Ticket #39546: 39546.diff
File 39546.diff, 17.2 KB (added by , 8 years ago) |
---|
-
tests/phpunit/includes/testcase.php
diff --git a/tests/phpunit/includes/testcase.php b/tests/phpunit/includes/testcase.php index 0528cff..b06fffe 100644
a b class WP_UnitTestCase extends PHPUnit_Framework_TestCase { 184 184 * it has a chance to do so. 185 185 */ 186 186 protected function reset_post_types() { 187 foreach ( get_post_types() as $pt ) { 188 _unregister_post_type( $pt ); 187 foreach ( get_post_types( array(), 'objects' ) as $pt ) { 188 if ( empty( $pt->tests_no_auto_unregister ) ) { 189 _unregister_post_type( $pt->name ); 190 } 189 191 } 190 192 create_initial_post_types(); 191 193 } -
tests/phpunit/tests/rest-api/rest-comments-controller.php
diff --git a/tests/phpunit/tests/rest-api/rest-comments-controller.php b/tests/phpunit/tests/rest-api/rest-comments-controller.php index 9de7d88..99de8bd 100644
a b class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 76 76 } 77 77 78 78 public static function wpTearDownAfterClass() { 79 self::delete_user( self::$superadmin_id ); 79 80 self::delete_user( self::$admin_id ); 81 self::delete_user( self::$editor_id ); 80 82 self::delete_user( self::$subscriber_id ); 81 83 self::delete_user( self::$author_id ); 82 84 -
tests/phpunit/tests/rest-api/rest-posts-controller.php
diff --git a/tests/phpunit/tests/rest-api/rest-posts-controller.php b/tests/phpunit/tests/rest-api/rest-posts-controller.php index 67d4b0e..a026b8c 100644
a b class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te 57 57 58 58 wp_delete_post( self::$post_id, true ); 59 59 60 self::delete_user( self::$superadmin_id ); 60 61 self::delete_user( self::$editor_id ); 61 62 self::delete_user( self::$author_id ); 62 63 self::delete_user( self::$contributor_id ); -
tests/phpunit/tests/rest-api/rest-tags-controller.php
diff --git a/tests/phpunit/tests/rest-api/rest-tags-controller.php b/tests/phpunit/tests/rest-api/rest-tags-controller.php index bdca9cb..cb81b17 100644
a b class WP_Test_REST_Tags_Controller extends WP_Test_REST_Controller_Testcase { 35 35 } 36 36 37 37 public static function wpTearDownAfterClass() { 38 self::delete_user( self::$superadmin ); 38 39 self::delete_user( self::$administrator ); 40 self::delete_user( self::$editor ); 39 41 self::delete_user( self::$subscriber ); 40 42 } 41 43 -
tests/phpunit/tests/rest-api/rest-users-controller.php
diff --git a/tests/phpunit/tests/rest-api/rest-users-controller.php b/tests/phpunit/tests/rest-api/rest-users-controller.php index 2f17495..0d59281 100644
a b class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 13 13 protected static $superadmin; 14 14 protected static $user; 15 15 protected static $editor; 16 protected static $ editor2;17 protected static $ secret_editor;18 protected static $ secret_editor2;16 protected static $draft_editor; 17 protected static $authors = array(); 18 protected static $posts = array(); 19 19 protected static $site; 20 20 21 21 public static function wpSetUpBeforeClass( $factory ) { … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 30 30 'role' => 'editor', 31 31 'user_email' => 'editor@example.com', 32 32 ) ); 33 self::$ editor2= $factory->user->create( array(33 self::$draft_editor = $factory->user->create( array( 34 34 'role' => 'editor', 35 'user_email' => ' editor2@example.com',35 'user_email' => 'draft-editor@example.com', 36 36 ) ); 37 self::$secret_editor = $factory->user->create( array( 38 'role' => 'editor', 39 'user_email' => 'secret_editor@example.com', 37 38 foreach ( array( true, false ) as $show_in_rest ) { 39 foreach ( array( true, false ) as $public ) { 40 $post_type_name = 'r_' . json_encode( $show_in_rest ) . '_p_' . json_encode( $public ); 41 register_post_type( $post_type_name, array( 42 'public' => $public, 43 'show_in_rest' => $show_in_rest, 44 'tests_no_auto_unregister' => true, 45 ) ); 46 self::$authors[ $post_type_name ] = $factory->user->create( array( 47 'role' => 'editor', 48 'user_email' => 'author_' . $post_type_name . '@example.com', 49 ) ); 50 self::$posts[ $post_type_name ] = $factory->post->create( array( 51 'post_type' => $post_type_name, 52 'post_author' => self::$authors[ $post_type_name ], 53 ) ); 54 } 55 } 56 57 self::$posts['post'] = $factory->post->create( array( 58 'post_type' => 'post', 59 