Ticket #38971: 38971.4.diff
File 38971.4.diff, 11.8 KB (added by , 8 years ago) |
---|
-
src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php index b07ced4..169a2e3 100644
a b class WP_REST_Comments_Controller extends WP_REST_Controller { 508 508 509 509 // Honor the discussion setting that requires a name and email address of the comment author. 510 510 if ( get_option( 'require_name_email' ) ) { 511 if ( ! isset( $prepared_comment['comment_author'] ) && ! isset( $prepared_comment['comment_author_email'] ) ) { 512 return new WP_Error( 'rest_comment_author_data_required', __( 'Creating a comment requires valid author name and email values.' ), array( 'status' => 400 ) ); 513 } 514 515 if ( ! isset( $prepared_comment['comment_author'] ) ) { 516 return new WP_Error( 'rest_comment_author_required', __( 'Creating a comment requires a valid author name.' ), array( 'status' => 400 ) ); 517 } 518 519 if ( ! isset( $prepared_comment['comment_author_email'] ) ) { 520 return new WP_Error( 'rest_comment_author_email_required', __( 'Creating a comment requires a valid author email.' ), array( 'status' => 400 ) ); 511 if ( empty( $prepared_comment['comment_author'] ) || empty( $prepared_comment['comment_author_email'] ) ) { 512 return new WP_Error( 'rest_comment_author_required', __( 'Creating a comment requires valid author name and email values.' ), array( 'status' => 400 ) ); 521 513 } 522 514 } 523 515 … … class WP_REST_Comments_Controller extends WP_REST_Controller { 672 664 return $prepared_args; 673 665 } 674 666 667 // Honor the discussion setting that requires a name and email address of the comment author. 668 if ( get_option( 'require_name_email' ) ) { 669 $is_valid_author_update = true; 670 if ( isset( $prepared_args['comment_author'] ) && empty( $prepared_args['comment_author'] ) ) { 671 $is_valid_author_update = false; 672 } 673 if ( isset( $prepared_args['comment_author_email'] ) && empty( $prepared_args['comment_author_email'] ) ) { 674 $is_valid_author_update = false; 675 } 676 if ( ! $is_valid_author_update ) { 677 return new WP_Error( 'rest_comment_author_required', __( 'Updating a comment\'s author requires valid author name and email values.' ), array( 'status' => 400 ) ); 678 } 679 } 680 675 681 if ( empty( $prepared_args ) && isset( $request['status'] ) ) { 676 682 // Only the comment status is being changed. 677 683 $change = $this->handle_status_param( $request['status'], $id ); -
tests/phpunit/tests/rest-api/rest-comments-controller.php
diff --git a/tests/phpunit/tests/rest-api/rest-comments-controller.php b/tests/phpunit/tests/rest-api/rest-comments-controller.php index 112a26c..58d6b46 100644
a b class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 98 98 } 99 99 100 100 public function tearDown() { 101 remove_filter( 'rest_allow_anonymous_comments', '__return_true' ); 102 update_option( 'require_name_email', 0 ); 103 update_option( 'comment_registration', 0 ); 104 update_option( 'show_avatars', 1 ); 101 105 parent::tearDown(); 102 106 } 103 107 … … class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 987 991 $this->assertEquals( $params['content']['raw'], $new_comment->comment_content ); 988 992 } 989 993 990 public function test_create_comment_missing_required_author_name _and_email_per_option_value() {994 public function test_create_comment_missing_required_author_name() { 991 995 add_filter( 'rest_allow_anonymous_comments', '__return_true' ); 992 996 update_option( 'require_name_email', 1 ); 993 997 994 998 $params = array( 995 'post' => self::$post_id, 996 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 999 'post' => self::$post_id, 1000 'author_email' => 'ekrabappel@springfield-elementary.edu', 1001 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 997 1002 ); 998 1003 999 1004 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); … … class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 1002 1007 1003 1008 $response = $this->server->dispatch( $request ); 1004 1009 1005 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 ); 1006 1007 update_option( 'require_name_email', 0 ); 1010 $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 ); 1008 1011 } 1009 1012 1010 public function test_create_comment_ missing_required_author_name_per_option_value() {1011 wp_set_current_user( self::$admin_id);1013 public function test_create_comment_empty_required_author_name() { 1014 add_filter( 'rest_allow_anonymous_comments', '__return_true' ); 1012 1015 update_option( 'require_name_email', 1 ); 1013 1016 1014 1017 $params = array( 1015 ' post' => self::$post_id,1018 'author_name' => '', 1016 1019 'author_email' => 'ekrabappel@springfield-elementary.edu', 1020 'post' => self::$post_id, 1017 1021 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 1018 1022 ); 1019 1023 … … class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 1022 1026 $request->set_body( wp_json_encode( $params ) ); 1023 1027 1024 1028 $response = $this->server->dispatch( $request ); 1025 $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 );1026 1029 1027 update_option( 'require_name_email',0 );1030 $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 ); 1028 1031 } 1029 1032 1030 public function test_create_comment_missing_required_author_email _per_option_value() {1033 public function test_create_comment_missing_required_author_email() { 1031 1034 