons/editor-rtl.css	337 B
build/block-library/blocks/buttons/editor.css	337 B
build/block-library/blocks/buttons/style-rtl.css	332 B
build/block-library/blocks/buttons/style.css	332 B
build/block-library/blocks/calendar/style-rtl.css	239 B
build/block-library/blocks/calendar/style.css	239 B
build/block-library/blocks/categories/editor-rtl.css	113 B
build/block-library/blocks/categories/editor.css	112 B
build/block-library/blocks/categories/style-rtl.css	124 B
build/block-library/blocks/categories/style.css	124 B
build/block-library/blocks/code/editor-rtl.css	53 B
build/block-library/blocks/code/editor.css	53 B
build/block-library/blocks/code/style-rtl.css	121 B
build/block-library/blocks/code/style.css	121 B
build/block-library/blocks/code/theme-rtl.css	124 B
build/block-library/blocks/code/theme.css	124 B
build/block-library/blocks/columns/editor-rtl.css	108 B
build/block-library/blocks/columns/editor.css	108 B
build/block-library/blocks/columns/style-rtl.css	421 B
build/block-library/blocks/columns/style.css	421 B
build/block-library/blocks/comment-author-avatar/editor-rtl.css	125 B
build/block-library/blocks/comment-author-avatar/editor.css	125 B
build/block-library/blocks/comment-content/style-rtl.css	92 B
build/block-library/blocks/comment-content/style.css	92 B
build/block-library/blocks/comment-template/style-rtl.css	199 B
build/block-library/blocks/comment-template/style.css	198 B
build/block-library/blocks/comments-pagination-numbers/editor-rtl.css	123 B
build/block-library/blocks/comments-pagination-numbers/editor.css	121 B
build/block-library/blocks/comments-pagination/editor-rtl.css	222 B
build/block-library/blocks/comments-pagination/editor.css	209 B
build/block-library/blocks/comments-pagination/style-rtl.css	235 B
build/block-library/blocks/comments-pagination/style.css	231 B
build/block-library/blocks/comments-title/editor-rtl.css	75 B
build/block-library/blocks/comments-title/editor.css	75 B
build/block-library/blocks/comments/editor-rtl.css	840 B
build/block-library/blocks/comments/editor.css	839 B
build/block-library/blocks/comments/style-rtl.css	637 B
build/block-library/blocks/comments/style.css	636 B
build/block-library/blocks/cover/editor-rtl.css	647 B
build/block-library/blocks/cover/editor.css	650 B
build/block-library/blocks/cover/style-rtl.css	1.69 kB
build/block-library/blocks/cover/style.css	1.68 kB
build/block-library/blocks/details/editor-rtl.css	65 B
build/block-library/blocks/details/editor.css	65 B
build/block-library/blocks/details/style-rtl.css	98 B
build/block-library/blocks/details/style.css	98 B
build/block-library/blocks/embed/editor-rtl.css	322 B
build/block-library/blocks/embed/editor.css	322 B
build/block-library/blocks/embed/style-rtl.css	410 B
build/block-library/blocks/embed/style.css	410 B
build/block-library/blocks/embed/theme-rtl.css	126 B
build/block-library/blocks/embed/theme.css	126 B
build/block-library/blocks/file/editor-rtl.css	316 B
build/block-library/blocks/file/editor.css	316 B
build/block-library/blocks/file/style-rtl.css	280 B
build/block-library/blocks/file/style.css	281 B
build/block-library/blocks/file/view.min.js	324 B
build/block-library/blocks/footnotes/style-rtl.css	201 B
build/block-library/blocks/footnotes/style.css	199 B
build/block-library/blocks/form-input/editor-rtl.css	227 B
build/block-library/blocks/form-input/editor.css	227 B
build/block-library/blocks/form-input/style-rtl.css	343 B
build/block-library/blocks/form-input/style.css	343 B
build/block-library/blocks/form-submission-notification/editor-rtl.css	340 B
build/block-library/blocks/form-submission-notification/editor.css	340 B
build/block-library/blocks/form-submit-button/style-rtl.css	69 B
build/block-library/blocks/form-submit-button/style.css	69 B
build/block-library/blocks/form/view.min.js	471 B
build/block-library/blocks/freeform/editor-rtl.css	2.61 kB
build/block-library/blocks/freeform/editor.css	2.61 kB
build/block-library/blocks/gallery/editor-rtl.css	947 B
build/block-library/blocks/gallery/editor.css	952 B
build/block-library/blocks/gallery/style-rtl.css	1.72 kB
build/block-library/blocks/gallery/style.css	1.72 kB
build/block-library/blocks/gallery/theme-rtl.css	108 B
build/block-library/blocks/gallery/theme.css	108 B
build/block-library/blocks/group/editor-rtl.css	647 B
build/block-library/blocks/group/editor.css	647 B
build/block-library/blocks/group/style-rtl.css	57 B
build/block-library/blocks/group/style.css	57 B
build/block-library/blocks/group/theme-rtl.css	78 B
build/block-library/blocks/group/theme.css	78 B
