Ticket #38971: 38971.diff
File 38971.diff, 11.0 KB (added by , 8 years ago) |
---|
-
src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
508 508 509 509 // Honor the discussion setting that requires a name and email address of the comment author. 510 510 if ( get_option( 'require_name_email' ) ) { 511 if ( ! isset( $prepared_comment['comment_author'] ) && ! isset( $prepared_comment['comment_author_email'] ) ) {511 if ( empty( $prepared_comment['comment_author'] ) || empty( $prepared_comment['comment_author_email'] ) ) { 512 512 return new WP_Error( 'rest_comment_author_data_required', __( 'Creating a comment requires valid author name and email values.' ), array( 'status' => 400 ) ); 513 513 } 514 515 if ( ! isset( $prepared_comment['comment_author'] ) ) {516 return new WP_Error( 'rest_comment_author_required', __( 'Creating a comment requires a valid author name.' ), array( 'status' => 400 ) );517 }518 519 if ( ! isset( $prepared_comment['comment_author_email'] ) ) {520 return new WP_Error( 'rest_comment_author_email_required', __( 'Creating a comment requires a valid author email.' ), array( 'status' => 400 ) );521 }522 514 } 523 515 524 516 if ( ! isset( $prepared_comment['comment_author_email'] ) ) { … … 1155 1147 'type' => 'string', 1156 1148 'format' => 'email', 1157 1149 'context' => array( 'edit' ), 1150 'arg_options' => array( 1151 'sanitize_callback' => array( $this, 'check_comment_author_email' ), 1152 'validate_callback' => null, // skip built-in validation of 'email'. 1153 ), 1158 1154 ), 1159 1155 'author_ip' => array( 1160 1156 'description' => __( 'IP address for the object author.' ), … … 1581 1577 1582 1578 return current_user_can( 'edit_comment', $comment->comment_ID ); 1583 1579 } 1580 1581 /** 1582 * Checks a comment author email for validity. 1583 * 1584 * Accepts either a valid email address or empty string as a valid comment 1585 * author email address. Setting the comment author email to an empty 1586 * string is allowed when a comment is being updated. 1587 * 1588 * @since 4.7.0 1589 * 1590 * @param string $value Author email value submitted. 1591 * @param WP_REST_Request $request Full details about the request. 1592 * @param string $param The parameter name. 1593 * @return WP_Error|string The sanitized email address, if valid, 1594 * otherwise an error. 1595 */ 1596 public function check_comment_author_email( $value, $request, $param ) { 1597 $email = (string) $value; 1598 if ( empty( $email ) ) { 1599 return $email; 1600 } 1601 1602 $check_email = rest_validate_request_arg( $email, $request, $param ); 1603 if ( is_wp_error( $check_email ) ) { 1604 return $check_email; 1605 } 1606 1607 return $email; 1608 } 1584 1609 } -
tests/phpunit/tests/rest-api/rest-comments-controller.php
97 97 } 98 98 } 99 99 100 public function tearDown() {101 parent::tearDown();102 }103 104 100 public function test_register_routes() { 105 101 $routes = $this->server->get_routes(); 106 102 … … 987 983 $this->assertEquals( $params['content']['raw'], $new_comment->comment_content ); 988 984 } 989 985 990 public function test_create_comment_missing_required_author_name _and_email_per_option_value() {986 public function test_create_comment_missing_required_author_name() { 991 987 add_filter( 'rest_allow_anonymous_comments', '__return_true' ); 992 988 update_option( 'require_name_email', 1 ); 993 989 994 990 $params = array( 995 'post' => self::$post_id, 996 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 991 'post' => self::$post_id, 992 'author_email' => 'ekrabappel@springfield-elementary.edu', 993 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 997 994 ); 998 995 999 996 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); … … 1003 1000 $response = $this->server->dispatch( $request ); 1004 1001 1005 1002 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 ); 1006 1007 update_option( 'require_name_email', 0 );1008 1003 } 1009 1004 1010 public function test_create_comment_ missing_required_author_name_per_option_value() {1011 wp_set_current_user( self::$admin_id);1005 public function test_create_comment_empty_required_author_name() { 1006 add_filter( 'rest_allow_anonymous_comments', '__return_true' ); 1012 1007 update_option( 'require_name_email', 1 ); 1013 1008 1014 1009 $params = array( 1015 ' post' => self::$post_id,1010 'author_name' => '', 1016 1011 'author_email' => 'ekrabappel@springfield-elementary.edu', 1012 'post' => self::$post_id, 1017 1013 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 1018 1014 ); 1019 1015 … … 1022 1018 $request->set_body( wp_json_encode( $params ) ); 1023 1019 1024 1020 $response = $this->server->dispatch( $request ); 1025 $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 );1026 1021 1027 update_option( 'require_name_email',0 );1022 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 ); 1028 1023 } 1029 1024 1030 public function test_create_comment_missing_required_author_email _per_option_value() {1025 public function test_create_comment_missing_required_author_email() { 1031 1026 wp_set_current_user( self::$admin_id ); 1032 1027 update_option( 'require_name_email', 1 ); 1033 1028 … … 1042 1037 $request->set_body( wp_json_encode( $params ) ); 1043 1038 1044 1039 $response = $this->server->dispatch( $request ); 1045 $this->assertErrorResponse( 'rest_comment_author_email_required', $response, 400 ); 1040 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 ); 1041 } 1046 1042 1047 update_option( 'require_name_email', 0 ); 1043 public function test_create_comment_empty_required_author_email() { 1044 wp_set_current_user( self::$admin_id ); 1045 update_option( 'require_name_email', 1 ); 1046 1047 $params = array( 1048 'post' => self::$post_id, 1049 'author_name' => 'Edna Krabappel', 1050 'author_email' => '', 1051 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 1052 ); 1053 1054 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); 1055 $request->add_header( 'content-type', 'application/json' ); 1056 $request->set_body( wp_json_encode( $params ) ); 1057 1058 $response = $this->server->dispatch( $request ); 1059 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 ); 1048 1060 } 1049 1061 1050 1062 public function test_create_comment_author_email_too_short() { … … 1992 2004 $this->assertEquals( $params['date_gmt'], mysql_to_rfc3339( $updated->comment_date_gmt ) ); 1993 2005 } 1994 2006 2007 public function test_update_comment_author_email_only() { 2008 wp_set_current_user( self::$editor_id ); 2009 update_option( 'require_name_email', 1 ); 2010 2011 $params = array( 2012 'post' => self::$post_id, 2013 'author_email' => 'ekrabappel@springfield-elementary.edu', 2014 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2015 ); 2016 2017 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2018 $request->add_header( 'content-type', 'application/json' ); 2019 $request->set_body( wp_json_encode( $params ) ); 2020 2021 $response = $this->server->dispatch( $request ); 2022 $this->assertEquals( 200, $response->get_status() ); 2023 } 2024 2025 public function test_update_comment_empty_author_name() { 2026 wp_set_current_user( self::$editor_id ); 2027 update_option( 'require_name_email', 1 ); 2028 2029 $params = array( 2030 'author_name' => '', 2031 'author_email' => 'ekrabappel@springfield-elementary.edu', 2032 'post' => self::$post_id, 2033 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2034 ); 2035 2036 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2037 $request->add_header( 'content-type', 'application/json' ); 2038 $request->set_body( wp_json_encode( $params ) ); 2039 2040 $response = $this->server->dispatch( $request ); 2041 $this->assertEquals( 200, $response->get_status() ); 2042 } 2043 2044 public function test_update_comment_author_name_only() { 2045 wp_set_current_user( self::$admin_id ); 2046 update_option( 'require_name_email', 1 ); 2047 2048 $params = array( 2049 'post' => self::$post_id, 2050 'author_name' => 'Edna Krabappel', 2051 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2052 ); 2053 2054 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2055 $request->add_header( 'content-type', 'application/json' ); 2056 $request->set_body( wp_json_encode( $params ) ); 2057 2058 $response = $this->server->dispatch( $request ); 2059 $this->assertEquals( 200, $response->get_status() ); 2060 } 2061 2062 public function test_update_comment_empty_author_email() { 2063 wp_set_current_user( self::$admin_id ); 2064 update_option( 'require_name_email', 1 ); 2065 2066 $params = array( 2067 'post' => self::$post_id, 2068 'author_name' => 'Edna Krabappel', 2069 'author_email' => '', 2070 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2071 ); 2072 2073 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2074 $request->add_header( 'content-type', 'application/json' ); 2075 $request->set_body( wp_json_encode( $params ) ); 2076 2077 $response = $this->server->dispatch( $request ); 2078 $this->assertEquals( 200, $response->get_status() ); 2079 } 2080 2081 public function test_update_comment_author_email_too_short() { 2082 wp_set_current_user( self::$admin_id ); 2083 2084 $params = array( 2085 'post' => self::$post_id, 2086 'author_name' => 'Homer J. Simpson', 2087 'author_email' => 'a@b', 2088 'content' => 'in this house, we obey the laws of thermodynamics!', 2089 ); 2090 2091 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2092 $request->add_header( 'content-type', 'application/json' ); 2093 $request->set_body( wp_json_encode( $params ) ); 2094 $response = $this->server->dispatch( $request ); 2095 2096 $this->assertErrorResponse( 'rest_invalid_param', $response, 400 ); 2097 $data = $response->get_data(); 2098 $this->assertArrayHasKey( 'author_email', $data['data']['params'] ); 2099 } 2100 1995 2101 public function test_update_comment_invalid_type() { 1996 2102 wp_set_current_user( self::$admin_id ); 1997 2103