diff --git src/license.txt src/license.txt
index c2df00a661..5a605dac3b 100644
|
|
|
1 | 1 | WordPress - Web publishing software |
2 | 2 | |
3 | | Copyright 2011-2018 by the contributors |
| 3 | Copyright 2011-2017 by the contributors |
4 | 4 | |
5 | 5 | This program is free software; you can redistribute it and/or modify |
6 | 6 | it under the terms of the GNU General Public License as published by |
diff --git src/wp-admin/includes/class-wp-comments-list-table.php src/wp-admin/includes/class-wp-comments-list-table.php
index e64086d525..071313903e 100644
|
|
class WP_Comments_List_Table extends WP_List_Table { |
134 | 134 | 'post_type' => $post_type, |
135 | 135 | ); |
136 | 136 | |
137 | | /** |
138 | | * Filters the arguments for the comment query in the comments list table. |
139 | | * |
140 | | * @since 5.0.0 |
141 | | * |
142 | | * @param array $args An array of get_comments() arguments. |
143 | | */ |
144 | | $args = apply_filters( 'comments_list_table_query_args', $args ); |
145 | | |
146 | 137 | $_comments = get_comments( $args ); |
147 | 138 | if ( is_array( $_comments ) ) { |
148 | 139 | update_comment_cache( $_comments ); |
diff --git src/wp-admin/includes/update-core.php src/wp-admin/includes/update-core.php
index fc6681acb3..ec909143dd 100644
|
|
function update_core( $from, $to ) { |
1143 | 1143 | if ( ! $wp_filesystem->exists( $old_file ) ) { |
1144 | 1144 | continue; |
1145 | 1145 | } |
1146 | | |
1147 | | // If the file isn't deleted, try writing an empty string to the file instead. |
1148 | | if ( ! $wp_filesystem->delete( $old_file, true ) && $wp_filesystem->is_file( $old_file ) ) { |
1149 | | $wp_filesystem->put_contents( $old_file, '' ); |
1150 | | } |
| 1146 | $wp_filesystem->delete( $old_file, true ); |
1151 | 1147 | } |
1152 | 1148 | |
1153 | 1149 | // Remove any Genericons example.html's from the filesystem |
diff --git src/wp-admin/js/editor.js src/wp-admin/js/editor.js
index 103d6bbf96..6010e8f7f8 100644
|
|
window.wp = window.wp || {}; |
695 | 695 | */ |
696 | 696 | function findBookmarkedPosition( editor ) { |
697 | 697 | // Get the TinyMCE `window` reference, since we need to access the raw selection. |
698 | | var TinyMCEWindow = editor.getWin(), |
699 | | selection = TinyMCEWindow.getSelection(); |
| 698 | var TinyMCEWIndow = editor.getWin(), |
| 699 | selection = TinyMCEWIndow.getSelection(); |
700 | 700 | |
701 | | if ( ! selection || selection.rangeCount < 1 ) { |
| 701 | if ( selection.rangeCount <= 0 ) { |
702 | 702 | // no selection, no need to continue. |
703 | 703 | return; |
704 | 704 | } |
diff --git src/wp-admin/js/media-upload.js src/wp-admin/js/media-upload.js
index b7171a3e9c..cd969b9b3a 100644
|
|
|
1 | 1 | /* global tinymce, QTags */ |
2 | | |
3 | | /** |
4 | | * Contains global functions for the media upload within the post edit screen. |
5 | | * |
6 | | * Updates the ThickBox anchor href and the ThickBox's own properties in order |
7 | | * to set the size and position on every resize event. Also adds a function to |
8 | | * send HTML or text to the currently active editor. |
9 | | * |
10 | | * @file |
11 | | * @since 2.5.0 |
12 | | * |
13 | | * @requires jQuery |
14 | | */ |
| 2 | // send html to the post editor |
15 | 3 | |
16 | 4 | var wpActiveEditor, send_to_editor; |
17 | 5 | |
18 | | /** |