build/block-library/blocks/heading/style-rtl.css	189 B
build/block-library/blocks/heading/style.css	189 B
build/block-library/blocks/html/editor-rtl.css	336 B
build/block-library/blocks/html/editor.css	337 B
build/block-library/blocks/image/editor-rtl.css	894 B
build/block-library/blocks/image/editor.css	893 B
build/block-library/blocks/image/style-rtl.css	1.6 kB
build/block-library/blocks/image/style.css	1.59 kB
build/block-library/blocks/image/theme-rtl.css	126 B
build/block-library/blocks/image/theme.css	126 B
build/block-library/blocks/image/view.min.js	1.54 kB
build/block-library/blocks/latest-comments/style-rtl.css	357 B
build/block-library/blocks/latest-comments/style.css	357 B
build/block-library/blocks/latest-posts/editor-rtl.css	213 B
build/block-library/blocks/latest-posts/editor.css	212 B
build/block-library/blocks/latest-posts/style-rtl.css	478 B
build/block-library/blocks/latest-posts/style.css	478 B
build/block-library/blocks/list/style-rtl.css	88 B
build/block-library/blocks/list/style.css	88 B
build/block-library/blocks/media-text/editor-rtl.css	266 B
build/block-library/blocks/media-text/editor.css	263 B
build/block-library/blocks/media-text/style-rtl.css	505 B
build/block-library/blocks/media-text/style.css	503 B
build/block-library/blocks/more/editor-rtl.css	431 B
build/block-library/blocks/more/editor.css	431 B
build/block-library/blocks/navigation-link/editor-rtl.css	668 B
build/block-library/blocks/navigation-link/editor.css	669 B
build/block-library/blocks/navigation-link/style-rtl.css	259 B
build/block-library/blocks/navigation-link/style.css	257 B
build/block-library/blocks/navigation-submenu/editor-rtl.css	296 B
build/block-library/blocks/navigation-submenu/editor.css	295 B
build/block-library/blocks/navigation/editor-rtl.css	2.26 kB
build/block-library/blocks/navigation/editor.css	2.26 kB
build/block-library/blocks/navigation/style-rtl.css	2.26 kB
build/block-library/blocks/navigation/style.css	2.25 kB
build/block-library/blocks/navigation/view.min.js	1.02 kB
build/block-library/blocks/nextpage/editor-rtl.css	395 B
build/block-library/blocks/nextpage/editor.css	395 B
build/block-library/blocks/page-list/editor-rtl.css	377 B
build/block-library/blocks/page-list/editor.css	377 B
build/block-library/blocks/page-list/style-rtl.css	175 B
build/block-library/blocks/page-list/style.css	175 B
build/block-library/blocks/paragraph/editor-rtl.css	235 B
build/block-library/blocks/paragraph/editor.css	235 B
build/block-library/blocks/paragraph/style-rtl.css	335 B
build/block-library/blocks/paragraph/style.css	335 B
build/block-library/blocks/post-author/style-rtl.css	175 B
build/block-library/blocks/post-author/style.css	176 B
build/block-library/blocks/post-comments-form/editor-rtl.css	96 B
build/block-library/blocks/post-comments-form/editor.css	96 B
build/block-library/blocks/post-comments-form/style-rtl.css	508 B
build/block-library/blocks/post-comments-form/style.css	508 B
build/block-library/blocks/post-content/editor-rtl.css	74 B
build/block-library/blocks/post-content/editor.css	74 B
build/block-library/blocks/post-date/style-rtl.css	61 B
build/block-library/blocks/post-date/style.css	61 B
build/block-library/blocks/post-excerpt/editor-rtl.css	71 B
build/block-library/blocks/post-excerpt/editor.css	71 B
build/block-library/blocks/post-excerpt/style-rtl.css	141 B
build/block-library/blocks/post-excerpt/style.css	141 B
build/block-library/blocks/post-featured-image/editor-rtl.css	666 B
build/block-library/blocks/post-featured-image/editor.css	662 B
build/block-library/blocks/post-featured-image/style-rtl.css	342 B
build/block-library/blocks/post-featured-image/style.css	342 B
build/block-library/blocks/post-navigation-link/style-rtl.css	215 B
build/block-library/blocks/post-navigation-link/style.css	214 B
build/block-library/blocks/post-template/editor-rtl.css	99 B
build/block-library/blocks/post-template/editor.css	98 B
build/block-library/blocks/post-template/style-rtl.css	409 B
build/block-library/blocks/post-template/style.css	408 B
build/block-library/blocks/post-terms/style-rtl.css	96 B
build/block-library/blocks/post-terms/style.css	96 B
build/block-library/blocks/post-time-to-read/style-rtl.css	69 B
build/block-library/blocks/post-time-to-read/style.css	69 B
build/block-library/blocks/post-title/style-rtl.css	100 B
build/block-library/blocks/post-title/style.css	100 B
build/block-library/blocks/preformatted/style-rtl.css	125 B
build/block-library/blocks/preformatted/style.css	125 B
