WordPress.org

Make WordPress Core

Ticket #38971: 38971.4.diff

File 38971.4.diff, 11.8 KB (added by jnylen0, 3 years ago)

Combined patch; handle author updates; more tests

  • src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php

    diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
    index b07ced4..169a2e3 100644
    a b class WP_REST_Comments_Controller extends WP_REST_Controller { 
    508508
    509509                // Honor the discussion setting that requires a name and email address of the comment author.
    510510                if ( get_option( 'require_name_email' ) ) {
    511                         if ( ! isset( $prepared_comment['comment_author'] ) && ! isset( $prepared_comment['comment_author_email'] ) ) {
    512                                 return new WP_Error( 'rest_comment_author_data_required', __( 'Creating a comment requires valid author name and email values.' ), array( 'status' => 400 ) );
    513                         }
    514 
    515                         if ( ! isset( $prepared_comment['comment_author'] ) ) {
    516                                 return new WP_Error( 'rest_comment_author_required', __( 'Creating a comment requires a valid author name.' ), array( 'status' => 400 ) );
    517                         }
    518 
    519                         if ( ! isset( $prepared_comment['comment_author_email'] ) ) {
    520                                 return new WP_Error( 'rest_comment_author_email_required', __( 'Creating a comment requires a valid author email.' ), array( 'status' => 400 ) );
     511                        if ( empty( $prepared_comment['comment_author'] ) || empty( $prepared_comment['comment_author_email'] ) ) {
     512                                return new WP_Error( 'rest_comment_author_required', __( 'Creating a comment requires valid author name and email values.' ), array( 'status' => 400 ) );
    521513                        }
    522514                }
    523515
    class WP_REST_Comments_Controller extends WP_REST_Controller { 
    672664                        return $prepared_args;
    673665                }
    674666
     667                // Honor the discussion setting that requires a name and email address of the comment author.
     668                if ( get_option( 'require_name_email' ) ) {
     669                        $is_valid_author_update = true;
     670                        if ( isset( $prepared_args['comment_author'] ) && empty( $prepared_args['comment_author'] ) ) {
     671                                $is_valid_author_update = false;
     672                        }
     673                        if ( isset( $prepared_args['comment_author_email'] ) && empty( $prepared_args['comment_author_email'] ) ) {
     674                                $is_valid_author_update = false;
     675                        }
     676                        if ( ! $is_valid_author_update ) {
     677                                return new WP_Error( 'rest_comment_author_required', __( 'Updating a comment\'s author requires valid author name and email values.' ), array( 'status' => 400 ) );
     678                        }
     679                }
     680
    675681                if ( empty( $prepared_args ) && isset( $request['status'] ) ) {
    676682                        // Only the comment status is being changed.
    677683                        $change = $this->handle_status_param( $request['status'], $id );
  • tests/phpunit/tests/rest-api/rest-comments-controller.php