19 | | * Sends the HTML passed in the parameters to TinyMCE. |
20 | | * |
21 | | * @since 2.5.0 |
22 | | * |
23 | | * @global |
24 | | * |
25 | | * @param {string} html The HTML to be sent to the editor. |
26 | | * @returns {void|boolean} Returns false when both TinyMCE and QTags instances |
27 | | * are unavailable. This means that the HTML was not |
28 | | * sent to the editor. |
29 | | */ |
30 | 6 | send_to_editor = function( html ) { |
31 | 7 | var editor, |
32 | 8 | hasTinymce = typeof tinymce !== 'undefined', |
33 | 9 | hasQuicktags = typeof QTags !== 'undefined'; |
34 | 10 | |
35 | | // If no active editor is set, try to set it. |
36 | 11 | if ( ! wpActiveEditor ) { |
37 | 12 | if ( hasTinymce && tinymce.activeEditor ) { |
38 | 13 | editor = tinymce.activeEditor; |
… |
… |
send_to_editor = function( html ) { |
44 | 19 | editor = tinymce.get( wpActiveEditor ); |
45 | 20 | } |
46 | 21 | |
47 | | // If the editor is set and not hidden, insert the HTML into the content of the |
48 | | // editor. |
49 | 22 | if ( editor && ! editor.isHidden() ) { |
50 | 23 | editor.execCommand( 'mceInsertContent', false, html ); |
51 | 24 | } else if ( hasQuicktags ) { |
52 | | // If quick tags are available, insert the HTML into its content. |
53 | 25 | QTags.insertContent( html ); |
54 | 26 | } else { |
55 | | // If neither the TinyMCE editor and the quick tags are available, add the HTML |
56 | | // to the current active editor. |
57 | 27 | document.getElementById( wpActiveEditor ).value += html; |
58 | 28 | } |
59 | 29 | |
60 | | // If the old thickbox remove function exists, call it. |
| 30 | // If the old thickbox remove function exists, call it |
61 | 31 | if ( window.tb_remove ) { |
62 | 32 | try { window.tb_remove(); } catch( e ) {} |
63 | 33 | } |
64 | 34 | }; |
65 | 35 | |
| 36 | // thickbox settings |
66 | 37 | var tb_position; |
67 | 38 | (function($) { |
68 | | /** |
69 | | * Recalculates and applies the new ThickBox position based on the current |
70 | | * window size. |
71 | | * |
72 | | * @since 2.6.0 |
73 | | * |
74 | | * @global |
75 | | * |
76 | | * @returns {Object[]} Array containing jQuery objects for all the found |
77 | | * ThickBox anchors. |
78 | | */ |
79 | 39 | tb_position = function() { |
80 | 40 | var tbWindow = $('#TB_window'), |
81 | 41 | width = $(window).width(), |
… |
… |
var tb_position; |
95 | 55 | tbWindow.css({'top': 20 + adminbar_height + 'px', 'margin-top': '0'}); |
96 | 56 | } |
97 | 57 | |
98 | | /** |
99 | | * Recalculates the new height and width for all links with a ThickBox class. |
100 | | * |
101 | | * @since 2.6.0 |
102 | | */ |
103 | 58 | return $('a.thickbox').each( function() { |
104 | 59 | var href = $(this).attr('href'); |
105 | 60 | if ( ! href ) return; |
… |
… |
var tb_position; |
109 | 64 | }); |
110 | 65 | }; |
111 | 66 | |
112 | | // Add handler to recalculates the ThickBox position when the window is resized. |
113 | 67 | $(window).resize(function(){ tb_position(); }); |
114 | 68 | |
115 | 69 | })(jQuery); |
diff --git src/wp-admin/js/password-strength-meter.js src/wp-admin/js/password-strength-meter.js
index efd26bbc5a..3a8c9da9f0 100644
|
|
window.wp = window.wp || {}; |
3 | 3 | |
4 | 4 | var passwordStrength; |
5 | 5 | (function($){ |
| 6 | |
| 7 | /** |
| 8 | * The Password Strength object. |
| 9 | * |