build/block-library/blocks/pullquote/editor-rtl.css	135 B
build/block-library/blocks/pullquote/editor.css	135 B
build/block-library/blocks/pullquote/style-rtl.css	354 B
build/block-library/blocks/pullquote/style.css	354 B
build/block-library/blocks/pullquote/theme-rtl.css	168 B
build/block-library/blocks/pullquote/theme.css	168 B
build/block-library/blocks/query-pagination-numbers/editor-rtl.css	122 B
build/block-library/blocks/query-pagination-numbers/editor.css	121 B
build/block-library/blocks/query-pagination/editor-rtl.css	221 B
build/block-library/blocks/query-pagination/editor.css	211 B
build/block-library/blocks/query-pagination/style-rtl.css	288 B
build/block-library/blocks/query-pagination/style.css	284 B
build/block-library/blocks/query-title/style-rtl.css	63 B
build/block-library/blocks/query-title/style.css	63 B
build/block-library/blocks/query/editor-rtl.css	486 B
build/block-library/blocks/query/editor.css	486 B
build/block-library/blocks/query/view.min.js	958 B
build/block-library/blocks/quote/style-rtl.css	237 B
build/block-library/blocks/quote/style.css	237 B
build/block-library/blocks/quote/theme-rtl.css	223 B
build/block-library/blocks/quote/theme.css	226 B
build/block-library/blocks/read-more/style-rtl.css	140 B
build/block-library/blocks/read-more/style.css	140 B
build/block-library/blocks/rss/editor-rtl.css	149 B
build/block-library/blocks/rss/editor.css	149 B
build/block-library/blocks/rss/style-rtl.css	289 B
build/block-library/blocks/rss/style.css	288 B
build/block-library/blocks/search/editor-rtl.css	184 B
build/block-library/blocks/search/editor.css	184 B
build/block-library/blocks/search/style-rtl.css	629 B
build/block-library/blocks/search/style.css	628 B
build/block-library/blocks/search/theme-rtl.css	114 B
build/block-library/blocks/search/theme.css	114 B
build/block-library/blocks/search/view.min.js	478 B
build/block-library/blocks/separator/editor-rtl.css	146 B
build/block-library/blocks/separator/editor.css	146 B
build/block-library/blocks/separator/style-rtl.css	229 B
build/block-library/blocks/separator/style.css	229 B
build/block-library/blocks/separator/theme-rtl.css	194 B
build/block-library/blocks/separator/theme.css	194 B
build/block-library/blocks/shortcode/editor-rtl.css	323 B
build/block-library/blocks/shortcode/editor.css	323 B
build/block-library/blocks/site-logo/editor-rtl.css	754 B
build/block-library/blocks/site-logo/editor.css	754 B
build/block-library/blocks/site-logo/style-rtl.css	204 B
build/block-library/blocks/site-logo/style.css	204 B
build/block-library/blocks/site-tagline/editor-rtl.css	86 B
build/block-library/blocks/site-tagline/editor.css	86 B
build/block-library/blocks/site-title/editor-rtl.css	116 B
build/block-library/blocks/site-title/editor.css	116 B
build/block-library/blocks/site-title/style-rtl.css	57 B
build/block-library/blocks/site-title/style.css	57 B
build/block-library/blocks/social-link/editor-rtl.css	184 B
build/block-library/blocks/social-link/editor.css	184 B
build/block-library/blocks/social-links/editor-rtl.css	682 B
build/block-library/blocks/social-links/editor.css	681 B
build/block-library/blocks/social-links/style-rtl.css	1.49 kB
build/block-library/blocks/social-links/style.css	1.48 kB
build/block-library/blocks/spacer/editor-rtl.css	350 B
build/block-library/blocks/spacer/editor.css	350 B
build/block-library/blocks/spacer/style-rtl.css	48 B
build/block-library/blocks/spacer/style.css	48 B
build/block-library/blocks/table/editor-rtl.css	395 B
build/block-library/blocks/table/editor.css	395 B
build/block-library/blocks/table/style-rtl.css	639 B
build/block-library/blocks/table/style.css	639 B
build/block-library/blocks/table/theme-rtl.css	146 B
build/block-library/blocks/table/theme.css	146 B
build/block-library/blocks/tag-cloud/style-rtl.css	251 B
build/block-library/blocks/tag-cloud/style.css	253 B
build/block-library/blocks/template-part/editor-rtl.css	403 B
build/block-library/blocks/template-part/editor.css	403 B
build/block-library/blocks/template-part/theme-rtl.css	101 B
build/block-library/blocks/template-part/theme.css	101 B
build/block-library/blocks/term-description/style-rtl.css	111 B
build/block-library/blocks/term-description/style.css	111 B
build/block-library/blocks/text-columns/editor-rtl.css	95 B
build/block-library/blocks/text-columns/editor.css	95 B
build/block-library/blocks/text-columns/style-rtl.css	166 B
build/block-library/blocks/text-columns/style.css	166 B
build/block-library/blocks/verse/style-rtl.css	99 B
