diff --git src/license.txt src/license.txt
index c2df00a661..5a605dac3b 100644
|
|
|
|
| 1 | 1 | WordPress - Web publishing software |
| 2 | 2 | |
| 3 | | Copyright 2011-2018 by the contributors |
| | 3 | Copyright 2011-2017 by the contributors |
| 4 | 4 | |
| 5 | 5 | This program is free software; you can redistribute it and/or modify |
| 6 | 6 | it under the terms of the GNU General Public License as published by |
diff --git src/wp-admin/includes/class-wp-comments-list-table.php src/wp-admin/includes/class-wp-comments-list-table.php
index e64086d525..071313903e 100644
|
|
|
class WP_Comments_List_Table extends WP_List_Table { |
| 134 | 134 | 'post_type' => $post_type, |
| 135 | 135 | ); |
| 136 | 136 | |
| 137 | | /** |
| 138 | | * Filters the arguments for the comment query in the comments list table. |
| 139 | | * |
| 140 | | * @since 5.0.0 |
| 141 | | * |
| 142 | | * @param array $args An array of get_comments() arguments. |
| 143 | | */ |
| 144 | | $args = apply_filters( 'comments_list_table_query_args', $args ); |
| 145 | | |
| 146 | 137 | $_comments = get_comments( $args ); |
| 147 | 138 | if ( is_array( $_comments ) ) { |
| 148 | 139 | update_comment_cache( $_comments ); |
diff --git src/wp-admin/includes/update-core.php src/wp-admin/includes/update-core.php
index fc6681acb3..ec909143dd 100644
|
|
|
function update_core( $from, $to ) { |
| 1143 | 1143 | if ( ! $wp_filesystem->exists( $old_file ) ) { |
| 1144 | 1144 | continue; |
| 1145 | 1145 | } |
| 1146 | | |
| 1147 | | // If the file isn't deleted, try writing an empty string to the file instead. |
| 1148 | | if ( ! $wp_filesystem->delete( $old_file, true ) && $wp_filesystem->is_file( $old_file ) ) { |
| 1149 | | $wp_filesystem->put_contents( $old_file, '' ); |
| 1150 | | } |
| | 1146 | $wp_filesystem->delete( $old_file, true ); |
| 1151 | 1147 | } |
| 1152 | 1148 | |
| 1153 | 1149 | // Remove any Genericons example.html's from the filesystem |
diff --git src/wp-admin/js/editor.js src/wp-admin/js/editor.js
index 103d6bbf96..6010e8f7f8 100644
|
|
|
window.wp = window.wp || {}; |
| 695 | 695 | */ |
| 696 | 696 | function findBookmarkedPosition( editor ) { |
| 697 | 697 | // Get the TinyMCE `window` reference, since we need to access the raw selection. |
| 698 | | var TinyMCEWindow = editor.getWin(), |
| 699 | | selection = TinyMCEWindow.getSelection(); |
| | 698 | var TinyMCEWIndow = editor.getWin(), |
| | 699 | selection = TinyMCEWIndow.getSelection(); |
| 700 | 700 | |
| 701 | | if ( ! selection || selection.rangeCount < 1 ) { |
| | 701 | if ( selection.rangeCount <= 0 ) { |
| 702 | 702 | // no selection, no need to continue. |
| 703 | 703 | return; |
| 704 | 704 | } |
diff --git src/wp-admin/js/media-upload.js src/wp-admin/js/media-upload.js
index b7171a3e9c..cd969b9b3a 100644
|
|
|
|
| 1 | 1 | /* global tinymce, QTags */ |
| 2 | | |
| 3 | | /** |
| 4 | | * Contains global functions for the media upload within the post edit screen. |
| 5 | | * |
| 6 | | * Updates the ThickBox anchor href and the ThickBox's own properties in order |
| 7 | | * to set the size and position on every resize event. Also adds a function to |
| 8 | | * send HTML or text to the currently active editor. |
| 9 | | * |
| 10 | | * @file |
| 11 | | * @since 2.5.0 |
| 12 | | * |
| 13 | | * @requires jQuery |
| 14 | | */ |
| | 2 | // send html to the post editor |
| 15 | 3 | |
| 16 | 4 | var wpActiveEditor, send_to_editor; |
| 17 | 5 | |
| 18 | | /** |
