REST CRUD Controller incorrectly calls apply_filters

[sjregan]

Prerequisites (mark completed items with an [x]):

• [X ] I have have carried out troubleshooting steps and I believe I have found a bug.
• [ X] I have searched for similar bugs in both open and closed issues and cannot find a duplicate.

Describe the bug A clear and concise description of what the bug is.

In WooCommerce v5.4.1 the class-wc-rest-crud-controller.php class calls the “rest_{$this->post_type}_collection_params” filter incorrectly:

/**
 * Filter collection parameters for the posts controller.
 *
 * The dynamic part of the filter <code>$this->post_type</code> refers to the post
 * type slug for the controller.
 *
 * This filter registers the collection parameter, but does not map the
 * collection parameter to an internal WP_Query parameter. Use the
 * 'rest_{$this->post_type}_query' filter to set WP_Query parameters.
 *
 * @param array        $query_params JSON Schema-formatted collection parameters.
 * @param WP_Post_Type $post_type    Post type object.
 */
return apply_filters( "rest_{$this->post_type}_collection_params", $params, $this->post_type );

The PHPDoc states the $post_type variable is meant to be of type WP_Post_Type, however this call provides the parameter as a string.

When WP calls the same filter it provides a WP_Post_Type object.

Expected behavior The correct parameter type (WP_Post_Type ) should be passed to the function.

Actual behavior The string slug of the post type is passed instead of the object.

Steps to reproduce the bug (We need to be able to reproduce the bug in order to fix it.) Steps to reproduce the bug:

1. Add a hook using the relevant collection_params name.
2. Call the API endpoint.

Screenshots If applicable, add screenshots to help explain your problem.

Isolating the problem (mark completed items with an [x]):

• [X] I have deactivated other plugins and confirmed this bug occurs when only WooCommerce plugin is active.
• [X] This bug happens with a default WordPress theme active, or Storefront.
• [X] I can reproduce this bug consistently using the steps above.

