| 885 | |
| 886 | /** |
| 887 | * Testing that the headers are not set for anonymous users. |
| 888 | * |
| 889 | * @ticket 35662 |
| 890 | */ |
| 891 | function test_rest_send_refreshed_nonce_anonymous_user() { |
| 892 | // Make the request. |
| 893 | $headers = $this->helper_make_request_and_return_headers_for_rest_send_refreshed_nonce_tests(); |
| 894 | |
| 895 | // Run the assertions. |
| 896 | $this->assertArrayNotHasKey( 'X-WP-Nonce', $headers ); |
| 897 | } |
| 898 | |
| 899 | /** |
| 900 | * Testing the rest_send_refreshed_nonce filter. |
| 901 | * |
| 902 | * If the nonce is valid and the user is logged in, we're filtering as false so the header is not sent |
| 903 | * and vice-versa for the opposite setup. |
| 904 | * |
| 905 | * @ticket 35662 |
| 906 | * |
| 907 | * @dataProvider data_rest_send_refreshed_nonce_filtered |
| 908 | * |
| 909 | * @param bool $has_logged_in_user Will there be a logged in user for this test. |
| 910 | * @param string $filter_callback The callback to be used by the add_filter. |
| 911 | * @param bool $has_key Should the X-WP-Nonce key be in the sent_headers array. |
| 912 | */ |
| 913 | function test_rest_send_refreshed_nonce_filtered( $has_logged_in_user, $filter_callback, $has_key ) { |
| 914 | |
| 915 | if ( true === $has_logged_in_user ) { |
| 916 | // Creat and set the current user. |
| 917 | $this->helper_setup_user_for_rest_send_refreshed_nonce_tests(); |
| 918 | } |
| 919 | |
| 920 | // Make the request. |
| 921 | add_filter( 'rest_send_refreshed_nonce', $filter_callback ); |
| 922 | |
| 923 | $headers = $this->helper_make_request_and_return_headers_for_rest_send_refreshed_nonce_tests(); |
| 924 | |
| 925 | remove_filter( 'rest_send_refreshed_nonce', $filter_callback ); |
| 926 | |
| 927 | // Run the assertions. |
| 928 | if ( true === $has_key ) { |
| 929 | $this->assertArrayHasKey( 'X-WP-Nonce', $headers ); |
| 930 | } else { |
| 931 | $this->assertArrayNotHasKey( 'X-WP-Nonce', $headers ); |
| 932 | } |
| 933 | } |
| 934 | |
| 935 | /** |
| 936 | * Dataprovider to automate the filter tests. |
| 937 | * |
| 938 | * @return array { |
| 939 | * @type array { |
| 940 | * @type bool $has_logged_in_user Are we registering a user for the test. |
| 941 | * @type string $filter_callback The callback passed to the filter. |
| 942 | * @type bool $has_key Should the X-WP-Nonce key be in the sent_headers array. |
| 943 | * } |
| 944 | * } |
| 945 | */ |
| 946 | function data_rest_send_refreshed_nonce_filtered() { |
| 947 | return array( |
| 948 | array( false, '__return_true', true ), |
| 949 | array( true, '__return_false', false ), |
| 950 | ); |
| 951 | } |
| 952 | |
| 953 | /** |
| 954 | * Helper to setup a users for the rest_send_refreshed_nonce related tests. |
| 955 | */ |
| 956 | function helper_setup_user_for_rest_send_refreshed_nonce_tests() { |
| 957 | // Create and set the current user. |
| 958 | $author = self::factory()->user->create( array( 'role' => 'author' ) ); |
| 959 | wp_set_current_user( $author ); |
| 960 | } |
| 961 | |
| 962 | /** |
| 963 | * Helper to make the request and get the headers for the rest_send_refreshed_nonce related tests. |
| 964 | * |
| 965 | * @return array |
| 966 | */ |
| 967 | function helper_make_request_and_return_headers_for_rest_send_refreshed_nonce_tests() { |
| 968 | $request = new WP_REST_Request( 'GET', '/', array() ); |
| 969 | $result = $this->server->serve_request( '/' ); |
| 970 | |
| 971 | return $this->server->sent_headers; |
| 972 | } |