build/block-library/blocks/verse/style.css	99 B
build/block-library/blocks/video/editor-rtl.css	552 B
build/block-library/blocks/video/editor.css	555 B
build/block-library/blocks/video/style-rtl.css	185 B
build/block-library/blocks/video/style.css	185 B
build/block-library/blocks/video/theme-rtl.css	126 B
build/block-library/blocks/video/theme.css	126 B
build/block-library/classic-rtl.css	179 B
build/block-library/classic.css	179 B
build/block-library/common-rtl.css	1.1 kB
build/block-library/common.css	1.1 kB
build/block-library/editor-elements-rtl.css	75 B
build/block-library/editor-elements.css	75 B
build/block-library/editor-rtl.css	12.4 kB
build/block-library/editor.css	12.3 kB
build/block-library/elements-rtl.css	54 B
build/block-library/elements.css	54 B
build/block-library/index.min.js	216 kB
build/block-library/reset-rtl.css	472 B
build/block-library/reset.css	472 B
build/block-library/style-rtl.css	14.8 kB
build/block-library/style.css	14.8 kB
build/block-library/theme-rtl.css	688 B
build/block-library/theme.css	693 B
build/block-serialization-default-parser/index.min.js	1.12 kB
build/block-serialization-spec-parser/index.min.js	2.87 kB
build/blocks/index.min.js	51.8 kB
build/commands/index.min.js	15.6 kB
build/commands/style-rtl.css	921 B
build/commands/style.css	918 B
build/components/index.min.js	223 kB
build/components/style-rtl.css	11.8 kB
build/components/style.css	11.9 kB
build/compose/index.min.js	12.6 kB
build/core-commands/index.min.js	2.77 kB
build/core-data/index.min.js	72.8 kB
build/customize-widgets/index.min.js	12.1 kB
build/customize-widgets/style-rtl.css	1.32 kB
build/customize-widgets/style.css	1.32 kB
build/data-controls/index.min.js	640 B
build/date/index.min.js	17.9 kB
build/deprecated/index.min.js	451 B
build/dom-ready/index.min.js	324 B
build/dom/index.min.js	4.65 kB
build/edit-post/classic-rtl.css	544 B
build/edit-post/classic.css	545 B
build/edit-post/index.min.js	23.8 kB
build/edit-post/style-rtl.css	5.64 kB
build/edit-post/style.css	5.63 kB
build/edit-widgets/index.min.js	17.3 kB
build/edit-widgets/style-rtl.css	4.22 kB
build/edit-widgets/style.css	4.22 kB
build/editor/style-rtl.css	5.32 kB
build/editor/style.css	5.32 kB
build/element/index.min.js	4.83 kB
build/escape-html/index.min.js	537 B
build/format-library/index.min.js	7.89 kB
build/format-library/style-rtl.css	478 B
build/format-library/style.css	477 B
build/hooks/index.min.js	1.55 kB
build/html-entities/index.min.js	448 B
build/i18n/index.min.js	3.58 kB
build/interactivity/file.min.js	447 B
build/interactivity/image.min.js	1.67 kB
build/interactivity/index.min.js	12.8 kB
build/interactivity/navigation.min.js	1.15 kB
build/interactivity/query.min.js	740 B
build/interactivity/router.min.js	1.29 kB
build/interactivity/search.min.js	618 B
build/is-shallow-equal/index.min.js	527 B
build/keyboard-shortcuts/index.min.js	1.74 kB
build/keycodes/index.min.js	1.46 kB
build/list-reusable-blocks/index.min.js	2.11 kB
build/list-reusable-blocks/style-rtl.css	836 B
build/list-reusable-blocks/style.css	836 B
build/media-utils/index.min.js	2.9 kB
build/modules/importmap-polyfill.min.js	12.2 kB
build/notices/index.min.js	948 B
build/nux/index.min.js	2 kB
build/nux/style-rtl.css	735 B
build/nux/style.css	732 B
build/patterns/index.min.js	5.78 kB
build/patterns/style-rtl.css	540 B
build/patterns/style.css	539 B
build/plugins/index.min.js	1.8 kB
build/preferences-persistence/index.min.js	2.05 kB
build/preferences/index.min.js	2.82 kB
build/preferences/style-rtl.css	698 B
build/preferences/style.css	700 B
build/primitives/index.min.js	975 B
build/priority-queue/index.min.js	1.52 kB
build/private-apis/index.min.js	1 kB
build/react-i18n/index.min.js	623 B
build/react-refresh-entry/index.min.js	9.47 kB
build/react-refresh-runtime/index.min.js	6.78 kB
build/redux-routine/index.min.js	2.7 kB
build/reusable-blocks/index.min.js	2.72 kB
build/reusable-blocks/style-rtl.css	243 B
build/reusable-blocks/style.css	243 B
build/rich-text/index.min.js	10.4 kB
build/router/index.min.js	1.79 kB
build/server-side-render/index.min.js	1.95 kB
build/shortcode/index.min.js	1.39 kB
build/style-engine/index.min.js	2.08 kB
build/token-list/index.min.js	582 B
build/url/index.min.js	3.72 kB
build/vendors/inert-polyfill.min.js	2.48 kB
build/vendors/react-dom.min.js	41.8 kB
build/vendors/react.min.js	4.02 kB
build/viewport/index.min.js	957 B
build/warning/index.min.js	249 B
build/widgets/index.min.js	7.21 kB
build/widgets/style-rtl.css	1.15 kB
build/widgets/style.css	1.16 kB
build/wordcount/index.min.js	1.02 kB