| 10 | * Contains functions to determine the password strength. |
| 11 | * |
| 12 | * @since 3.7.0 |
| 13 | * |
| 14 | * @namespace |
| 15 | */ |
6 | 16 | wp.passwordStrength = { |
7 | 17 | /** |
8 | | * Determine the strength of a given password |
| 18 | * Determines the strength of a given password. |
| 19 | * |
| 20 | * @since 3.7.0 |
| 21 | * |
| 22 | * @param {string} password1 The password. |
| 23 | * @param {Array} blacklist An array of words that will lower the entropy of the password. |
| 24 | * @param {string} password2 The confirmed password. |
9 | 25 | * |
10 | | * @param string password1 The password |
11 | | * @param array blacklist An array of words that will lower the entropy of the password |
12 | | * @param string password2 The confirmed password |
| 26 | * @returns {number} The password strength score. |
13 | 27 | */ |
14 | 28 | meter : function( password1, blacklist, password2 ) { |
15 | 29 | if ( ! $.isArray( blacklist ) ) |
… |
… |
var passwordStrength; |
28 | 42 | }, |
29 | 43 | |
30 | 44 | /** |
31 | | * Builds an array of data that should be penalized, because it would lower the entropy of a password if it were used |
| 45 | * Builds an array of data that should be penalized. |
| 46 | * |
| 47 | * Certain words need to be penalized because it would lower the entropy of a password if they were used. |
| 48 | * The blacklist is based on user input fields such as username, first name, email etc. |
| 49 | * |
| 50 | * @since 3.7.0 |
32 | 51 | * |
33 | | * @return array The array of data to be blacklisted |
| 52 | * @returns {Array} The array of data to be blacklisted. |
34 | 53 | */ |
35 | 54 | userInputBlacklist : function() { |
36 | 55 | var i, userInputFieldsLength, rawValuesLength, currentField, |
… |
… |
var passwordStrength; |
38 | 57 | blacklist = [], |
39 | 58 | userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ]; |
40 | 59 | |
41 | | // Collect all the strings we want to blacklist |
| 60 | // Collect all the strings we want to blacklist. |
42 | 61 | rawValues.push( document.title ); |
43 | 62 | rawValues.push( document.URL ); |
44 | 63 | |
… |
… |
var passwordStrength; |
54 | 73 | rawValues.push( currentField.val() ); |
55 | 74 | } |
56 | 75 | |
57 | | // Strip out non-alphanumeric characters and convert each word to an individual entry |
| 76 | // Strip out non-alphanumeric characters and convert each word to an individual entry. |
58 | 77 | rawValuesLength = rawValues.length; |
59 | 78 | for ( i = 0; i < rawValuesLength; i++ ) { |
60 | 79 | if ( rawValues[ i ] ) { |
… |
… |
var passwordStrength; |
62 | 81 | } |
63 | 82 | } |
64 | 83 | |
65 | | // Remove empty values, short words, and duplicates. Short words are likely to cause many false positives. |
| 84 | // Remove empty values, short words and duplicates. Short words are likely to cause many false positives. |
66 | 85 | blacklist = $.grep( blacklist, function( value, key ) { |
67 | 86 | if ( '' === value || 4 > value.length ) { |
68 | 87 | return false; |
… |
… |
var passwordStrength; |
75 | 94 | } |
76 | 95 | }; |
77 | 96 | |
78 | | // Back-compat. |
| 97 | // Backward compatibility. |
79 | 98 | passwordStrength = wp.passwordStrength.meter; |
80 | 99 | })(jQuery); |
diff --git src/wp-includes/formatting.php src/wp-includes/formatting.php
index f9795fdaec..ce2c851bc5 100644
|
|