WordPress Environment We use the WooCommerce System Status Report to help us evaluate the issue. Without this report we won't be able to fully evaluate this issue.

``` ### WordPress Environment ### WordPress address (URL): redacted Site address (URL): redacted WC Version: 5.1.0 REST API Version: ✔ 5.1.0 WC Blocks Version: ✔ 4.4.3 Action Scheduler Version: ✔ 3.1.6 WC Admin Version: ✔ 2.2.1 Log Directory Writable: ✔ WP Version: 5.7.2 WP Multisite: – WP Memory Limit: 256 MB WP Debug Mode: – WP Cron: – Language: en_GB External object cache: – ### Server Environment ### Server Info: Apache/2.4.25 (Debian) PHP Version: 7.3.28-2+0~20210604.85+debian9~1.gbp219f11 PHP Post Max Size: 128 MB PHP Time Limit: 300 PHP Max Input Vars: 2500 cURL Version: 7.52.1 OpenSSL/1.0.2u SUHOSIN Installed: – MySQL Version: 5.5.5-10.1.48-MariaDB-1~stretch Max Upload Size: 10 MB Default Timezone is UTC: ✔ fsockopen/cURL: ✔ SoapClient: ✔ DOMDocument: ✔ GZip: ✔ Multibyte String: ✔ Remote Post: ✔ Remote Get: ✔ ### Database ### WC Database Version: 5.0.0 WC Database Prefix: wp_ Total Database Size: 134.24MB Database Data Size: 122.93MB Database Index Size: 11.31MB wp_woocommerce_sessions: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_woocommerce_api_keys: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_woocommerce_attribute_taxonomies: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_woocommerce_downloadable_product_permissions: Data: 0.02MB + Index: 0.06MB + Engine InnoDB wp_woocommerce_order_items: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_woocommerce_order_itemmeta: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_woocommerce_tax_rates: Data: 0.02MB + Index: 0.06MB + Engine InnoDB wp_woocommerce_tax_rate_locations: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_woocommerce_shipping_zones: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_woocommerce_shipping_zone_locations: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_woocommerce_shipping_zone_methods: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_woocommerce_payment_tokens: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_woocommerce_payment_tokenmeta: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_woocommerce_log: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_actionscheduler_actions: Data: 0.02MB + Index: 0.11MB + Engine InnoDB wp_actionscheduler_claims: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_actionscheduler_groups: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_actionscheduler_logs: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_badgeos_achievements: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_badgeos_points: Data: 0.17MB + Index: 0.00MB + Engine InnoDB wp_badgeos_ranks: Data: 0.08MB + Index: 0.00MB + Engine InnoDB wp_bp_activity: Data: 1.52MB + Index: 0.69MB + Engine InnoDB wp_bp_activity_meta: Data: 0.05MB + Index: 0.03MB + Engine InnoDB wp_bp_follow: Data: 0.02MB + Index: 0.05MB + Engine InnoDB wp_bp_friends: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_bp_groups: Data: 0.02MB + Index: 0.05MB + Engine InnoDB wp_bp_groups_groupmeta: Data: 0.05MB + Index: 0.03MB + Engine InnoDB wp_bp_groups_members: Data: 0.08MB + Index: 0.09MB + Engine InnoDB wp_bp_invitations: Data: 0.02MB + Index: 0.14MB + Engine InnoDB wp_bp_messages_messages: Data: 0.25MB + Index: 0.03MB + Engine InnoDB wp_bp_messages_meta: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_bp_messages_notices: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_bp_messages_recipients: Data: 0.08MB + Index: 0.17MB + Engine InnoDB wp_bp_notifications: Data: 0.11MB + Index: 0.30MB + Engine InnoDB wp_bp_notifications_meta: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_bp_xprofile_data: Data: 0.45MB + Index: 0.33MB + Engine InnoDB wp_bp_xprofile_fields: Data: 0.02MB + Index: 0.08MB + Engine InnoDB wp_bp_xprofile_groups: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_bp_xprofile_meta: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_bv_fw_requests: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_bv_ip_store: Data: 0.31MB + Index: 0.22MB + Engine InnoDB