_{compressed-size-action}

[github-actions[bot]]

Flaky tests detected in efa01ec1c09d8b4ab73406dc1816146e57870eae. Some tests passed with failed attempts. The failures may not be related to this commit but are still reported for visibility. See the documentation for more information.

🔍 Workflow run URL: https://github.com/WordPress/gutenberg/actions/runs/8012036634 📝 Reported issues:

• #59007 in /test/e2e/specs/editor/blocks/navigation.spec.js
• #47732 in /test/e2e/specs/editor/blocks/navigation.spec.js
• #59008 in /test/e2e/specs/editor/blocks/navigation.spec.js
• #48033 in /test/e2e/specs/editor/blocks/navigation.spec.js

[peterwilsoncc]

For props, the following list will need to be combined with the bot's list as they contributed to earlier iterations of this PR.

Co-authored-by: youknowriad <[email protected]>
Co-authored-by: swissspidy <[email protected]>
Co-authored-by: getdave <[email protected]>
Co-authored-by: matiasbenedetto <[email protected]>

[creativecoder]

I think we should not hide the font collections tab when the user can't upload fonts. This breaks the install system fonts functionality. The font collections tabs should be displayed if the user can create font families.

In principle I agree. But the I think the current result is quite confusing. If font upload is disabled, font collections are shown, and I try to install a Google Font:

• A wp_font_family post is created successfully, to start the install process
• A child wp_font_face post is not created, and returns an error because fonts can't be uploaded
• If I go back to the Font Library tab, it looks like the font is installed, because of the wp_font_family post (which is being treated like a system font, because it doesn't have any child font faces)
• The font is now available in the typography options for blocks and global styles, but it doesn't work--the default font is shown if you select it

So I think we need to prevent or undo creating the wp_font_family post when uploads are disabled. Perhaps checking the uploads site editor option in the client before trying to create the font family post? That way we don't end up with a non-working font family installed.