| 19 | | * Sends the HTML passed in the parameters to TinyMCE. |
| 20 | | * |
| 21 | | * @since 2.5.0 |
| 22 | | * |
| 23 | | * @global |
| 24 | | * |
| 25 | | * @param {string} html The HTML to be sent to the editor. |
| 26 | | * @returns {void|boolean} Returns false when both TinyMCE and QTags instances |
| 27 | | * are unavailable. This means that the HTML was not |
| 28 | | * sent to the editor. |
| 29 | | */ |
| 30 | 6 | send_to_editor = function( html ) { |
| 31 | 7 | var editor, |
| 32 | 8 | hasTinymce = typeof tinymce !== 'undefined', |
| 33 | 9 | hasQuicktags = typeof QTags !== 'undefined'; |
| 34 | 10 | |
| 35 | | // If no active editor is set, try to set it. |
| 36 | 11 | if ( ! wpActiveEditor ) { |
| 37 | 12 | if ( hasTinymce && tinymce.activeEditor ) { |
| 38 | 13 | editor = tinymce.activeEditor; |
| … |
… |
send_to_editor = function( html ) { |
| 44 | 19 | editor = tinymce.get( wpActiveEditor ); |
| 45 | 20 | } |
| 46 | 21 | |
| 47 | | // If the editor is set and not hidden, insert the HTML into the content of the |
| 48 | | // editor. |
| 49 | 22 | if ( editor && ! editor.isHidden() ) { |
| 50 | 23 | editor.execCommand( 'mceInsertContent', false, html ); |
| 51 | 24 | } else if ( hasQuicktags ) { |
| 52 | | // If quick tags are available, insert the HTML into its content. |
| 53 | 25 | QTags.insertContent( html ); |
| 54 | 26 | } else { |
| 55 | | // If neither the TinyMCE editor and the quick tags are available, add the HTML |
| 56 | | // to the current active editor. |
| 57 | 27 | document.getElementById( wpActiveEditor ).value += html; |
| 58 | 28 | } |
| 59 | 29 | |
| 60 | | // If the old thickbox remove function exists, call it. |
| | 30 | // If the old thickbox remove function exists, call it |
| 61 | 31 | if ( window.tb_remove ) { |
| 62 | 32 | try { window.tb_remove(); } catch( e ) {} |
| 63 | 33 | } |
| 64 | 34 | }; |
| 65 | 35 | |
| | 36 | // thickbox settings |
| 66 | 37 | var tb_position; |
| 67 | 38 | (function($) { |
| 68 | | /** |
| 69 | | * Recalculates and applies the new ThickBox position based on the current |
| 70 | | * window size. |
| 71 | | * |
| 72 | | * @since 2.6.0 |
| 73 | | * |
| 74 | | * @global |
| 75 | | * |
| 76 | | * @returns {Object[]} Array containing jQuery objects for all the found |
| 77 | | * ThickBox anchors. |
| 78 | | */ |
| 79 | 39 | tb_position = function() { |
| 80 | 40 | var tbWindow = $('#TB_window'), |
| 81 | 41 | width = $(window).width(), |
| … |
… |
var tb_position; |
| 95 | 55 | tbWindow.css({'top': 20 + adminbar_height + 'px', 'margin-top': '0'}); |
| 96 | 56 | } |
| 97 | 57 | |
| 98 | | /** |
| 99 | | * Recalculates the new height and width for all links with a ThickBox class. |
| 100 | | * |
| 101 | | * @since 2.6.0 |
| 102 | | */ |
| 103 | 58 | return $('a.thickbox').each( function() { |
| 104 | 59 | var href = $(this).attr('href'); |
| 105 | 60 | if ( ! href ) return; |
| … |
… |
var tb_position; |
| 109 | 64 | }); |
| 110 | 65 | }; |
| 111 | 66 | |
| 112 | | // Add handler to recalculates the ThickBox position when the window is resized. |
| 113 | 67 | $(window).resize(function(){ tb_position(); }); |
| 114 | 68 | |
| 115 | 69 | })(jQuery); |
diff --git src/wp-admin/js/password-strength-meter.js src/wp-admin/js/password-strength-meter.js
index efd26bbc5a..3a8c9da9f0 100644
|
|
|
window.wp = window.wp || {}; |
| 3 | 3 | |
| 4 | 4 | var passwordStrength; |
| 5 | 5 | (function($){ |
| | 6 | |
| | 7 | /** |