function wp_basename( $path, $suffix = '' ) { |
5077 | 5077 | return urldecode( basename( str_replace( array( '%2F', '%5C' ), '/', urlencode( $path ) ), $suffix ) ); |
5078 | 5078 | } |
5079 | 5079 | |
5080 | | // phpcs:disable WordPress.WP.CapitalPDangit.Misspelled, WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid -- 8-) |
5081 | 5080 | /** |
5082 | | * Forever eliminate "Wordpress" from the planet (or at least the little bit we can influence). |
| 5081 | * Forever eliminate "WordPress" from the planet (or at least the little bit we can influence). |
5083 | 5082 | * |
5084 | 5083 | * Violating our coding standards for a good function name. |
5085 | 5084 | * |
… |
… |
function capital_P_dangit( $text ) { |
5094 | 5093 | // Simple replacement for titles |
5095 | 5094 | $current_filter = current_filter(); |
5096 | 5095 | if ( 'the_title' === $current_filter || 'wp_title' === $current_filter ) { |
5097 | | return str_replace( 'Wordpress', 'WordPress', $text ); |
| 5096 | return str_replace( 'WordPress', 'WordPress', $text ); |
5098 | 5097 | } |
5099 | 5098 | // Still here? Use the more judicious replacement |
5100 | 5099 | static $dblq = false; |
… |
… |
function capital_P_dangit( $text ) { |
5107 | 5106 | $text |
5108 | 5107 | ); |
5109 | 5108 | } |
5110 | | // phpcs:enable |
5111 | 5109 | |
5112 | 5110 | /** |
5113 | 5111 | * Sanitize a mime type |
diff --git src/wp-includes/functions.php src/wp-includes/functions.php
index 320d76918e..9b5f292eec 100644
|
|
function _device_can_upload() { |
5459 | 5459 | */ |
5460 | 5460 | function wp_is_stream( $path ) { |
5461 | 5461 | $wrappers = stream_get_wrappers(); |
5462 | | $wrappers = array_map( 'preg_quote', $wrappers ); |
5463 | 5462 | $wrappers_re = '(' . join( '|', $wrappers ) . ')'; |
5464 | 5463 | |
5465 | 5464 | return preg_match( "!^$wrappers_re://!", $path ) === 1; |
diff --git src/wp-includes/js/tinymce/plugins/wplink/plugin.js src/wp-includes/js/tinymce/plugins/wplink/plugin.js
index f20d7c9d89..2a7f697368 100644
|
|
|
468 | 468 | } |
469 | 469 | } |
470 | 470 | } ).autocomplete( 'instance' )._renderItem = function( ul, item ) { |
471 | | var fallbackTitle = ( typeof window.wpLinkL10n !== 'undefined' ) ? window.wpLinkL10n.noTitle : '', |
472 | | title = item.title ? item.title : fallbackTitle; |
473 | | |
474 | 471 | return $( '<li role="option" id="mce-wp-autocomplete-' + item.ID + '">' ) |
475 | | .append( '<span>' + title + '</span> <span class="wp-editor-float-right">' + item.info + '</span>' ) |
| 472 | .append( '<span>' + item.title + '</span> <span class="wp-editor-float-right">' + item.info + '</span>' ) |
476 | 473 | .appendTo( ul ); |
477 | 474 | }; |
478 | 475 | |
diff --git src/wp-includes/rest-api/class-wp-rest-server.php src/wp-includes/rest-api/class-wp-rest-server.php
index 2a0af4b283..fbc47dab5b 100644
|
|
class WP_REST_Server { |
915 | 915 | if ( is_wp_error( $permission ) ) { |
916 | 916 | $response = $permission; |
917 | 917 | } elseif ( false === $permission || null === $permission ) { |
918 | | $response = new WP_Error( 'rest_forbidden', __( 'Sorry, you are not allowed to do that.' ), array( 'status' => rest_authorization_required_code() ) ); |
| 918 | $response = new WP_Error( 'rest_forbidden', __( 'Sorry, you are not allowed to do that.' ), array( 'status' => 403 ) ); |
919 | 919 | } |