[matiasbenedetto]

In principle I agree. But the I think the current result is quite confusing.

I added this commit to avoid the unwanted results https://github.com/WordPress/gutenberg/pull/59294/commits/dc57cd4c1bf1ffe96d287082aace09f8e5b040a4 it has these changes:

• Display the font collection tabs when the user can create font families.
• Hide the upload tab when the user can't write font face assets.
• Disallow the install button when the user can write font faces and the selected font has font faces.

It's looking like this with that change.

https://github.com/WordPress/gutenberg/assets/1310626/29a3b96b-7674-431a-a639-6b1ae17e99f1

The user can install system fonts, but the uploads tab is not displayed because it's unusable. Font families that have font faces can't be installed because of the button is disabled. To improve the UX maybe we could add a tooltip or another visual element to explain why the button is disabled.

What do you think?

[creativecoder]

Font families that have font faces can't be installed because of the button is disabled. To improve the UX maybe we could add a tooltip or another visual element to explain why the button is disabled.

The approach makes sense to me--prevent a font install that we know will fail. I do think we need some kind of indicator why some fonts (including all Google Fonts) can't be installed. As is, it's a bit of a UX dead end with no explanation.

cc @jasmussen -- we have a case where font uploads are disabled by site settings, so installing anything but system fonts won't work. Would appreciate your feedback on how best to communicate this in the UI.

[creativecoder]

Please hold an any further updates to the branch for the moment--I'm going to resolve conflicts with trunk.

[jasmussen]

we have a case where font uploads are disabled by site settings, so installing anything but system fonts won't work. Would appreciate your feedback on how best to communicate this in the UI.

Can you just not show the upload tab? That's how we disallow uploading of images.

If there's a dedicated URL that takes you to the upload tab, and a contributor without permissions to upload loads that URL, you can show a message, perhaps. But I'd try first just not showing the upload tab.

[creativecoder]

I've merged trunk into this branch and resolved conflicts.

[creativecoder]

Can you just not show the upload tab? That's how we disallow uploading of images.

@jasmussen

Yes, and that's what we're doing for the uploads tab.

This issue is with font collections when uploads are disabled, since the client behavior is to upload fonts to the site when installing them from a collection.

One option is to hide all font collection tabs when uploads are disabled, for now. However this would prevent any system font collections from showing, as well, and those work just fine when uploads are disabled.

So @matiasbenedetto is suggesting we continue showing font collection tabs, but disable installing non-system fonts. See the video above: https://github.com/WordPress/gutenberg/pull/59294#issuecomment-1961687845

[jasmussen]

However this would prevent any system font collections from showing, as well, and those work just fine when uploads are disabled.

I remain skeptical that this modal is a good place for system fonts in the first place, this is conceptually a file silo just like the media library is, where font collections is a separate interface that can include fonts you upload, or just fonts you know the name of. So I wouldn't let that concern be a blocker for addressing this issue. See also the discussion and mockups on this thread. Relatedly, I'm not sure #57980 is the right interface for managing these stacks. I'd even question whether a contributor role should be allowed to add font stacks to a theme, it seems like a high permission to give.

[matiasbenedetto]

this is conceptually a file silo just like the media

I'm not sure about this. I don't think the font library is just a file silo. Fonts on the web are not tied 1:1 to a file. A web font could use 0, 1, 2, or more files only to define a font face. Managing files is just one part of the tasks of the font library.

So I wouldn't let that concern be a blocker for addressing this issue

:+1: cool, thanks.

I'd even question whether a contributor role should be allowed to add font stacks to a theme, it seems like a high permission to give.

Yes, but that's not changing in this PR. Only the users with edit_theme_options (just the admins role has that permission) are allowed to install fonts of any kind, that's not changing.

[azaozz]

Sorry I'm a bit "late to the party" here, but thinking this was discussed and decided on https://github.com/WordPress/gutenberg/issues/55280. As far as I see the decision was that the edit_theme_options capability is sufficient for managing who can upload and/or install fonts.

So why is this reverted? As established on 55280 this new capability doesn't seem useful for the great majority of WP users, not sure why it has to be added to WP. If somebody thinks otherwise, please provide a logical, useful example how that capability would help the WP users, i.e. why on a regular/average WP install a user that has edit_theme_options should not be able to upload (and install?) font files, and a user that cannot edit_theme_options should be able to upload them?