| | 8 | * The Password Strength object. |
| | 9 | * |
| | 10 | * Contains functions to determine the password strength. |
| | 11 | * |
| | 12 | * @since 3.7.0 |
| | 13 | * |
| | 14 | * @namespace |
| | 15 | */ |
| 6 | 16 | wp.passwordStrength = { |
| 7 | 17 | /** |
| 8 | | * Determine the strength of a given password |
| | 18 | * Determines the strength of a given password. |
| | 19 | * |
| | 20 | * @since 3.7.0 |
| | 21 | * |
| | 22 | * @param {string} password1 The password. |
| | 23 | * @param {Array} blacklist An array of words that will lower the entropy of the password. |
| | 24 | * @param {string} password2 The confirmed password. |
| 9 | 25 | * |
| 10 | | * @param string password1 The password |
| 11 | | * @param array blacklist An array of words that will lower the entropy of the password |
| 12 | | * @param string password2 The confirmed password |
| | 26 | * @returns {number} The password strength score. |
| 13 | 27 | */ |
| 14 | 28 | meter : function( password1, blacklist, password2 ) { |
| 15 | 29 | if ( ! $.isArray( blacklist ) ) |
| … |
… |
var passwordStrength; |
| 28 | 42 | }, |
| 29 | 43 | |
| 30 | 44 | /** |
| 31 | | * Builds an array of data that should be penalized, because it would lower the entropy of a password if it were used |
| | 45 | * Builds an array of data that should be penalized. |
| | 46 | * |
| | 47 | * Certain words need to be penalized because it would lower the entropy of a password if they were used. |
| | 48 | * The blacklist is based on user input fields such as username, first name, email etc. |
| | 49 | * |
| | 50 | * @since 3.7.0 |
| 32 | 51 | * |
| 33 | | * @return array The array of data to be blacklisted |
| | 52 | * @returns {Array} The array of data to be blacklisted. |
| 34 | 53 | */ |
| 35 | 54 | userInputBlacklist : function() { |
| 36 | 55 | var i, userInputFieldsLength, rawValuesLength, currentField, |
| … |
… |
var passwordStrength; |
| 38 | 57 | blacklist = [], |
| 39 | 58 | userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ]; |
| 40 | 59 | |
| 41 | | // Collect all the strings we want to blacklist |
| | 60 | // Collect all the strings we want to blacklist. |
| 42 | 61 | rawValues.push( document.title ); |
| 43 | 62 | rawValues.push( document.URL ); |
| 44 | 63 | |
| … |
… |
var passwordStrength; |
| 54 | 73 | rawValues.push( currentField.val() ); |
| 55 | 74 | } |
| 56 | 75 | |
| 57 | | // Strip out non-alphanumeric characters and convert each word to an individual entry |
| | 76 | // Strip out non-alphanumeric characters and convert each word to an individual entry. |
| 58 | 77 | rawValuesLength = rawValues.length; |
| 59 | 78 | for ( i = 0; i < rawValuesLength; i++ ) { |
| 60 | 79 | if ( rawValues[ i ] ) { |
| … |
… |
var passwordStrength; |
| 62 | 81 | } |
| 63 | 82 | } |
| 64 | 83 | |
| 65 | | // Remove empty values, short words, and duplicates. Short words are likely to cause many false positives. |
| | 84 | // Remove empty values, short words and duplicates. Short words are likely to cause many false positives. |
| 66 | 85 | blacklist = $.grep( blacklist, function( value, key ) { |
| 67 | 86 | if ( '' === value || 4 > value.length ) { |
| 68 | 87 | return false; |
| … |
… |
var passwordStrength; |
| 75 | 94 | } |
| 76 | 95 | }; |
| 77 | 96 | |
| 78 | | // Back-compat. |
| | 97 | // Backward compatibility. |
| 79 | 98 | passwordStrength = wp.passwordStrength.meter; |
| 80 | 99 | })(jQuery); |