    diff --git a/tests/phpunit/tests/rest-api/rest-comments-controller.php b/tests/phpunit/tests/rest-api/rest-comments-controller.php
    index 112a26c..58d6b46 100644
    a b class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 
    9898        }
    9999
    100100        public function tearDown() {
     101                remove_filter( 'rest_allow_anonymous_comments', '__return_true' );
     102                update_option( 'require_name_email', 0 );
     103                update_option( 'comment_registration', 0 );
     104                update_option( 'show_avatars', 1 );
    101105                parent::tearDown();
    102106        }
    103107
    class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 
    987991                $this->assertEquals( $params['content']['raw'], $new_comment->comment_content );
    988992        }
    989993
    990         public function test_create_comment_missing_required_author_name_and_email_per_option_value() {
     994        public function test_create_comment_missing_required_author_name() {
    991995                add_filter( 'rest_allow_anonymous_comments', '__return_true' );
    992996                update_option( 'require_name_email', 1 );
    993997
    994998                $params = array(
    995                         'post'    => self::$post_id,
    996                         'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.',
     999                        'post'         => self::$post_id,
     1000                        'author_email' => 'ekrabappel@springfield-elementary.edu',
     1001                        'content'      => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.',
    9971002                );
    9981003
    9991004                $request = new WP_REST_Request( 'POST', '/wp/v2/comments' );
    class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 
    10021007
    10031008                $response = $this->server->dispatch( $request );
    10041009
    1005                 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 );
    1006 
    1007                 update_option( 'require_name_email', 0 );
     1010                $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 );
    10081011        }
    10091012
    1010         public function test_create_comment_missing_required_author_name_per_option_value() {
    1011                 wp_set_current_user( self::$admin_id );
     1013        public function test_create_comment_empty_required_author_name() {
     1014                add_filter( 'rest_allow_anonymous_comments', '__return_true' );
    10121015                update_option( 'require_name_email', 1 );
    10131016
    10141017                $params = array(
    1015                         'post'         => self::$post_id,
     1018                        'author_name'  => '',
    10161019                        'author_email' => 'ekrabappel@springfield-elementary.edu',
     1020                        'post'         => self::$post_id,
    10171021                        'content'      => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.',
    10181022                );
    10191023
    class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 
    10221026                $request->set_body( wp_json_encode( $params ) );
    10231027
    10241028                $response = $this->server->dispatch( $request );
    1025                 $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 );
    10261029
    1027                 update_option( 'require_name_email', 0 );
     1030                $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 );
    10281031        }
    10291032
    1030         public function test_create_comment_missing_required_author_email_per_option_value() {
     1033        public function test_create_comment_missing_required_author_email() {
    10311034                wp_set_current_user( self::$admin_id );
    10321035                update_option( 'require_name_email', 1 );
    10331036
    class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 
    10421045                $request->set_body( wp_json_encode( $params ) );
    10431046
    10441047                $response = $this->server->dispatch( $request );
    1045                 $this->assertErrorResponse( 'rest_comment_author_email_required', $response, 400 );
     1048                $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 );
     1049        }
    10461050
    1047                 update_option( 'require_name_email', 0 );
     1051        public function test_create_comment_empty_required_author_email() {
     1052                wp_set_current_user( self::$admin_id );
     1053                update_option( 'require_name_email', 1 );
     1054
     1055                $params = array(
     1056                        'post'         => self::$post_id,
     1057                        'author_name'  => 'Edna Krabappel',
     1058                        'author_email' => '',
     1059                        'content'      => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.',
     1060                );
     1061
     1062                $request = new WP_REST_Request( 'POST', '/wp/v2/comments' );
     1063                $request->add_header( 'content-type', 'application/json' );
     1064                $request->set_body( wp_json_encode( $params ) );
     1065
     1066                $response = $this->server->dispatch( $request );
     1067                // Would be 'rest_comment_author_required' but this is caught by 'format' => 'email'
     1068                $this->assertErrorResponse( 'rest_invalid_param', $response, 400 );
     1069                $data = $response->get_data();
     1070                $this->assertArrayHasKey( 'author_email', $data['data']['params'] );
    10481071        }
    10491072
    10501073        public function test_create_comment_author_email_too_short() {
    class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 
    19731996                $this->assertEquals( $params['date_gmt'], mysql_to_rfc3339( $updated->comment_date_gmt ) );
    19741997        }
    19751998
     1999        public function test_update_comment_author_email_only() {
     2000                wp_set_current_user( self::$editor_id );
     2001                update_option( 'require_name_email', 1 );
     2002
     2003                $params = array(
     2004                        'post'         => self::$post_id,
     2005                        'author_email' => 'ekrabappel@springfield-elementary.edu',
     2006                        'content'      => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.',
     2007                );
     2008
     2009                $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) );
     2010                $request->add_header( 'content-type', 'application/json' );
     2011                $request->set_body( wp_json_encode( $params ) );
     2012
     2013                $response = $this->server->dispatch( $request );
     2014                $this->assertEquals( 200, $response->get_status() );
     2015        }
     2016
     2017        public function test_update_comment_empty_required_author_name() {
     2018                wp_set_current_user( self::$editor_id );
     2019                update_option( 'require_name_email', 1 );
     2020
     2021                $params = array(
     2022                        'author_name'  => '',
     2023                        'author_email' => 'ekrabappel@springfield-elementary.edu',
     2024                        'post'         => self::$post_id,
     2025                        'content'      => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.',
     2026                );
     2027
     2028                $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) );
     2029                $request->add_header( 'content-type', 'application/json' );
     2030                $request->set_body( wp_json_encode( $params ) );
     2031
     2032                $response = $this->server->dispatch( $request );
     2033                $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 );
     2034        }
     2035
     2036        public function test_update_comment_author_name_only() {
     2037                wp_set_current_user( self::$admin_id );
     2038                update_option( 'require_name_email', 1 );
     2039
     2040                $params = array(
     2041                        'post'        => self::$post_id,
     2042                        'author_name' => 'Edna Krabappel',
     2043                        'content'     => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.',
     2044                );
     2045
     2046                $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) );
     2047                $request->add_header( 'content-type', 'application/json' );
     2048                $request->set_body( wp_json_encode( $params ) );
     2049
     2050                $response = $this->server->dispatch( $request );
     2051                $this->assertEquals( 200, $response->get_status() );
     2052        }
     2053
     2054        public function test_update_comment_empty_required_author_email() {
     2055                wp_set_current_user( self::$admin_id );
     2056                update_option( 'require_name_email', 1 );
     2057
     2058                $params = array(
     2059                        'post'         => self::$post_id,
     2060                        'author_name'  => 'Edna Krabappel',
     2061                        'author_email' => '',
     2062                        'content'      => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.',
     2063                );
     2064
     2065                $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) );
     2066                $request->add_header( 'content-type', 'application/json' );
     2067                $request->set_body( wp_json_encode( $params ) );
     2068
     2069                $response = $this->server->dispatch( $request );
     2070                // Would be 'rest_comment_author_required' but this is caught by 'format' => 'email'
     2071                $this->assertErrorResponse( 'rest_invalid_param', $response, 400 );
     2072                $data = $response->get_data();
     2073                $this->assertArrayHasKey( 'author_email', $data['data']['params'] );
     2074        }
     2075
     2076        public function test_update_comment_author_email_too_short() {
     2077                wp_set_current_user( self::$admin_id );
     2078
     2079                $params = array(
     2080                        'post'         => self::$post_id,
     2081                        'author_name'  => 'Homer J. Simpson',
     2082                        'author_email' => 'a@b',
     2083                        'content'      => 'in this house, we obey the laws of thermodynamics!',
     2084                );
     2085
     2086                $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) );
     2087                $request->add_header( 'content-type', 'application/json' );
     2088                $request->set_body( wp_json_encode( $params ) );
     2089                $response = $this->server->dispatch( $request );
     2090
     2091                $this->assertErrorResponse( 'rest_invalid_param', $response, 400 );
     2092                $data = $response->get_data();
     2093                $this->assertArrayHasKey( 'author_email', $data['data']['params'] );
     2094        }
     2095
    19762096        public function test_update_comment_invalid_type() {
    19772097                wp_set_current_user( self::$admin_id );
    19782098