cannot comment on post through API

  • Resolved sgt621

    (@sgt621)


    1 month, 2 weeks ago

    I'm hitting the following URL with the request body below:

    {{baseUrl}}/?rest_route=/wp/v2/comments

    {
    "author_name" : "Postman",
    "date" : "2024-08-21T18:46:25",
    "parent" : 0,
    "author_user_agent" : "author_user_agent",
    "author" : 0,
    "author_ip" : "35.179.22.245",
    "content" : "This is an api-generated comment",
    "author_url" : "https://mysite.com",
    "post" : 17,
    "meta" : {},
    "author_email" : "[email protected]",
    "date_gmt" : "2024-08-21T18:46:25",
    "status" : "publish"
    }

    The error I get is:
    {
    "code": "rest_comment_invalid_post_id",
    "message": "Sorry, you are not allowed to create this comment without a post.",
    "data": {
      "status": 403
      }
    }

    But the post exists. Here is my API call:
    {{baseUrl}}/?rest_route=/wp/v2/posts/17

    {
        "id": 17,
        "date": "2024-08-22T18:44:15",
        "date_gmt": "2024-08-22T18:44:15",
        "guid": {
            "rendered": "https://myurl.com/?p=17"
        },
        "modified": "2024-08-22T18:44:15",
        "modified_gmt": "2024-08-22T18:44:15",
        "slug": "update-3",
        "status": "publish",
        "type": "post",
        "link": "https://myurl.com/?p=17",
        "title": {
            "rendered": "java_generated"
        },
        "content": {
            "rendered": "<p>this is a post using java</p>\n",
            "protected": false
        },
        "excerpt": {
            "rendered": "<p>java</p>\n",
            "protected": false
        },
        "author": 1,
        "featured_media": 0,
        "comment_status": "open",
        "ping_status": "open",
        "sticky": false,
        "template": "",
        "format": "standard",
        "meta": {
            "footnotes": ""
        },
        "categories": [],
        "tags": [],
        "class_list": [
            "post-17",
            "post",
            "type-post",
            "status-publish",
            "format-standard",
            "hentry"
        ],
        "_links": {
            "self": [
                {
                    "href": "https://myurl.com/index.php?rest_route=/wp/v2/posts/17"
                }
            ],
            "collection": [
                {
                    "href": "https://myurl.com/index.php?rest_route=/wp/v2/posts"
                }
            ],
            "about": [
                {
                    "href": "https://myurl.com/index.php?rest_route=/wp/v2/types/post"
                }
            ],
            "author": [
                {
                    "embeddable": true,
                    "href": "https://myurl.com/index.php?rest_route=/wp/v2/users/1"
                }
            ],
            "replies": [
                {
                    "embeddable": true,
                    "href": "https://myurl.com/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=17"
                }
            ],
            "version-history": [
                {
                    "count": 0,
                    "href": "https://myurl.com/index.php?rest_route=/wp/v2/posts/17/revisions"
                }
            ],
            "wp:attachment": [
                {
                    "href": "https://myurl.com/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=17"
                }
            ],
            "wp:term": [
                {
                    "taxonomy": "category",
                    "embeddable": true,
                    "href": "https://myurl.com/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=17"
                },
                {
                    "taxonomy": "post_tag",
                    "embeddable": true,
                    "href": "https://myurl.com/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=17"
                }
            ],
            "curies": [
                {
                    "name": "wp",
                    "href": "https://api.w.org/{rel}",
                    "templated": true
                }
            ]
        }
    }

    • This topic was modified 1 month, 2 weeks ago by sgt621.
Viewing 3 replies - 1 through 3 (of 3 total)

  • I’d like you to try the following steps:

    1. URL Structure: WordPress sites with custom permalinks can sometimes have routing issues. Even though you’re retrieving the post correctly with {{baseUrl}}/?rest_route=/wp/v2/posts/17, try using the URL format: {{baseUrl}}/wp-json/wp/v2/comments.
    2. Request Body:
      • The status field for comments is typically either "hold" (for pending comments) or "approved", not "publish". Try removing the "status": "publish" field or setting it to "approved".
      • The author: 0 might cause issues for anonymous comments. Try removing the author field altogether, or if the user is authenticated, ensure you’re passing the correct user ID.

    Let me know about the status after these adjustments.

    Thread Starter sgt621

    (@sgt621)

    @shyamgadde thanks for looking into this. I made all the changes in #2, but that did not solve the issue. I’ve tried to switch the permalink on the Settings > Permalinks page, but the change has not worked. I still have to use the old URL, even after I save the changes. Not sure if there is something else misconfigured.

    I’m honestly not sure why you’re facing this issue. It’s quite perplexing, given the information you’ve provided. Let’s dig a bit deeper:

    Based on the source code of WP_REST_Comments_Controller, there are only two cases in the permission checks that could trigger this specific error when creating a comment:

    • The first case is if the post key isn’t set in the request, but that’s clearly not the issue here since your request contains it.
    • The second case is if the call to get_post() with the provided post ID returns null, which is strange since your GET request for the same post ID returns the correct post object.

    This discrepancy is puzzling. To troubleshoot further:

    1. Could you double-check that post ID 17 is visible and published in the WordPress admin panel? Sometimes, there can be inconsistencies between what’s accessible via the API and what’s in the database.
    2. Try creating a new post directly from the WordPress admin (instead of via the API) and then attempt to post comments to it using the API. I’m assuming the post you’re working with was created via the API—if that’s the case, testing with a manually created post might help identify if the issue is related to how the post was created.
    3. It might be worth checking your WordPress version and if you have any plugins that could potentially interfere with comments or the REST API.
    4. As a long shot, you could try enabling WordPress debug mode by setting WP_DEBUG to true in your wp-config.php file. This might provide more detailed error information.

    Without attaching a debugger, it’s hard to figure out exactly what’s going wrong. I’m not sure what your setup is, but if possible, debugging would be the best way to get more insights.

    Also, I don’t believe it’s an authentication issue since those checks happen before the post ID validation, and you would have gotten a different error. However, it might be worth verifying your authentication method (if you’re using one) just to rule it out completely.

    Let me know the results of these steps, particularly the test with a new, manually created post. If the issue persists, we might need to consider more advanced debugging methods, like adding some temporary logging to the WP_REST_Comments_Controller class to pinpoint exactly where the permission check is failing.

    Let me know if that changes anything, and I can assist further if needed.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.