diff --git src/wp-includes/formatting.php src/wp-includes/formatting.php
index f9795fdaec..ce2c851bc5 100644
|
|
|
function wp_basename( $path, $suffix = '' ) { |
| 5077 | 5077 | return urldecode( basename( str_replace( array( '%2F', '%5C' ), '/', urlencode( $path ) ), $suffix ) ); |
| 5078 | 5078 | } |
| 5079 | 5079 | |
| 5080 | | // phpcs:disable WordPress.WP.CapitalPDangit.Misspelled, WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid -- 8-) |
| 5081 | 5080 | /** |
| 5082 | | * Forever eliminate "Wordpress" from the planet (or at least the little bit we can influence). |
| | 5081 | * Forever eliminate "WordPress" from the planet (or at least the little bit we can influence). |
| 5083 | 5082 | * |
| 5084 | 5083 | * Violating our coding standards for a good function name. |
| 5085 | 5084 | * |
| … |
… |
function capital_P_dangit( $text ) { |
| 5094 | 5093 | // Simple replacement for titles |
| 5095 | 5094 | $current_filter = current_filter(); |
| 5096 | 5095 | if ( 'the_title' === $current_filter || 'wp_title' === $current_filter ) { |
| 5097 | | return str_replace( 'Wordpress', 'WordPress', $text ); |
| | 5096 | return str_replace( 'WordPress', 'WordPress', $text ); |
| 5098 | 5097 | } |
| 5099 | 5098 | // Still here? Use the more judicious replacement |
| 5100 | 5099 | static $dblq = false; |
| … |
… |
function capital_P_dangit( $text ) { |
| 5107 | 5106 | $text |
| 5108 | 5107 | ); |
| 5109 | 5108 | } |
| 5110 | | // phpcs:enable |
| 5111 | 5109 | |
| 5112 | 5110 | /** |
| 5113 | 5111 | * Sanitize a mime type |
diff --git src/wp-includes/functions.php src/wp-includes/functions.php
index 320d76918e..9b5f292eec 100644
|
|
|
function _device_can_upload() { |
| 5459 | 5459 | */ |
| 5460 | 5460 | function wp_is_stream( $path ) { |
| 5461 | 5461 | $wrappers = stream_get_wrappers(); |
| 5462 | | $wrappers = array_map( 'preg_quote', $wrappers ); |
| 5463 | 5462 | $wrappers_re = '(' . join( '|', $wrappers ) . ')'; |
| 5464 | 5463 | |
| 5465 | 5464 | return preg_match( "!^$wrappers_re://!", $path ) === 1; |
diff --git src/wp-includes/js/tinymce/plugins/wplink/plugin.js src/wp-includes/js/tinymce/plugins/wplink/plugin.js
index f20d7c9d89..2a7f697368 100644
|
|
|
|
| 468 | 468 | } |
| 469 | 469 | } |
| 470 | 470 | } ).autocomplete( 'instance' )._renderItem = function( ul, item ) { |
| 471 | | var fallbackTitle = ( typeof window.wpLinkL10n !== 'undefined' ) ? window.wpLinkL10n.noTitle : '', |
| 472 | | title = item.title ? item.title : fallbackTitle; |
| 473 | | |
| 474 | 471 | return $( '<li role="option" id="mce-wp-autocomplete-' + item.ID + '">' ) |
| 475 | | .append( '<span>' + |
| | 472 | .append( '<span>' + item.title + '</span> <span class="wp-editor-float-right">' + item.info + '</span>' ) |
| 476 | 473 | .appendTo( ul ); |
| 477 | 474 | }; |
| 478 | 475 | |
diff --git src/wp-includes/rest-api/class-wp-rest-server.php src/wp-includes/rest-api/class-wp-rest-server.php
index 2a0af4b283..fbc47dab5b 100644
|
|
|
class WP_REST_Server { |
| 915 | 915 | if ( is_wp_error( $permission ) ) { |
| 916 | 916 | $response = $permission; |
| 917 | 917 | } elseif ( false === $permission || null === $permission ) { |
| 918 | | $response = new WP_Error( 'rest_forbidden', __( 'Sorry, you are not allowed to do that.' ), array( 'status' => rest_authorization_required_code() ) ); |
| | 918 | $response = new WP_Error( 'rest_forbidden', __( 'Sorry, you are not allowed to do that.' ), array( 'status' => 403 ) ); |
| 919 | 919 | } |