wp_bv_lp_requests: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_commentmeta: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_comments: Data: 0.02MB + Index: 0.09MB + Engine InnoDB wp_em_bookings: Data: 0.02MB + Index: 0.05MB + Engine InnoDB wp_em_events: Data: 0.02MB + Index: 0.14MB + Engine InnoDB wp_em_locations: Data: 0.02MB + Index: 0.08MB + Engine InnoDB wp_em_meta: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_em_tickets: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_em_tickets_bookings: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_links: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_logy_users: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_options: Data: 108.47MB + Index: 1.53MB + Engine InnoDB wp_p2p: Data: 0.02MB + Index: 0.05MB + Engine InnoDB wp_p2pmeta: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_popularpostsdata: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_popularpostssummary: Data: 0.52MB + Index: 0.67MB + Engine InnoDB wp_postmeta: Data: 1.52MB + Index: 0.42MB + Engine InnoDB wp_posts: Data: 1.52MB + Index: 0.27MB + Engine InnoDB wp_rt_rtm_activity: Data: 0.05MB + Index: 0.05MB + Engine InnoDB wp_rt_rtm_api: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_rt_rtm_media: Data: 0.02MB + Index: 0.11MB + Engine InnoDB wp_rt_rtm_media_interaction: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_rt_rtm_media_meta: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_signups: Data: 0.52MB + Index: 0.19MB + Engine InnoDB wp_smush_dir_images: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_termmeta: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_terms: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_term_relationships: Data: 0.05MB + Index: 0.02MB + Engine InnoDB wp_term_taxonomy: Data: 0.05MB + Index: 0.03MB + Engine InnoDB wp_ulike: Data: 0.02MB + Index: 0.08MB + Engine InnoDB wp_ulike_activities: Data: 0.02MB + Index: 0.08MB + Engine InnoDB wp_ulike_comments: Data: 0.02MB + Index: 0.08MB + Engine InnoDB wp_ulike_forums: Data: 0.02MB + Index: 0.08MB + Engine InnoDB wp_ulike_meta: Data: 0.28MB + Index: 0.30MB + Engine InnoDB wp_usermeta: Data: 4.48MB + Index: 2.89MB + Engine InnoDB wp_users: Data: 0.11MB + Index: 0.14MB + Engine InnoDB wp_wc_admin_notes: Data: 0.05MB + Index: 0.00MB + Engine InnoDB wp_wc_admin_note_actions: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_wc_category_lookup: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_wc_customer_lookup: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_wc_download_log: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_wc_order_coupon_lookup: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_wc_order_product_lookup: Data: 0.02MB + Index: 0.06MB + Engine InnoDB wp_wc_order_stats: Data: 0.02MB + Index: 0.05MB + Engine InnoDB wp_wc_order_tax_lookup: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_wc_product_meta_lookup: Data: 0.02MB + Index: 0.09MB + Engine InnoDB wp_wc_reserved_stock: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_wc_tax_rate_classes: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_wc_webhooks: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_wpmailsmtp_tasks_meta: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_yoast_indexable: Data: 0.34MB + Index: 0.25MB + Engine InnoDB wp_yoast_indexable_hierarchy: Data: 0.02MB + Index: 0.05MB + Engine InnoDB wp_yoast_migrations: Data: 0.02MB + Index: 0.02MB + Engine InnoDB wp_yoast_primary_term: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_yoast_seo_links: Data: 0.06MB + Index: 0.03MB + Engine InnoDB wp_yoast_seo_meta: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_yz_bookmark: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_yz_hashtags: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_yz_hashtags_items: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_yz_media: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_yz_reviews: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_zlc_event_rsvps: Data: 0.02MB + Index: 0.00MB + Engine InnoDB wp_zl_lc_messages: Data: 0.13MB + Index: 0.00MB + Engine InnoDB wp_zna_in_app_purchases: Data: 0.02MB + Index: 0.03MB + Engine InnoDB wp_zna_oembed_cache: Data: 0.05MB + Index: 0.00MB + Engine InnoDB ### Post Type Counts ### achievement-type: 1 advanced_ads: 3 attachment: 382 badges: 2 bp_doc: 13 bp_docs_folder: 9 bp-email: 25 bps_form: 2 custom_css: 1 epkb_post_type_1: 16 forum: 15 ia_invites: 4 leaderboard: 1 level: 30 nav_menu_item: 40 oembed_cache: 9 page: 37 point_award: 9 point_type: 1 post: 3 product: 3 product_variation: 26 rank_requirement: 3 rank_types: 1 reply: 20 revision: 260 rtmedia_album: 6 shop_coupon: 2 shop_order: 3 shop_order_refund: 2 sidebar_instance: 8 step: 3 topic: 17 tribe_events: 1 tribe_venue: 1 wpcf7_contact_form: 1 zl-lc-channel: 84 zlc_report: 9 ### Security ### Secure connection (HTTPS): ✔ Hide errors from visitors: ✔ ### Active Plugins (60) ### BadgeOS Leaderboards Add-On: by LearningTimes LLC – 1.1.5 Advanced Ads Pro: by Advanced Ads GmbH – 2.6.2 Advanced Ads: by Thomas Maier Advanced Ads GmbH – 1.24.1 Author Avatars List/Block: by Paul Bearne – 2.1.4 BadgeOS Community Add-On: by Credly – 1.2.11 BadgeOS: by LearningTimes – 3.6.9 Zipline BP Groups Taxonomy: by Zipline – 2.0.0 BP Profile Search: by Andrea Tarantini – 5.4 Block, Suspend, Report for BuddyPress: by Bouncingsprout Studio – 3.2.5 BuddyPress Docs: by Boone B Gorges David Cavins – 2.1.5 BuddyPress Edit Activity: by BuddyBoss – 1.1.1 BuddyPress Follow: by Andy Peatling r-a-y – 1.3-alpha BuddyPress Global Search: by BuddyBoss – 1.2.1 rtMedia for WordPress, BuddyPress and bbPress: by rtCamp – 4.6.6 BuddyPress Notifications Widget: by BuddyDev – 1.3.2 BuddyPress Profanity: by wbcomdesigns – 1.5.0 BuddyPress Sitewide Activity Widget: by BuddyDev – 1.3.5 BuddyPress: by The BuddyPress Community – 7.2.1 CoBlocks: by GoDaddy – 2.9.1 Conditional Menus: by Themify – 1.1.9 Contact Form 7: by Takayuki Miyoshi – 5.4 Currency Switcher for WooCommerce: by WP Wham – 2.14.0 Easy Timeout Session: by Joaquin Ruiz – 1.1 Knowledge Base for Documents and FAQs: by Echo Plugins – 7.4.0 Envato Market: by Envato – 2.0.6 The Events Calendar PRO: by The Events Calendar – 5.5.0.1 Grimlock Animate: by Themosaurus – 1.1.7 Grimlock for Author Avatars List/Block: by Themosaurus – 1.0.9 Grimlock for BuddyPress: by Themosaurus – 1.3.17 Grimlock for Knowledge Base for Documents and FAQs: by Themosaurus – 1.0.4 Grimlock Isotope: by Themosaurus – 1.0.8 Grimlock Login: by Themosaurus – 1.1.3 Grimlock for The Events Calendar: by Themosaurus – 1.2.4 Grimlock for WooCommerce: by Themosaurus – 1.2.8 Grimlock: by Themosaurus – 1.3.18 Jetpack by WordPress.com: by Automattic – 9.6.2 Kirki Customizer Framework: by David Vongries – 3.1.6 MalCare Security - Free Malware Scanner, Protection & Security for WordPress: by MalCare Security – 4.57 Menu Image: by Rui Guerreiro – 3.0.4 rtMedia Activity URL Preview: by rtCamp – 2.3.0 Sucuri Security - Auditing, Malware Scanner and Hardening: by Sucuri Inc. – 1.8.26 The Events Calendar: by The Events Calendar – 5.5.0.1 Twitch for WordPress: by KryptoniteWP – 3.2.3 UpdraftPlus - Backup/Restore: by UpdraftPlus.Com DavidAnderson – 1.16.53 Widget Context: by Kaspars Dambis – 1.3.2 Widget Options: by Widget Options Team – 3.7.7 WooCommerce Admin: by WooCommerce – 2.2.1 WooCommerce Amazon Pay: by WooCommerce – 1.13.1 (update to version 2.0.3 is available) WooCommerce Stripe Gateway: by WooCommerce – 5.1.0 WooCommerce Shipping & Tax: by Automattic – 1.25.11 (update to version 1.25.14 is available) WooCommerce: by Automattic – 5.1.0 (update to version 5.4.1 is available) WordPress Popular Posts: by Hector Cabrera – 5.2.4 WP Mail SMTP: by WPForms – 2.7.0 Smush: by WPMU DEV – 3.8.4 WP ULike: by TechnoWich – 4.4.7 ZippApp Core: by Zipline – 0.41.0 ZippApp: by Zipline – 1.2.1 Zipline Community Plugin: by Zipline – 1.37.4 ZippChat: by Zipline – 2.15.0 Zipline Push Notifications: by Zipline – 1.0.0 ### Inactive Plugins (3) ### Breeze: by Cloudways – 1.1.10 Import and export users and customers: by codection – 1.17.4.3 Yoast SEO: by Team Yoast – 16.1.1 ### Must Use Plugins (1) ### Health Check Troubleshooting Mode: by – 1.7.2 ### Settings ### API Enabled: – Force SSL: – Currency: GBP (£) Currency Position: left Thousand Separator: , Decimal Separator: . Number of Decimals: 2 Taxonomies: Product