920 | 920 | } |
921 | 921 | } |
diff --git tests/phpunit/tests/formatting/CapitalPDangit.php tests/phpunit/tests/formatting/CapitalPDangit.php
deleted file mode 100644
index 06aec81b49..0000000000
+
|
-
|
|
1 | | <?php |
2 | | // phpcs:disable WordPress.WP.CapitalPDangit.Misspelled -- 🙃 |
3 | | |
4 | | /** |
5 | | * @group formatting |
6 | | */ |
7 | | class Tests_Formatting_CapitalPDangit extends WP_UnitTestCase { |
8 | | function test_esc_attr_quotes() { |
9 | | global $wp_current_filter; |
10 | | $this->assertEquals( 'Something about WordPress', capital_P_dangit( 'Something about Wordpress' ) ); |
11 | | $this->assertEquals( 'Something about (WordPress', capital_P_dangit( 'Something about (Wordpress' ) ); |
12 | | $this->assertEquals( 'Something about ‘WordPress', capital_P_dangit( 'Something about ‘Wordpress' ) ); |
13 | | $this->assertEquals( 'Something about “WordPress', capital_P_dangit( 'Something about “Wordpress' ) ); |
14 | | $this->assertEquals( 'Something about >WordPress', capital_P_dangit( 'Something about >Wordpress' ) ); |
15 | | $this->assertEquals( 'Wordpress', capital_P_dangit( 'Wordpress' ) ); |
16 | | |
17 | | $wp_current_filter = array( 'the_title' ); |
18 | | $this->assertEquals( 'WordPress', capital_P_dangit( 'Wordpress' ) ); |
19 | | } |
20 | | } |
diff --git tests/phpunit/tests/image/editorImagick.php tests/phpunit/tests/image/editorImagick.php
index fb88f3346d..ec75106239 100644
|
|
class Tests_Image_Editor_Imagick extends WP_Image_UnitTestCase { |
550 | 550 | * @ticket 37140 |
551 | 551 | */ |
552 | 552 | public function test_remove_orientation_data_on_rotate() { |
553 | | if ( ! function_exists( 'exif_read_data' ) ) { |
554 | | $this->markTestSkipped( 'This test requires the exif_read_data function.' ); |
555 | | } |
556 | | |
557 | 553 | $file = DIR_TESTDATA . '/images/test-image-upside-down.jpg'; |
558 | 554 | $data = wp_read_image_metadata( $file ); |
559 | 555 | |
diff --git tests/phpunit/tests/rest-api/rest-attachments-controller.php tests/phpunit/tests/rest-api/rest-attachments-controller.php
index a25d31358a..02daded298 100644
|
|
class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control |
524 | 524 | $this->assertFalse( isset( $data['media_details']['sizes']['rest-api-test']['source_url'] ) ); |
525 | 525 | } |
526 | 526 | |
527 | | public function test_get_item_private_post_not_authenticated() { |
| 527 | public function test_get_item_private_post() { |
528 | 528 | wp_set_current_user( 0 ); |
529 | 529 | $draft_post = $this->factory->post->create( array( 'post_status' => 'draft' ) ); |
530 | 530 | $id1 = $this->factory->attachment->create_object( |
… |
… |
class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control |
535 | 535 | ); |
536 | 536 | $request = new WP_REST_Request( 'GET', '/wp/v2/media/' . $id1 ); |
537 | 537 | $response = $this->server->dispatch( $request ); |
538 | | $this->assertEquals( 401, $response->get_status() ); |
| 538 | $this->assertEquals( 403, $response->get_status() ); |
539 | 539 | } |
540 | 540 | |
541 | 541 | public function test_get_item_inherit_status_with_invalid_parent() { |
… |
… |
class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control |
553 | 553 | $this->assertEquals( $attachment_id, $data['id'] ); |
554 | 554 | } |
555 | 555 | |