| 920 | 920 | } |
| 921 | 921 | } |
diff --git tests/phpunit/tests/formatting/CapitalPDangit.php tests/phpunit/tests/formatting/CapitalPDangit.php
deleted file mode 100644
index 06aec81b49..0000000000
|
+
|
-
|
|
| 1 | | <?php |
| 2 | | // phpcs:disable WordPress.WP.CapitalPDangit.Misspelled -- 🙃 |
| 3 | | |
| 4 | | /** |
| 5 | | * @group formatting |
| 6 | | */ |
| 7 | | class Tests_Formatting_CapitalPDangit extends WP_UnitTestCase { |
| 8 | | function test_esc_attr_quotes() { |
| 9 | | global $wp_current_filter; |
| 10 | | $this->assertEquals( 'Something about WordPress', capital_P_dangit( 'Something about Wordpress' ) ); |
| 11 | | $this->assertEquals( 'Something about (WordPress', capital_P_dangit( 'Something about (Wordpress' ) ); |
| 12 | | $this->assertEquals( 'Something about ‘WordPress', capital_P_dangit( 'Something about ‘Wordpress' ) ); |
| 13 | | $this->assertEquals( 'Something about “WordPress', capital_P_dangit( 'Something about “Wordpress' ) ); |
| 14 | | $this->assertEquals( 'Something about >WordPress', capital_P_dangit( 'Something about >Wordpress' ) ); |
| 15 | | $this->assertEquals( 'Wordpress', capital_P_dangit( 'Wordpress' ) ); |
| 16 | | |
| 17 | | $wp_current_filter = array( 'the_title' ); |
| 18 | | $this->assertEquals( 'WordPress', capital_P_dangit( 'Wordpress' ) ); |
| 19 | | } |
| 20 | | } |
diff --git tests/phpunit/tests/image/editorImagick.php tests/phpunit/tests/image/editorImagick.php
index fb88f3346d..ec75106239 100644
|
|
|
class Tests_Image_Editor_Imagick extends WP_Image_UnitTestCase { |
| 550 | 550 | * @ticket 37140 |
| 551 | 551 | */ |
| 552 | 552 | public function test_remove_orientation_data_on_rotate() { |
| 553 | | if ( ! function_exists( 'exif_read_data' ) ) { |
| 554 | | $this->markTestSkipped( 'This test requires the exif_read_data function.' ); |
| 555 | | } |
| 556 | | |
| 557 | 553 | $file = DIR_TESTDATA . '/images/test-image-upside-down.jpg'; |
| 558 | 554 | $data = wp_read_image_metadata( $file ); |
| 559 | 555 | |
diff --git tests/phpunit/tests/rest-api/rest-attachments-controller.php tests/phpunit/tests/rest-api/rest-attachments-controller.php
index a25d31358a..02daded298 100644
|
|
|
class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control |
| 524 | 524 | $this->assertFalse( isset( $data['media_details']['sizes']['rest-api-test']['source_url'] ) ); |
| 525 | 525 | } |
| 526 | 526 | |
| 527 | | public function test_get_item_private_post_not_authenticated() { |
| | 527 | public function test_get_item_private_post() { |
| 528 | 528 | wp_set_current_user( 0 ); |
| 529 | 529 | $draft_post = $this->factory->post->create( array( 'post_status' => 'draft' ) ); |
| 530 | 530 | $id1 = $this->factory->attachment->create_object( |
| … |
… |
class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control |
| 535 | 535 | ); |
| 536 | 536 | $request = new WP_REST_Request( 'GET', '/wp/v2/media/' . $id1 ); |
| 537 | 537 | $response = $this->server->dispatch( $request ); |
| 538 | | $this->assertEquals( 401, $response->get_status() ); |
| | 538 | $this->assertEquals( 403, $response->get_status() ); |
| 539 | 539 | } |
| 540 | 540 | |
| 541 | 541 | public function test_get_item_inherit_status_with_invalid_parent() { |
| … |
… |
class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control |
| 553 | 553 | $this->assertEquals( $attachment_id, $data['id'] ); |
| 554 | 554 | } |
| 555 | 555 | |
| 556 | | public function test_get_item_auto_status_with_invalid_parent_not_authenticated_returns_error() { |