'post_author' => self::$editor, 40 60 ) ); 41 self::$secret_editor2 = $factory->user->create( array( 42 'role' => 'editor', 43 'user_email' => 'secret_editor2@example.com', 61 self::$posts['r_true_p_true_DRAFT'] = $factory->post->create( array( 62 'post_type' => 'r_true_p_true', 63 'post_author' => self::$draft_editor, 64 'post_status' => 'draft', 44 65 ) ); 45 66 46 67 if ( is_multisite() ) { … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 52 73 public static function wpTearDownAfterClass() { 53 74 self::delete_user( self::$user ); 54 75 self::delete_user( self::$editor ); 55 self::delete_user( self::$editor2 ); 56 self::delete_user( self::$secret_editor ); 57 self::delete_user( self::$secret_editor2 ); 76 self::delete_user( self::$draft_editor ); 77 78 foreach ( self::$posts as $post ) { 79 wp_delete_post( $post, true ); 80 } 81 foreach ( self::$authors as $author ) { 82 self::delete_user( $author ); 83 } 84 _unregister_post_type( 'r_true_p_true' ); 85 _unregister_post_type( 'r_true_p_false' ); 86 _unregister_post_type( 'r_false_p_true' ); 87 _unregister_post_type( 'r_false_p_false' ); 58 88 59 89 if ( is_multisite() ) { 60 90 wpmu_delete_blog( self::$site, true ); … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 66 96 */ 67 97 public function setUp() { 68 98 parent::setUp(); 69 70 register_post_type( 'rest_public', array( 'public' => true, 'show_in_rest' => true ) );71 register_post_type( 'secret_public', array( 'public' => true, 'show_in_rest' => false ) );72 register_post_type( 'secret_hidden', array( 'public' => false, 'show_in_rest' => false ) );73 register_post_type( 'rest_hidden', array( 'public' => false, 'show_in_rest' => true ) );74 75 99 $this->endpoint = new WP_REST_Users_Controller(); 76 100 } 77 101 … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 169 193 } 170 194 171 195 public function test_get_items_unauthenticated_includes_authors_of_post_types_shown_in_rest() { 172 $created_posts = array();173 $created_posts[] = $this->factory->post->create( array(174 'post_author' => self::$user,175 'post_status' => 'publish',176 ) );177 // Expose authors if show_in_rest is true, even if the post_type is not public.178 $created_posts[] = $this->factory->post->create( array(179 'post_type' => 'rest_hidden',180 'post_author' => self::$editor,181 'post_status' => 'publish',182 ) );183 $created_posts[] = $this->factory->post->create( array(184 'post_type' => 'rest_public',185 'post_author' => self::$editor2,186 'post_status' => 'publish',187 ) );188 $created_posts[] = $this->factory->post->create( array(189 'post_type' => 'rest_public',190 'post_author' => self::$secret_editor,191 'post_status' => 'draft',192 ) );193 194 196 $request = new WP_REST_Request( 'GET', '/wp/v2/users' ); 195 197 $response = $this->server->dispatch( $request ); 196 198 $users = $response->get_data(); 197 199 198 $ public_post_types = array_values( get_post_types( array( 'show_in_rest' => true ), 'names' ) );200 $rest_post_types = array_values( get_post_types( array( 'show_in_rest' => true ), 'names' ) ); 199 201 200 202 foreach ( $users as $user ) { 201 $this->assertTrue( count_user_posts( $user['id'], $ public_post_types ) > 0 );203 $this->assertTrue( count_user_posts( $user['id'], $rest_post_types ) > 0 ); 202 204 203 205 // Ensure we don't expose non-public data. 204 206 $this->assertArrayNotHasKey( 'capabilities', $user ); … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 213 215 $this->assertArrayNotHasKey( 'locale', $user ); 214 216 } 215 217 216 $this->assertTrue( in_array( self::$user, wp_list_pluck( $users, 'id' ), true ) ); 217 $this->assertTrue( in_array( self::$editor, wp_list_pluck( $users, 'id' ), true ) ); 218 $this->assertTrue( in_array( self::$editor2, wp_list_pluck( $users, 'id' ), true ) ); 219 220 // Do not include authors of unpublished posts. 