556 | | public function test_get_item_auto_status_with_invalid_parent_not_authenticated_returns_error() { |
| 556 | public function test_get_item_auto_status_with_invalid_parent_returns_error() { |
557 | 557 | $attachment_id = $this->factory->attachment->create_object( |
558 | 558 | $this->test_file, REST_TESTS_IMPOSSIBLY_HIGH_NUMBER, array( |
559 | 559 | 'post_mime_type' => 'image/jpeg', |
… |
… |
class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control |
564 | 564 | $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/media/%d', $attachment_id ) ); |
565 | 565 | $response = $this->server->dispatch( $request ); |
566 | 566 | |
567 | | $this->assertErrorResponse( 'rest_forbidden', $response, 401 ); |
| 567 | $this->assertErrorResponse( 'rest_forbidden', $response, 403 ); |
568 | 568 | } |
569 | 569 | |
570 | 570 | public function test_create_item() { |
diff --git tests/phpunit/tests/rest-api/rest-posts-controller.php tests/phpunit/tests/rest-api/rest-posts-controller.php
index b6cb4ce074..e2c7bf7c89 100644
|
|
class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te |
1327 | 1327 | $this->assertEquals( rest_url( '/wp/v2/users/' . self::$author_id ), $links['author'][0]['href'] ); |
1328 | 1328 | } |
1329 | 1329 | |
1330 | | public function test_get_post_draft_status_not_authenicated() { |
| 1330 | public function test_get_post_without_permission() { |
1331 | 1331 | $draft_id = $this->factory->post->create( |
1332 | 1332 | array( |
1333 | 1333 | 'post_status' => 'draft', |
… |
… |
class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te |
1338 | 1338 | $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', $draft_id ) ); |
1339 | 1339 | $response = $this->server->dispatch( $request ); |
1340 | 1340 | |
1341 | | $this->assertErrorResponse( 'rest_forbidden', $response, 401 ); |
| 1341 | $this->assertErrorResponse( 'rest_forbidden', $response, 403 ); |
1342 | 1342 | } |
1343 | 1343 | |
1344 | 1344 | public function test_get_post_invalid_id() { |
… |
… |
class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te |
1464 | 1464 | $this->assertTrue( $data['excerpt']['protected'] ); |
1465 | 1465 | } |
1466 | 1466 | |
1467 | | public function test_get_item_read_permission_custom_post_status_not_authenticated() { |
| 1467 | public function test_get_item_read_permission_custom_post_status() { |
1468 | 1468 | register_post_status( 'testpubstatus', array( 'public' => true ) ); |
1469 | 1469 | register_post_status( 'testprivtatus', array( 'public' => false ) ); |
1470 | 1470 | // Public status |
… |
… |
class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te |
1486 | 1486 | ); |
1487 | 1487 | $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); |
1488 | 1488 | $response = $this->server->dispatch( $request ); |
1489 | | $this->assertEquals( 401, $response->get_status() ); |
| 1489 | $this->assertEquals( 403, $response->get_status() ); |
1490 | 1490 | } |
1491 | 1491 | |
1492 | 1492 | public function test_prepare_item() { |
diff --git tests/phpunit/tests/rest-api/rest-settings-controller.php tests/phpunit/tests/rest-api/rest-settings-controller.php
index 97670a21c0..dcf2d57af3 100644
|
|
|
10 | 10 | * @group restapi |
11 | 11 | */ |
12 | 12 | class WP_Test_REST_Settings_Controller extends WP_Test_REST_Controller_Testcase { |
13 | | |
14 | 13 | protected static $administrator; |