wp_set_current_user( self::$admin_id ); 1032 1035 update_option( 'require_name_email', 1 ); 1033 1036 … … class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 1042 1045 $request->set_body( wp_json_encode( $params ) ); 1043 1046 1044 1047 $response = $this->server->dispatch( $request ); 1045 $this->assertErrorResponse( 'rest_comment_author_email_required', $response, 400 ); 1048 $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 ); 1049 } 1046 1050 1047 update_option( 'require_name_email', 0 ); 1051 public function test_create_comment_empty_required_author_email() { 1052 wp_set_current_user( self::$admin_id ); 1053 update_option( 'require_name_email', 1 ); 1054 1055 $params = array( 1056 'post' => self::$post_id, 1057 'author_name' => 'Edna Krabappel', 1058 'author_email' => '', 1059 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 1060 ); 1061 1062 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); 1063 $request->add_header( 'content-type', 'application/json' ); 1064 $request->set_body( wp_json_encode( $params ) ); 1065 1066 $response = $this->server->dispatch( $request ); 1067 // Would be 'rest_comment_author_required' but this is caught by 'format' => 'email' 1068 $this->assertErrorResponse( 'rest_invalid_param', $response, 400 ); 1069 $data = $response->get_data(); 1070 $this->assertArrayHasKey( 'author_email', $data['data']['params'] ); 1048 1071 } 1049 1072 1050 1073 public function test_create_comment_author_email_too_short() { … … class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 1973 1996 $this->assertEquals( $params['date_gmt'], mysql_to_rfc3339( $updated->comment_date_gmt ) ); 1974 1997 } 1975 1998 1999 public function test_update_comment_author_email_only() { 2000 wp_set_current_user( self::$editor_id ); 2001 update_option( 'require_name_email', 1 ); 2002 2003 $params = array( 2004 'post' => self::$post_id, 2005 'author_email' => 'ekrabappel@springfield-elementary.edu', 2006 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2007 ); 2008 2009 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2010 $request->add_header( 'content-type', 'application/json' ); 2011 $request->set_body( wp_json_encode( $params ) ); 2012 2013 $response = $this->server->dispatch( $request ); 2014 $this->assertEquals( 200, $response->get_status() ); 2015 } 2016 2017 public function test_update_comment_empty_required_author_name() { 2018 wp_set_current_user( self::$editor_id ); 2019 update_option( 'require_name_email', 1 ); 2020 2021 $params = array( 2022 'author_name' => '', 2023 'author_email' => 'ekrabappel@springfield-elementary.edu', 2024 'post' => self::$post_id, 2025 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2026 ); 2027 2028 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2029 $request->add_header( 'content-type', 'application/json' ); 2030 $request->set_body( wp_json_encode( $params ) ); 2031 2032 $response = $this->server->dispatch( $request ); 2033 $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 ); 2034 } 2035 2036 public function test_update_comment_author_name_only() { 2037 wp_set_current_user( self::$admin_id ); 2038 update_option( 'require_name_email', 1 ); 2039 2040 $params = array( 2041 'post' => self::$post_id, 2042 'author_name' => 'Edna Krabappel', 2043 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2044 ); 2045 2046 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2047 $request->add_header( 'content-type', 'application/json' ); 2048 $request->set_body( wp_json_encode( $params ) ); 2049 2050 $response = $this->server->dispatch( $request ); 2051 $this->assertEquals( 200, $response->get_status() ); 2052 } 2053 2054 public function test_update_comment_empty_required_author_email() { 2055 wp_set_current_user( self::$admin_id ); 2056 update_option( 'require_name_email', 1 ); 2057 2058 $params = array( 2059 'post' => self::$post_id, 2060 'author_name' => 'Edna Krabappel', 2061 'author_email' => '', 2062 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2063 ); 2064 2065 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2066 $request->add_header( 'content-type', 'application/json' ); 2067 $request->set_body( wp_json_encode( $params ) ); 2068 2069 $response = $this->server->dispatch( $request ); 2070 // Would be 'rest_comment_author_required' but this is caught by 'format' => 'email' 2071 $this->assertErrorResponse( 'rest_invalid_param', $response, 400 ); 2072 $data = $response->get_data(); 2073 $this->assertArrayHasKey( 'author_email', $data['data']['params'] ); 2074 } 2075 2076 public function test_update_comment_author_email_too_short() { 2077 wp_set_current_user( self::$admin_id ); 2078 2079 $params = array( 2080 'post' => self::$post_id, 2081 'author_name' => 'Homer J. Simpson', 2082 'author_email' => 'a@b', 2083 'content' => 'in this house, we obey the laws of thermodynamics!', 2084 ); 2085 2086 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2087 $request->add_header( 'content-type', 'application/json' ); 2088 $request->set_body( wp_json_encode( $params ) ); 2089 $response = $this->server->dispatch( $request ); 2090 2091 $this->assertErrorResponse( 'rest_invalid_param', $response, 400 ); 2092 $data = $response->get_data(); 2093 $this->assertArrayHasKey( 'author_email', $data['data']['params'] ); 2094 } 2095 1976 2096 public function test_update_comment_invalid_type() { 1977 2097 wp_set_current_user( self::$admin_id ); 1978 2098