221 $this->assertFalse( in_array( self::$secret_editor, wp_list_pluck( $users, 'id' ), true ) ); 218 $user_ids = wp_list_pluck( $users, 'id' ); 222 219 223 foreach ( $created_posts as $post_id ) { 224 wp_delete_post( $post_id, true ); 225 } 220 $this->assertTrue( in_array( self::$editor , $user_ids, true ) ); 221 $this->assertTrue( in_array( self::$authors['r_true_p_true'] , $user_ids, true ) ); 222 $this->assertTrue( in_array( self::$authors['r_true_p_false'], $user_ids, true ) ); 223 $this->assertCount( 3, $user_ids ); 226 224 } 227 225 228 226 public function test_get_items_unauthenticated_does_not_include_authors_of_post_types_not_shown_in_rest() { 229 $created_posts = array();230 $created_posts[] = $this->factory->post->create( array(231 'post_type' => 'secret_hidden',232 'post_author' => self::$secret_editor,233 'post_status' => 'publish',234 ) );235 $created_posts[] = $this->factory->post->create( array(236 'post_type' => 'secret_public',237 'post_author' => self::$secret_editor2,238 'post_status' => 'publish',239 ) );240 241 227 $request = new WP_REST_Request( 'GET', '/wp/v2/users' ); 242 228 $response = $this->server->dispatch( $request ); 243 $data = $response->get_data(); 229 $users = $response->get_data(); 230 $user_ids = wp_list_pluck( $users, 'id' ); 244 231 245 $this->assertFalse( in_array( self::$secret_editor, wp_list_pluck( $data, 'id' ), true ) ); 246 $this->assertFalse( in_array( self::$secret_editor2, wp_list_pluck( $data, 'id' ), true ) ); 232 $this->assertFalse( in_array( self::$authors['r_false_p_true'] , $user_ids, true ) ); 233 $this->assertFalse( in_array( self::$authors['r_false_p_false'], $user_ids, true ) ); 234 } 247 235 248 foreach ( $created_posts as $post_id ) { 249 wp_delete_post( $post_id, true ); 250 } 236 public function test_get_items_unauthenticated_does_not_include_users_without_published_posts() { 237 $request = new WP_REST_Request( 'GET', '/wp/v2/users' ); 238 $response = $this->server->dispatch( $request ); 239 $users = $response->get_data(); 240 $user_ids = wp_list_pluck( $users, 'id' ); 241 242 $this->assertFalse( in_array( self::$draft_editor, $user_ids, true ) ); 243 $this->assertFalse( in_array( self::$user , $user_ids, true ) ); 251 244 } 252 245 253 246 public function test_get_items_pagination_headers() { 254 247 wp_set_current_user( self::$user ); 255 // Start of the index, including the six existing users.256 248 for ( $i = 0; $i < 44; $i++ ) { 257 249 $this->factory->user->create( array( 258 'name' 259 250 'name' => "User {$i}", 251 ) ); 260 252 } 261 253 $request = new WP_REST_Request( 'GET', '/wp/v2/users' ); 262 254 $response = $this->server->dispatch( $request ); 263 255 $headers = $response->get_headers(); 264 $this->assertEquals( 5 1, $headers['X-WP-Total'] );256 $this->assertEquals( 53, $headers['X-WP-Total'] ); 265 257 $this->assertEquals( 6, $headers['X-WP-TotalPages'] ); 266 258 $next_link = add_query_arg( array( 267 259 'page' => 2, … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 276 268 $request->set_param( 'page', 3 ); 277 269 $response = $this->server->dispatch( $request ); 278 270 $headers = $response->get_headers(); 279 $this->assertEquals( 5 2, $headers['X-WP-Total'] );271 $this->assertEquals( 54, $headers['X-WP-Total'] ); 280 272 $this->assertEquals( 6, $headers['X-WP-TotalPages'] ); 281 273 $prev_link = add_query_arg( array( 282 274 'page' => 2, … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 291 283 $request->set_param( 'page', 6 ); 292 284 $response = $this->server->dispatch( $request ); 293 285 $headers = $response->get_headers(); 294 $this->assertEquals( 5 2, $headers['X-WP-Total'] );286 $this->assertEquals( 54, $headers['X-WP-Total'] ); 295 287 $this->assertEquals( 6, $headers['X-WP-TotalPages'] ); 296 288 $prev_link = add_query_arg( array( 297 289 'page' => 5, … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 303 295 $request->set_param( 'page', 8 ); 304 296 $response = $this->server->dispatch( $request ); 305 297 $headers = $response->get_headers(); 306 $this->assertEquals( 5 2, $headers['X-WP-Total'] );298 $this->assertEquals( 54, $headers['X-WP-Total'] ); 307 299 $this->assertEquals( 6, $headers['X-WP-TotalPages'] ); 308 300 $prev_link = add_query_arg( array( 309 301 'page' => 6, … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 474 466 475 467 public function test_get_items_offset() { 476 468 wp_set_current_user( self::$user ); 477 // 5 users created in __construct(), plus default user.469 // 7 users created in wpSetUpBeforeClass(), plus default user. 478 470 $this->factory->user->create(); 479 471 $request = new WP_REST_Request( 'GET', '/wp/v2/users' ); 480 472 $request->set_param( 'offset', 1 ); 481 473 $response = $this->server->dispatch( $request ); 482 $this->assertCount( 7, $response->get_data() );474 $this->assertCount( 