Add Command Palette support

[priethor]

What

This PR adds support for WordPress Command Palette/Core Commands (Cmd+K / Ctrl+K interface) by registering:

• Core commands to navigate to SCF admin pages
• "View All" commands for each Custom Post Type registered with SCF
• "Add new" for each Custom Post Type registered with SCF

Implementation details

The commands are divided into admin and CPT command files.

• Core commands are only registered when the current user has admin permissions
• CPT commands are registered only when these conditions are met:
  • The current user has enough capabilities to edit the CPT
  • The CPT has enabled the show_ui setting

To prevent errors and optimize performance, JavaScript files for core and/or CPT commands will only be enqueued when needed.

Testing Instructions

1. Ensure you're using WordPress 6.3+ (Commands API was introduced in 6.3)
2. Ensure you have registered at least one CPT (e.g., "Books")
3. Press Cmd+K (Mac) or Ctrl+K (Windows) in the Block Editor
4. Type "SCF" or "Taxonomies" to see SCF-related admin commands
5. Type your CPT name ("Books") to see its related commands ("View books", "Add book")
6. Verify that commands correctly navigate to their respective pages
7. As an administrator, verify you can see both admin commands and CPT ones
8. As a user with limited permissions, verify that you only see commands you have access to. For example, an editor should only see CPT commands
9. Test with a WordPress version earlier than 6.3 to confirm that no errors occur

Recording

Grabacion.de.pantalla.2025-04-25.a.las.13.55.21.mov

Followups

• Consider registering commands with useCommandLoader instead, which was introduced in WP 6.4.
• Add tests
• Implement a new REST endpoint for CPTs to avoid using acf_localize_data
• Migrate to TypeScript

[gziolo]

I left some initial general feedback before trying to better understand how it exactly works. I will try to test it next.

[gziolo]

It is possible to use import statements to let the build tackle detecting all dependencies. @cbravobernal added all necessary code to automate it. See:

• Webpack configuration: update to be similar as Gutenberg / Core development #86

[gziolo]

Nit: the following could help remove some duplication from the command config a bit:

Suggested change

	document.location = command.url;
	document.location = adminUrl + command.url;

[gziolo]

You can also divide the work into two PRs since it’s fully functional and tests well. Command Palette support doesn’t have to be a Beta Feature because it’s a straightforward enhancement that anyone familiar with the concept should appreciate.

Follow-up work could include:

• Refactoring JS files to TS.
• Enhancing asset management to automatically detect dependencies in the build step.

However, we need to take a closer look at the functionality, particularly the strategy for when these commands become available, depending on the WP version, the presence of custom post types, and user permissions.

[youknowriad]

It's not really clear to me why you're using "priority-queue" here? Did you actually notice performance issues or something. Also potentially you can just use requestIdleCallback directly instead of using a queue with a single callback.

[priethor]

I did not notice any performance difference; I implemented the priority queue in parallel to defer the loading here.

[youknowriad]

Let's just get rid of it. I think defer is enough.

[priethor]

I simplified to a requestIdleCallback here before reading your answer. Should I get rid of that, too? It still seems overkill.

[youknowriad]

Personally, I'd argue that we should move away from localized variables like that as much as possible and instead use REST API endpoints. Do SCF has endpoints to retrieve these things, can't we just rely on Core endpoints for post types...?

[cbravobernal]

I think the only endpoints registered are the ones that fetch custom post types and post fields, in every field you can chose to include it or not in the WP default API endpoints for posts fetching, but there are no internal endpoints to retrieve all post types or all post fields created with the plugin.

They are instead localizing the data:

secure-custom-fields/includes/assets.php

Line 603 in 8b71adb

acf_localize_data( $data_to_localize );

secure-custom-fields/includes/admin/post-types/admin-field-group.php

Line 151 in 8b71adb

acf_localize_data(

Moving everything to a REST API could be done, but this needs to define a new API structure, with its own documentation and decide the approach for the store handling ( using Redux based like wp-data, or move to React Query or something similar )

What's your opinion on that @youknowriad ?

[priethor]

There are two issues why using the Rest API would require some extra work and I didn't consider for this:

• While it does a PHP function to retrieve SCF Post types (acf_get_acf_post_types), it doesn't have a custom enpoint to do so, just WordPress` built in endpoints.
• More importantly, in order to show CPTs in the REST API, each CPT needs to enable the Show in REST API setting.

Therefore, my guess is we will need custom SCF endpoints for the admin that show all, as we will encounter a similar issue when implementing DataViews. What do you think about this approach, Riad?

[youknowriad]

We're on WordPress, so for me, we should be use the entities and core-data here. no need to duplicate things that exist.

More importantly, in order to show CPTs in the REST API, each CPT needs to enable the Show in REST API setting.

For me this is something that we should try to get rid of. Every CPT should be visible in the endpoints, I think this is a setting of another age.

That said, for now, a custom endpoint/entity could work if we're not ready to make all CPTs created by SCF show_in_rest true. Are there any valid reasons for not doing it?

[priethor]

Are there any valid reasons for not doing it?

If by this you mean a custom endpoint, the only reason not to do it right now is the extra complexity it adds to this PR, we should probably tackle that separately.

As per the existing setting, I wouldn't change an existing setting as we don't know all the cases or real users (e.g., having CPTs only for the admin to manage private data), though.

[youknowriad]

As per the existing setting, I wouldn't change an existing setting as we don't know all the cases or real users (e.g., having CPTs only for the admin to manage private data), though.

This is different than show_in_rest, this should be mostly handled by the public boolean.

[priethor]

Thinking a bit more about this:

• Right now, we would need to use the types endpoint.
• show_in_rest determines whether a custom post type gets its own endpoint, but also hides the CPT definition from the types endpoint.
• In any case, the types endpoint doesn't return any information to know whether a type is a CPT and/or created by SCF (e.g., no post-type field)

Therefore, my inclination is to create a new endpoint for custom post types that ignores the show_in_rest. This will be needed, too, when migrating the Post Types screen to DataViews.

[youknowriad]

The ideal scenario is to actually use the types endpoint and add "metadata" to the post type. That said, I think it's a good interim solution to have a custom endpoint.

[youknowriad]

In parallel to this PR, I wonder if we should implement this PR within SCF (before it gets into Core) to enable the command palette everywhere.

[youknowriad]

So for me, the PR is fine. But I think we should ask ourselves what we want to do with these post types and any SCF UI going forward. Do we want to decouple the server and client and have a consistent data layer to communicate between both (ideally on top of core-data) or do we want to continue with these localized scripts which for me feels like hacks.

An investment in the core-data layer will help this PR but also any future PR that would like to rely on SCF entities in its client UI.

[priethor]

Do we want to decouple the server and client and have a consistent data layer to communicate between both (ideally on top of core-data) or do we want to continue with these localized scripts which for me feels like hacks.

I don't know if a hack, but it did feel like a dated approach that doesn't align with the current direction of core and modern architecture. I do agree with investing in decoupling server and client; the amount of data required in this PR is minimal, but as we move forward with new functionalities, it will pay off or even become necessary.

How do you all feel about this PR with the current approach, and then follow up with the new endpoint implementation?

[youknowriad]

How do you all feel about this PR with the current approach, and then follow up with the new endpoint implementation?

I'm ok with this personally, but I would try to avoid the acf script dependency, it seems this is not needed at all and we can just use any random global variable.