| | 556 | public function test_get_item_auto_status_with_invalid_parent_returns_error() { |
| 557 | 557 | $attachment_id = $this->factory->attachment->create_object( |
| 558 | 558 | $this->test_file, REST_TESTS_IMPOSSIBLY_HIGH_NUMBER, array( |
| 559 | 559 | 'post_mime_type' => 'image/jpeg', |
| … |
… |
class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control |
| 564 | 564 | $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/media/%d', $attachment_id ) ); |
| 565 | 565 | $response = $this->server->dispatch( $request ); |
| 566 | 566 | |
| 567 | | $this->assertErrorResponse( 'rest_forbidden', $response, 401 ); |
| | 567 | $this->assertErrorResponse( 'rest_forbidden', $response, 403 ); |
| 568 | 568 | } |
| 569 | 569 | |
| 570 | 570 | public function test_create_item() { |
diff --git tests/phpunit/tests/rest-api/rest-posts-controller.php tests/phpunit/tests/rest-api/rest-posts-controller.php
index b6cb4ce074..e2c7bf7c89 100644
|
|
|
class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te |
| 1327 | 1327 | $this->assertEquals( rest_url( '/wp/v2/users/' . self::$author_id ), $links['author'][0]['href'] ); |
| 1328 | 1328 | } |
| 1329 | 1329 | |
| 1330 | | public function test_get_post_draft_status_not_authenicated() { |
| | 1330 | public function test_get_post_without_permission() { |
| 1331 | 1331 | $draft_id = $this->factory->post->create( |
| 1332 | 1332 | array( |
| 1333 | 1333 | 'post_status' => 'draft', |
| … |
… |
class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te |
| 1338 | 1338 | $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', $draft_id ) ); |
| 1339 | 1339 | $response = $this->server->dispatch( $request ); |
| 1340 | 1340 | |
| 1341 | | $this->assertErrorResponse( 'rest_forbidden', $response, 401 ); |
| | 1341 | $this->assertErrorResponse( 'rest_forbidden', $response, 403 ); |
| 1342 | 1342 | } |
| 1343 | 1343 | |
| 1344 | 1344 | public function test_get_post_invalid_id() { |
| … |
… |
class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te |
| 1464 | 1464 | $this->assertTrue( $data['excerpt']['protected'] ); |
| 1465 | 1465 | } |
| 1466 | 1466 | |
| 1467 | | public function test_get_item_read_permission_custom_post_status_not_authenticated() { |
| | 1467 | public function test_get_item_read_permission_custom_post_status() { |
| 1468 | 1468 | register_post_status( 'testpubstatus', array( 'public' => true ) ); |
| 1469 | 1469 | register_post_status( 'testprivtatus', array( 'public' => false ) ); |
| 1470 | 1470 | // Public status |
| … |
… |
class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te |
| 1486 | 1486 | ); |
| 1487 | 1487 | $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); |
| 1488 | 1488 | $response = $this->server->dispatch( $request ); |
| 1489 | | $this->assertEquals( 401, $response->get_status() ); |
| | 1489 | $this->assertEquals( 403, $response->get_status() ); |
| 1490 | 1490 | } |
| 1491 | 1491 | |
| 1492 | 1492 | public function test_prepare_item() { |
diff --git tests/phpunit/tests/rest-api/rest-settings-controller.php tests/phpunit/tests/rest-api/rest-settings-controller.php
index 97670a21c0..dcf2d57af3 100644
|
|
|
|
| 10 | 10 | * @group restapi |
| 11 | 11 | */ |
| 12 | 12 | class WP_Test_REST_Settings_Controller extends WP_Test_REST_Controller_Testcase { |
| 13 | | |
| 14 | 13 | protected static $administrator; |
| 15 | | protected static $author; |
