WordPress.org

Make WordPress Core

Ticket #30354: 30354_with_tests.patch

File 30354_with_tests.patch, 7.0 KB (added by pbearne, 7 years ago)

patch with unit tests

  • src/wp-includes/post.php

     
    52495249function get_posts_by_author_sql( $post_type, $full = true, $post_author = null, $public_only = false ) {
    52505250        global $wpdb;
    52515251
    5252         // Private posts.
     5252        // Private posts or not a post type.
    52535253        $post_type_obj = get_post_type_object( $post_type );
    5254         if ( ! $post_type_obj )
     5254        if ( ! $post_type_obj ){
    52555255                return $full ? 'WHERE 1 = 0' : ' 1 = 0 ';
     5256        }
    52565257
     5258        // product the $post_author id
     5259        if( null !== $post_author ){
     5260                $post_author = ( 0 === absint( $post_author ) ) ? null : absint( $post_author );
     5261        }
     5262
    52575263        /**
    52585264         * Filter the capability to read private posts for a custom post type
    52595265         * when generating SQL for getting posts by author.
     
    52675273                $cap = $post_type_obj->cap->read_private_posts;
    52685274        }
    52695275
     5276        $sql = ' ';
    52705277        if ( $full ) {
    5271                 if ( null === $post_author ) {
    5272                         $sql = $wpdb->prepare( 'WHERE post_type = %s AND ', $post_type );
    5273                 } else {
    5274                         $sql = $wpdb->prepare( 'WHERE post_author = %d AND post_type = %s AND ', $post_author, $post_type );
    5275                 }
     5278                $sql = 'WHERE ';
     5279        }
     5280
     5281        if ( null === $post_author ) {
     5282                        $sql .= $wpdb->prepare( 'post_type = %s AND ', $post_type );
    52765283        } else {
    5277                 $sql = '';
     5284                        $sql .= $wpdb->prepare( 'post_author = %d AND post_type = %s AND ', $post_author, $post_type );
    52785285        }
    52795286
     5287
    52805288        $sql .= "(post_status = 'publish'";
    52815289
    52825290        // Only need to check the cap if $public_only is false.
  • tests/phpunit/tests/post/get-posts-by-author-sql.php

