WordPress.org
Get WordPress

Make WordPress Core

Ticket #39881: 39881.2.diff

File 39881.2.diff, 2.2 KB (added by rachelbaker, 9 years ago)

Added unit tests for returning media file with an invalid parent id

  • src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php

     
    12941294                // Can we read the parent if we're inheriting?
    12951295                if ( 'inherit' === $post->post_status && $post->post_parent > 0 ) {
    12961296                        $parent = get_post( $post->post_parent );
    1297                         return $this->check_read_permission( $parent );
     1297                        if ( $parent ) {
     1298                                return $this->check_read_permission( $parent );
     1299                        }
    12981300                }
    12991301
    13001302                /*

  • tests/phpunit/tests/rest-api/rest-attachments-controller.php

     
    480480                $this->assertEquals( 403, $response->get_status() );
    481481        }
    482482
     483        public function test_get_item_inherit_status_with_invalid_parent() {
     484                $attachment_id = $this->factory->attachment->create_object( $this->test_file, REST_TESTS_IMPOSSIBLY_HIGH_NUMBER, array(
     485                        'post_mime_type' => 'image/jpeg',
     486                        'post_excerpt'   => 'A sample caption',
     487                ) );
     488                $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/media/%d', $attachment_id ) );
     489                $response = $this->server->dispatch( $request );
     490                $data = $response->get_data();
     491
     492                $this->assertEquals( 200, $response->get_status() );
     493                $this->assertEquals( $attachment_id, $data['id'] );
     494        }
     495
     496        public function test_get_item_auto_status_with_invalid_parent_returns_error() {
     497                $attachment_id = $this->factory->attachment->create_object( $this->test_file, REST_TESTS_IMPOSSIBLY_HIGH_NUMBER, array(
     498                        'post_mime_type' => 'image/jpeg',
     499                        'post_excerpt'   => 'A sample caption',
     500                        'post_status'    => 'auto-draft',
     501                ) );
     502                $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/media/%d', $attachment_id ) );
     503                $response = $this->server->dispatch( $request );
     504
     505                $this->assertErrorResponse( 'rest_forbidden', $response, 403 );
     506        }
     507
    483508        public function test_create_item() {
    484509                wp_set_current_user( self::$author_id );
    485510