| 16 | 14 | |
| 17 | 15 | public static function wpSetUpBeforeClass( $factory ) { |
| 18 | 16 | self::$administrator = $factory->user->create( |
| … |
… |
class WP_Test_REST_Settings_Controller extends WP_Test_REST_Controller_Testcase |
| 20 | 18 | 'role' => 'administrator', |
| 21 | 19 | ) |
| 22 | 20 | ); |
| 23 | | |
| 24 | | self::$author = $factory->user->create( |
| 25 | | array( |
| 26 | | 'role' => 'author', |
| 27 | | ) |
| 28 | | ); |
| 29 | 21 | } |
| 30 | 22 | |
| 31 | 23 | public static function wpTearDownAfterClass() { |
| 32 | 24 | self::delete_user( self::$administrator ); |
| 33 | | self::delete_user( self::$author ); |
| 34 | 25 | } |
| 35 | 26 | |
| 36 | 27 | public function setUp() { |
| … |
… |
class WP_Test_REST_Settings_Controller extends WP_Test_REST_Controller_Testcase |
| 54 | 45 | public function test_context_param() { |
| 55 | 46 | } |
| 56 | 47 | |
| 57 | | public function test_get_item_is_not_public_not_authenticated() { |
| 58 | | $request = new WP_REST_Request( 'GET', '/wp/v2/settings' ); |
| 59 | | $response = $this->server->dispatch( $request ); |
| 60 | | $this->assertEquals( 401, $response->get_status() ); |
| 61 | | } |
| 62 | | |
| 63 | | public function test_get_item_is_not_public_no_permission() { |
| 64 | | wp_set_current_user( self::$author ); |
| | 48 | public function test_get_item_is_not_public() { |
| 65 | 49 | $request = new WP_REST_Request( 'GET', '/wp/v2/settings' ); |
| 66 | 50 | $response = $this->server->dispatch( $request ); |
| 67 | 51 | $this->assertEquals( 403, $response->get_status() ); |
diff --git tests/phpunit/tests/rest-api/rest-taxonomies-controller.php tests/phpunit/tests/rest-api/rest-taxonomies-controller.php
index 5a736086aa..205a041f23 100644
|
|
|
|
| 11 | 11 | */ |
| 12 | 12 | class WP_Test_REST_Taxonomies_Controller extends WP_Test_REST_Controller_Testcase { |
| 13 | 13 | |
| 14 | | protected static $contributor_id; |
| 15 | | |
| 16 | | public static function wpSetUpBeforeClass( $factory ) { |
| 17 | | self::$contributor_id = $factory->user->create( |
| 18 | | array( |
| 19 | | 'role' => 'contributor', |
| 20 | | ) |
| 21 | | ); |
| 22 | | } |
| 23 | | |
| 24 | | public static function wpTearDownAfterClass() { |
| 25 | | self::delete_user( self::$contributor_id ); |
| 26 | | } |
| 27 | | |
| 28 | 14 | public function test_register_routes() { |
| 29 | 15 | $routes = $this->server->get_routes(); |
| 30 | 16 | |
| … |
… |
class WP_Test_REST_Taxonomies_Controller extends WP_Test_REST_Controller_Testcas |
| 115 | 101 | $this->assertErrorResponse( 'rest_taxonomy_invalid', $response, 404 ); |
| 116 | 102 | } |
| 117 | 103 | |
| 118 | | public function test_get_non_public_taxonomy_not_authenticated() { |
| 119 | | register_taxonomy( 'api-private', 'post', array( 'public' => false ) ); |
| 120 | | |
| 121 | | $request = new WP_REST_Request( 'GET', '/wp/v2/taxonomies/api-private' ); |
| 122 | | $response = $this->server->dispatch( $request ); |
| 123 | | $this->assertErrorResponse( 'rest_forbidden', $response, 401 ); |
| 124 | | } |
| 125 | | |
| 126 | | public function test_get_non_public_taxonomy_no_permission() { |
| 127 | | wp_set_current_user( self::$contributor_id ); |
| | 104 | public function test_get_non_public_taxonomy() { |
| 128 | 105 | register_taxonomy( 'api-private', 'post', array( 'public' => false ) ); |
| 129 | 106 | |
| 130 | 107 | $request = new WP_REST_Request( 'GET', '/wp/v2/taxonomies/api-private' ); |