     
     1<?php
     2
     3/**
     4 * @group post
     5 * @ticket 30354
     6 */
     7
     8class Tests_get_posts_by_author_sql extends WP_UnitTestCase {
     9        function setUp() {
     10                parent::setUp();
     11        }
     12
     13        // default call get SQL where for posts
     14        function test_just_post(){
     15                $maybe_string = get_posts_by_author_sql( 'post' );
     16
     17                $this->assertEquals( "WHERE post_type = 'post' AND (post_status = 'publish')", $maybe_string );
     18
     19        }
     20        // page post type
     21        function test_just_page(){
     22                $maybe_string = get_posts_by_author_sql( 'page' );
     23
     24                $this->assertEquals( "WHERE post_type = 'page' AND (post_status = 'publish')", $maybe_string );
     25
     26        }
     27
     28        // default call get SQL where for posts and set full to true
     29        function test_just_post_true(){
     30                $maybe_string = get_posts_by_author_sql( 'post', true );
     31
     32                $this->assertEquals( "WHERE post_type = 'post' AND (post_status = 'publish')", $maybe_string );
     33
     34        }
     35
     36        // Test nonexistant post type.
     37        function test_just_non_existent_post_type(){
     38                $maybe_string = get_posts_by_author_sql( 'non_existent_post_type' );
     39
     40                $this->assertEquals( "WHERE 1 = 0", $maybe_string );
     41        }
     42        // Test nonexistant post type and not full SQL.
     43        function test_just_non_existent_post_type_false(){
     44                $maybe_string = get_posts_by_author_sql(  'non_existent_post_type', false );
     45
     46                $this->assertEquals( " 1 = 0 ", $maybe_string );
     47
     48        }
     49        // post and not full where SQL
     50        function test_post_false(){
     51                $maybe_string = get_posts_by_author_sql( 'post', false );
     52
     53                $this->assertEquals( " post_type = 'post' AND (post_status = 'publish')", $maybe_string );
     54        }
     55
     56        // posts and full where for user 1
     57        function test_post_true_1(){
     58                $maybe_string = get_posts_by_author_sql( 'post', true, 1  );
     59
     60                $this->assertEquals( "WHERE post_author = 1 AND post_type = 'post' AND (post_status = 'publish')", $maybe_string );
     61        }
     62
     63        // posts and not full where for user 1
     64        function test_post_false_1(){
     65                $maybe_string = get_posts_by_author_sql( 'post', false, 1 );
     66
     67                $this->assertEquals( " post_author = 1 AND post_type = 'post' AND (post_status = 'publish')", $maybe_string );
     68        }
     69
     70        // posts and full where for user 1 and public
     71        function test_post_true_1_true(){
     72                $maybe_string = get_posts_by_author_sql( 'post', true, 1, true  );
     73
     74                $this->assertEquals( "WHERE post_author = 1 AND post_type = 'post' AND (post_status = 'publish')", $maybe_string );
     75        }
     76        // posts and not full where for user 1 and public
     77        function test_post_false_1_true(){
     78                $maybe_string = get_posts_by_author_sql( 'post', false, 1, true );
     79
     80                $this->assertEquals( " post_author = 1 AND post_type = 'post' AND (post_status = 'publish')", $maybe_string );
     81        }
     82
     83        // posts and full where for user 1 and not public
     84        function test_post_true_1_false(){
     85                $maybe_string = get_posts_by_author_sql( 'post', true, 1, false  );
     86
     87                $this->assertEquals( "WHERE post_author = 1 AND post_type = 'post' AND (post_status = 'publish')", $maybe_string );
     88        }
     89
     90        // posts and not full where for user 1 and  not public
     91        function test_post_false_1_false(){
     92                $maybe_string = get_posts_by_author_sql( 'post', false, 1, false );
     93
     94                $this->assertEquals( " post_author = 1 AND post_type = 'post' AND (post_status = 'publish')", $maybe_string );
     95        }
     96
     97        // posts and not full where for user 1 and  not public
     98        function test_post_false_1_false_author(){
     99                // Someone who can't view private posts should be limited by ID.
     100                $author = $this->factory->user->create( array( 'role' => 'author' ) );
     101                wp_set_current_user( $author );
     102
     103                $maybe_string = get_posts_by_author_sql( 'post', false, null, false );
     104
     105                $this->assertEquals( " post_type = 'post' AND (post_status = 'publish' OR post_status = 'private' AND post_author = $author)", $maybe_string );
     106                wp_set_current_user( 0 );
     107        }
     108
     109        // posts and not full where for user 1 and  not public
     110        function test_post_true_1_false_author(){
     111                // Someone who can't view private posts should be limited by ID.
     112                $author = $this->factory->user->create( array( 'role' => 'author' ) );
     113                wp_set_current_user( $author );
     114
     115                $maybe_string = get_posts_by_author_sql( 'post', true, null, false );
     116
     117                $this->assertEquals( "WHERE post_type = 'post' AND (post_status = 'publish' OR post_status = 'private' AND post_author = $author)", $maybe_string );
     118                wp_set_current_user( 0 );
     119        }
     120
     121        // posts and not full where for user 1 and  not public
     122        function test_post_true_1_false_subscriber(){
     123                // Someone who can't view private posts should be limited by ID.
     124                $author = $this->factory->user->create( array( 'role' => 'subscriber' ) );
     125                wp_set_current_user( $author );
     126
     127                $maybe_string = get_posts_by_author_sql( 'post', true, null, false );
     128
     129                $this->assertEquals( "WHERE post_type = 'post' AND (post_status = 'publish' OR post_status = 'private' AND post_author = $author)", $maybe_string );
     130                wp_set_current_user( 0 );
     131        }
     132
     133        // posts and not full where for user 1 and  not public
     134        function test_post_true_1_true_subscriber(){
     135                // Someone who can't view private posts should be limited by ID.
     136                $author = $this->factory->user->create( array( 'role' => 'subscriber' ) );
     137                wp_set_current_user( $author );
     138
     139                $maybe_string = get_posts_by_author_sql( 'post', true, null, true );
     140
     141                $this->assertEquals( "WHERE post_type = 'post' AND (post_status = 'publish')", $maybe_string );
     142                wp_set_current_user( 0 );
     143        }
     144
     145}