9, $response->get_data() ); 483 475 // 'offset' works with 'per_page' 484 476 $request->set_param( 'per_page', 2 ); 485 477 $response = $this->server->dispatch( $request ); … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 530 522 $id1 = $this->factory->user->create(); 531 523 $id2 = $this->factory->user->create(); 532 524 $request = new WP_REST_Request( 'GET', '/wp/v2/users' ); 525 $request->set_param( 'per_page', 20 ); // there are >10 users at this point 533 526 $response = $this->server->dispatch( $request ); 534 527 $data = $response->get_data(); 535 528 $this->assertTrue( in_array( $id1, wp_list_pluck( $data, 'id' ), true ) ); … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 688 681 $this->assertEquals( $data['extra_capabilities'], new stdClass() ); 689 682 } 690 683 691 public function test_ get_item_without_permission() {684 public function test_cannot_get_item_without_permission() { 692 685 wp_set_current_user( self::$editor ); 693 694 686 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/users/%d', self::$user ) ); 695 687 $response = $this->server->dispatch( $request ); 688 $this->assertErrorResponse( 'rest_user_cannot_view', $response, 403 ); 689 } 690 691 public function test_can_get_item_author_of_rest_true_public_true_unauthenticated() { 692 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/users/%d', self::$authors['r_true_p_true'] ) ); 693 $response = $this->server->dispatch( $request ); 694 $this->assertEquals( 200, $response->get_status() ); 695 } 696 696 697 public function test_can_get_item_author_of_rest_true_public_true_authenticated() { 698 wp_set_current_user( self::$editor ); 699 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/users/%d', self::$authors['r_true_p_true'] ) ); 700 $response = $this->server->dispatch( $request ); 701 $this->assertEquals( 200, $response->get_status() ); 702 } 703 704 public function test_can_get_item_author_of_rest_true_public_false() { 705 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/users/%d', self::$authors['r_true_p_false'] ) ); 706 $response = $this->server->dispatch( $request ); 707 $this->assertEquals( 200, $response->get_status() ); 708 } 709 710 public function test_cannot_get_item_author_of_rest_false_public_true_unauthenticated() { 711 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/users/%d', self::$authors['r_false_p_true'] ) ); 712 $response = $this->server->dispatch( $request ); 713 $this->assertErrorResponse( 'rest_user_cannot_view', $response, 401 ); 714 } 715 716 public function test_cannot_get_item_author_of_rest_false_public_true_without_permission() { 717 wp_set_current_user( self::$editor ); 718 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/users/%d', self::$authors['r_false_p_true'] ) ); 719 $response = $this->server->dispatch( $request ); 697 720 $this->assertErrorResponse( 'rest_user_cannot_view', $response, 403 ); 698 721 } 699 722 723 public function test_cannot_get_item_author_of_rest_false_public_false() { 724 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/users/%d', self::$authors['r_false_p_false'] ) ); 725 $response = $this->server->dispatch( $request ); 726 $this->assertErrorResponse( 'rest_user_cannot_view', $response, 401 ); 727 } 728 729 public function test_can_get_item_author_of_post() { 730 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/users/%d', self::$editor ) ); 731 $response = $this->server->dispatch( $request ); 732 $this->assertEquals( 200, $response->get_status() ); 733 } 734 735 public function test_cannot_get_item_author_of_draft() { 736 $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/users/%d', self::$draft_editor ) ); 737 $response = $this->server->dispatch( $request ); 738 $this->assertErrorResponse( 'rest_user_cannot_view', $response, 401 ); 739 } 740 700 741 public function test_get_item_published_author_post() { 701 742 $this->author_id = $this->factory->user->create( array( 702 743 'role' => 'author', … … class WP_Test_REST_Users_Controller extends WP_Test_REST_Controller_Testcase { 2166 2207 } 2167 2208 2168 2209 public function tearDown() { 2169 _unregister_post_type( 'rest_public' );2170 _unregister_post_type( 'secret_public' );2171 _unregister_post_type( 'secret_hidden' );2172 _unregister_post_type( 'rest_hidden' );2173 2174 2210 parent::tearDown(); 2175 2211 } 2176 2212