diff --git src/wp-includes/comment.php src/wp-includes/comment.php
index ba60070fd7..7398f99dd9 100644
|
|
|
function wp_handle_comment_submission( $comment_data ) { |
| 3005 | 3005 | * @param int $comment_post_ID Post ID. |
| 3006 | 3006 | */ |
| 3007 | 3007 | do_action( 'comment_on_draft', $comment_post_ID ); |
| 3008 | | |
| 3009 | | return new WP_Error( 'comment_on_draft' ); |
| | 3008 | |
| | 3009 | if ( current_user_can( 'read_post', $comment_post_ID ) ) { |
| | 3010 | return new WP_Error( 'comment_on_draft', __( 'Sorry, comments are not allowed for this item.' ), 403 ); |
| | 3011 | } else { |
| | 3012 | return new WP_Error( 'comment_on_draft' ); |
| | 3013 | } |
| 3010 | 3014 | |
| 3011 | 3015 | } elseif ( post_password_required( $comment_post_ID ) ) { |
| 3012 | 3016 | |
diff --git tests/phpunit/tests/comment-submission.php tests/phpunit/tests/comment-submission.php
index f5d6cc08d1..ca33fbc277 100644
|
|
|
class Tests_Comment_Submission extends WP_UnitTestCase { |
| 68 | 68 | } |
| 69 | 69 | |
| 70 | 70 | public function test_submitting_comment_to_draft_post_returns_error() { |
| 71 | | |
| 72 | 71 | $error = 'comment_on_draft'; |
| 73 | 72 | |
| 74 | 73 | $this->assertSame( 0, did_action( $error ) ); |
| … |
… |
class Tests_Comment_Submission extends WP_UnitTestCase { |
| 84 | 83 | $this->assertSame( 1, did_action( $error ) ); |
| 85 | 84 | $this->assertWPError( $comment ); |
| 86 | 85 | $this->assertSame( $error, $comment->get_error_code() ); |
| | 86 | $this->assertEmpty( $comment->get_error_message() ); |
| | 87 | |
| | 88 | } |
| | 89 | |
| | 90 | /** |
| | 91 | * @ticket 39650 |
| | 92 | */ |
| | 93 | public function test_submitting_comment_to_draft_post_returns_error_message_for_user_with_correct_caps() { |
| | 94 | $error = 'comment_on_draft'; |
| | 95 | |
| | 96 | $user = self::factory()->user->create_and_get( array( |
| | 97 | 'role' => 'author', |
| | 98 | ) ); |
| | 99 | |
| | 100 | wp_set_current_user( $user->ID ); |
| 87 | 101 | |
| | 102 | $this->assertSame( 0, did_action( $error ) ); |
| | 103 | |
| | 104 | $post = self::factory()->post->create_and_get( array( |
| | 105 | 'post_status' => 'draft', |
| | 106 | ) ); |
| | 107 | $data = array( |
| | 108 | 'comment_post_ID' => $post->ID, |
| | 109 | ); |
| | 110 | $comment = wp_handle_comment_submission( $data ); |
| | 111 | |
| | 112 | $this->assertSame( 1, did_action( $error ) ); |
| | 113 | $this->assertWPError( $comment ); |
| | 114 | $this->assertSame( $error, $comment->get_error_code() ); |
| | 115 | $this->assertNotEmpty( $comment->get_error_message() ); |
| 88 | 116 | } |
| 89 | 117 | |
| 90 | 118 | public function test_submitting_comment_to_scheduled_post_returns_error() { |