Types: external (external) grouped (grouped) simple (simple) variable (variable) Taxonomies: Product Visibility: exclude-from-catalog (exclude-from-catalog) exclude-from-search (exclude-from-search) featured (featured) outofstock (outofstock) rated-1 (rated-1) rated-2 (rated-2) rated-3 (rated-3) rated-4 (rated-4) rated-5 (rated-5) Connected to WooCommerce.com: – ### WC Pages ### Shop base: #3245 - /shop/ Basket: #3246 - /basket/ Checkout: #3247 - /checkout/ My account: #3248 - /my-account/ Terms and conditions: #78 - /terms-conditions/ ### Theme ### Name: Cera Version: 1.1.1 Author URL: https://www.themosaurus.com WooCommerce Support: ✔ ### Templates ### Overrides: – ### Currency Switcher Settings ### WooCommerce Currency Switcher Plugin: yes Currency switcher on per product basis: no Revert to shop's default currency on checkout: no Apply currency conversion to fixed amount coupons: yes Add currency selector for fixed amount coupons: no Apply currency conversion to shipping amount: Apply currency conversion to minimum order amount required for free shipping: yes Apply currency conversion to cart fees: yes Apply currency conversion to WooCommerce Price Filter Widget: Switcher placement: Array ( [0] => single_page_after_price_select ) Switcher wrapper: %currency_switcher% Switcher item format: %currency_name% Link list switcher separator: Reposition page after currency switch: no Rounding: no_round Number of decimals: 2 Make "pretty price": no Apply rounding and "pretty price" to shipping rates: no Apply rounding and "pretty price" to shop's default currency: no Order currency: no Format price: no Currencies: Currency (shop's default): [GBP] Pound sterling Total additional currencies: 2 Additional currency #1: yes alg_currency_switcher_currency_1: EUR Additional currency #2: no alg_currency_switcher_currency_2: USD Exchange Rates: Exchange rates updates: hourly Exchange rates server: ecb Free Currency Converter API Key: not set CoinMarketCap API Key: Exchange rates offset: 0 #1 GBP/EUR (Euro): 1.167269756041 alg_currency_switcher_exchange_rate_server_GBP_EUR: default alg_currency_switcher_exchange_rate_offset_type_GBP_EUR: default percent: 0 Currency Countries (by IP): Currency Countries (by IP): Enter countries as comma separated text: Override country: #1 [EUR] Euro: Array ( [0] => ) Currency Languages (Locales): Currency Languages (Locales): Enter locales as comma separated text: Always use locale to assign currency: #1 [EUR] Euro: Array ( [0] => ) Price Formats: no #0 [GBP] Pound sterling: left Additional currency code position (optional): none Thousand separator: , Decimal separator: . Number of decimals: 2 Currency Symbol: £ #1 [EUR] Euro: left Additional currency code position (optional): none Thousand separator: , Decimal separator: . Number of decimals: 2 Currency Symbol: € Flags: #0 [GBP] Pound sterling: #1 [EUR] Euro: Price conversion method: Fix mini cart: Disable on URI: Additional price filters: Price filters to remove: Session save path: ### Action Scheduler ### Complete: 24 Oldest: 2021-05-22 17:07:03 +0100 Newest: 2021-06-10 10:25:29 +0100 ### Status report information ### Generated at: 2021-06-22 00:29:41 +01:00 ```

[rodelgc]

Hi @sjregan ,

Thank you for opening the issue! It requires further feedback from the WooCommerce Core team. I am adding the needs developer feedback label to this issue so that the Core team could take a look.

Please note it may take a few days for them to get to this issue. Thank you for your patience.

[jonathansadowski]

Hi @sjregan,

Thanks for reporting this. It does look like the PHP Doc on that filter is incorrect. Unfortunately, for backwards-compatibility reasons, it will be hard for us to update that filter to pass the object instead of the string. I'm going to leave this issue open to track updating the PHP Doc to make it more accurate to its actual behavior.

[sjregan]

@jonathansadowski Thanks for looking at it, I understand your point of backwards compatibility.

I would like to point out the issue is not that the PHPDoc is incorrect, its that the parameter type is incorrect because it differs from the same filter in the WP_REST_Posts_Controller class.