Regarding the use of DISALLOW_FILE_MODS to prevent uploading of font files: I'm still not convinced this is "logical" as font files are just another type of media files that can be used on a website. True, font files are stored outside of wp-content/uploads however I don't think DISALLOW_FILE_MODS was meant to prevent uploading and using of (relatively safe) media files. It was meant to prevent modifying (and updating) of theme, plugin, and core files, and to prevent editing these highly exploitable (PHP and JS) files.

Regarding security: Font files seem less prone to exploits than PDFs and SVGs. Indeed a font file can change how a website looks, but I don't think it can be used to "deface" a website. On the other hand an inappropriate image can be used to truly "deface" a website to a great extend and even result in lawsuits, etc. Yet images can still be uploaded when DISALLOW_FILE_MODS is used. Why the inconsistent behaviour?

In these terms I'm unsure if it is a good idea for DISALLOW_FILE_MODS to prevent uploading of font files. Seems it will not be preventing use of font files from third parties/CDNs, so the behaviour will be pretty inconsistent and confusing for the users. That will also promote lesser user privacy in some cases: the users will have to use external font files (diminishing their own and their website's visitors privacy) instead of uploading the fonts locally.

[jasmussen]

I'm not sure about this. I don't think the font library is just a file silo. Fonts on the web are not tied 1:1 to a file. A web font could use 0, 1, 2, or more files only to define a font face. Managing files is just one part of the tasks of the font library.

There's room to discuss this more, of course, but it's exactly for that reason why the font library isn't where you create the stacks. It's your library of fonts. Stacks mix and match what's in the library, same reason we don't have patterns in the media library.

[creativecoder]

Sorry I'm a bit "late to the party" here, but thinking this was discussed and decided on https://github.com/WordPress/gutenberg/issues/55280. As far as I see the decision was that the edit_theme_options capability is sufficient for managing who can upload and/or install fonts.

Personally I agree on the use of edit_theme_options. I'll say more over on that issue.

[creativecoder]

Note that I've copied over the UI permissions checks into a separate PR, as they are useful whether we add a new capability or not, so I want to consider them separately.

https://github.com/WordPress/gutenberg/pull/59332

[peterwilsoncc]

Regarding the use of DISALLOW_FILE_MODS to prevent uploading of font files: I'm still not convinced this is "logical" as font files are just another type of media files that can be used on a website. True, font files are stored outside of wp-content/uploads however I don't think DISALLOW_FILE_MODS was meant to prevent uploading and using of (relatively safe) media files. It was meant to prevent modifying (and updating) of theme, plugin, and core files, and to prevent editing these highly exploitable (PHP and JS) files.

@azaozz DISALLOW_FILE_MODS is mainly used to indicate an immutable file system (such as used by WP VIP, Pantheon, Altis DXP, and no doubt elsewhere). As the font files aren't stored in the uploads folder, the files can't physically be uploaded in this circumstance.

There are filters in place to allow the font path to be modified to use the uploads folder and the file_mod_allowed filter will be able to used in conjunction with that to indicate files can be uploaded in the can_upload_fonts context.

[azaozz]

DISALLOW_FILE_MODS is mainly used to indicate an immutable file system

Right. I agree that from a "software developer" point of view respecting that constant is the right choice. My main concerns are that this results in a somewhat diminished/subpar user experience as having DISALLOW_FILE_MODS means some of the UI will have to be disabled.

As far as I see this boils down to: have a better UX and "inconvenience" some hosting companies as they will have to make a minor change to their servers settings and treat wp-content/fonts the same way as wp-content/uploads, vs. have a worse UX for all WP users whose sites are hosted by one of these hosting companies. Frankly I am a +1 for the users and -1 for the hosting companies however this is just my opinion. Happy to change it if there's something I'm missing or misunderstanding :)

[peterwilsoncc]

As far as I see this boils down to: have a better UX and "inconvenience" some hosting companies as they will have to make a minor change to their servers settings and treat wp-content/fonts the same way as wp-content/uploads, vs. have a worse UX for all WP users whose sites are hosted by one of these hosting companies. Frankly I am a +1 for the users and -1 for the hosting companies however this is just my opinion. Happy to change it if there's something I'm missing or misunderstanding :)

This is what I am trying to convey, it's not a choice that can be made now. It was decided when the decision was made to store fonts outside of the uploads folder.