15 | | protected static $author; |
16 | 14 | |
17 | 15 | public static function wpSetUpBeforeClass( $factory ) { |
18 | 16 | self::$administrator = $factory->user->create( |
… |
… |
class WP_Test_REST_Settings_Controller extends WP_Test_REST_Controller_Testcase |
20 | 18 | 'role' => 'administrator', |
21 | 19 | ) |
22 | 20 | ); |
23 | | |
24 | | self::$author = $factory->user->create( |
25 | | array( |
26 | | 'role' => 'author', |
27 | | ) |
28 | | ); |
29 | 21 | } |
30 | 22 | |
31 | 23 | public static function wpTearDownAfterClass() { |
32 | 24 | self::delete_user( self::$administrator ); |
33 | | self::delete_user( self::$author ); |
34 | 25 | } |
35 | 26 | |
36 | 27 | public function setUp() { |
… |
… |
class WP_Test_REST_Settings_Controller extends WP_Test_REST_Controller_Testcase |
54 | 45 | public function test_context_param() { |
55 | 46 | } |
56 | 47 | |
57 | | public function test_get_item_is_not_public_not_authenticated() { |
58 | | $request = new WP_REST_Request( 'GET', '/wp/v2/settings' ); |
59 | | $response = $this->server->dispatch( $request ); |
60 | | $this->assertEquals( 401, $response->get_status() ); |
61 | | } |
62 | | |
63 | | public function test_get_item_is_not_public_no_permission() { |
64 | | wp_set_current_user( self::$author ); |
| 48 | public function test_get_item_is_not_public() { |
65 | 49 | $request = new WP_REST_Request( 'GET', '/wp/v2/settings' ); |
66 | 50 | $response = $this->server->dispatch( $request ); |
67 | 51 | $this->assertEquals( 403, $response->get_status() ); |
diff --git tests/phpunit/tests/rest-api/rest-taxonomies-controller.php tests/phpunit/tests/rest-api/rest-taxonomies-controller.php
index 5a736086aa..205a041f23 100644
|
|
|
11 | 11 | */ |
12 | 12 | class WP_Test_REST_Taxonomies_Controller extends WP_Test_REST_Controller_Testcase { |
13 | 13 | |
14 | | protected static $contributor_id; |
15 | | |
16 | | public static function wpSetUpBeforeClass( $factory ) { |
17 | | self::$contributor_id = $factory->user->create( |
18 | | array( |
19 | | 'role' => 'contributor', |
20 | | ) |
21 | | ); |
22 | | } |
23 | | |
24 | | public static function wpTearDownAfterClass() { |
25 | | self::delete_user( self::$contributor_id ); |
26 | | } |
27 | | |
28 | 14 | public function test_register_routes() { |
29 | 15 | $routes = $this->server->get_routes(); |
30 | 16 | |
… |
… |
class WP_Test_REST_Taxonomies_Controller extends WP_Test_REST_Controller_Testcas |
115 | 101 | $this->assertErrorResponse( 'rest_taxonomy_invalid', $response, 404 ); |
116 | 102 | } |
117 | 103 | |
118 | | public function test_get_non_public_taxonomy_not_authenticated() { |
119 | | register_taxonomy( 'api-private', 'post', array( 'public' => false ) ); |
120 | | |
121 | | $request = new WP_REST_Request( 'GET', '/wp/v2/taxonomies/api-private' ); |
122 | | $response = $this->server->dispatch( $request ); |
123 | | $this->assertErrorResponse( 'rest_forbidden', $response, 401 ); |
124 | | } |
125 | | |
126 | | public function test_get_non_public_taxonomy_no_permission() { |
127 | | wp_set_current_user( self::$contributor_id ); |
| 104 | public function test_get_non_public_taxonomy() { |
128 | 105 | register_taxonomy( 'api-private', 'post', array( 'public' => false ) ); |
129 | 106 | |
130 | 107 | $request = new WP_REST_Request( 'GET', '/wp/v2/taxonomies/api-private' ); |