For systems in which the file system is immutable, the files simply won't upload so we need to hide the UI to avoid making false promises. On systems such as WP VIP it's not simply a case of mkdir fonts; chmod ... as the files are stored on a different server.

Depending on how these servers are deployed, even if the fonts folder is writable, it may be destroyed between deploys as we've put it in an area in which the we've promised the constant applies. This could be as simple as a git clean or as complex as building a new server and swapping out the old.

Hosts will need to update their file systems, end users will need to update S3 and similar plugins. Meta data/URLs will need to be filtered, security headers modified.

[felixarntz]

FWIW even if we decide to go for the disruptive change of requiring hosts to change their setups and users to reconfigure their CDNs etc., this would be a major undertaking that would take time. As such, some sites would not be configured correctly when this feature launches.

In other words: We would need a graceful fallback no matter what, for the scenario that the folders aren't writable. If it's technically impossible to upload fonts, it's a better UX to not show the UI to upload fonts, rather than showing it but then it fails.

[hellofromtonya]

I agree with @peterwilsoncc and @felixarntz assessments. They've shared the impact and disruption to hosts, extenders, and users including:

Hosts will need to update their file systems

requiring hosts to change their setups

end users will need to update S3 and similar plugins.

Meta data/URLs will need to be filtered, security headers modified.

users to reconfigure their CDNs etc.

As @felixarntz noted, it will take time for these changes to happen and will go beyond 6.5 shipping.

So what will happen if they are required to make these changes?

If the changes are not made for those impacted, then either:

• the feature will be turned off (users won't have access to it).
• font uploads will fail (bad user experience).

I think @felixarntz summed it well:

If it's technically impossible to upload fonts, it's a better UX to not show the UI to upload fonts, rather than showing it but then it fails.

Given the major hosts @peterwilsoncc listed, IMO DISALLOW_FILE_MODS should be respected.

[azaozz]

It was decided when the decision was made to store fonts outside of the uploads folder

Yea it would have been ideal if this discussion has happened when the location of the fonts dir was being decided...

If it's technically impossible to upload fonts, it's a better UX to not show the UI to upload fonts, rather than showing it but then it fails.

Right. Actually seems the code here should probably ignore DISALLOW_FILE_MODS and relay more on is_writable(). This would probably prevent/fix another edge case here: when somebody is using DISALLOW_FILE_MODS but has made the fonts dir writable (or should there be another way to set this?). Don't think WP should "forbid" this usage as it seems it makes the most sense.

[azaozz]

Given the major hosts @peterwilsoncc listed, IMO DISALLOW_FILE_MODS should be respected.

So generally "Hosts win, users loose"? :) I agree it is way too late for this discussion few days before RC. But this still feels like a wrong thing to do imho.

[peterwilsoncc]

@azaozz is_writable doesn't really work either.

The fonts folder is in a disposable part of the file system. Even basic VPS config providers include Atomic deployments that swap the file system out between deploys (eg Runcloud).

Users lose if the files they have uploaded get wiped out by their host.

[azaozz]

is_writable doesn't really work either ... Users lose if the files they have uploaded get wiped out by their host.

Yep, you're right of course. There are several steps to ensure the new wp-content/fonts directory would work as intended. Some are pretty straightforward, like excluding it from version control and ensuring filesystem permissions are correct. Others may be more involved.

I'm starting to thing perhaps we are overthinking this a bit? Likely there will always be some edge cases where the /fonts directory won't work properly. WP should have a fallback for these cases, which is to disable the UI for uploading of fonts and warn the user about the problem(s). Don't think it is that important "why" the /fonts dir won't work, to me it seems much more important to:

1. Have a fallback and warn the users. Seems this is already implemented.
2. Have a way for hosting companies and/or developers to fix the problems that prevent uploading of fonts, and enable it directly. Seems this may need a little bit more looking into. Maybe a filter would do?

Seems the above problem (2) is pretty easy to solve, and thinking this is pretty much ready to be committed?

[matiasbenedetto]

Part of the work originally added in this PR, the post-creation capabilities checks, were added in https://github.com/WordPress/gutenberg/pull/59332. The only thing that would remain to implement from this PR is the DISALLOW_FILE_MODS check. Given that the restriction was discarded by this @josephahaden's Make WordPress post, I think that PR is not relevant anymore and it can be closed. I quote the relevant part of the post:

Like wp-content/uploads itself, the fonts directory will not adhere to wp_is_file_mod_allowed / DISALLOW_FILE_MODS to prevent font uploads.

I'm closing this PR. Feel free to re-open if I missed something.