Ticket #43438: 43438.12.diff
| File 43438.12.diff, 12.8 KB (added by , 7 years ago) |
|---|
-
tests/phpunit/includes/testcase-ajax.php
diff --git tests/phpunit/includes/testcase-ajax.php tests/phpunit/includes/testcase-ajax.php index bf5a5bc..736d362 100644
abstract class WP_Ajax_UnitTestCase extends WP_UnitTestCase { 119 119 'delete-theme', 120 120 'install-theme', 121 121 'get-post-thumbnail-html', 122 'wp-privacy-export-personal-data', 123 'wp-privacy-erase-personal-data', 122 124 ); 123 125 124 126 public static function setUpBeforeClass() { -
new file tests/phpunit/tests/ajax/PrivacyErasePersonalData.php
diff --git tests/phpunit/tests/ajax/PrivacyErasePersonalData.php tests/phpunit/tests/ajax/PrivacyErasePersonalData.php new file mode 100644 index 0000000..ea048f9
- + 1 <?php 2 /** 3 * Testing Ajax handler for erasing personal data. 4 * 5 * @package WordPress\UnitTests 6 * 7 * @since 4.9.7 8 */ 9 10 /** 11 * Tests_Ajax_PrivacyExportPersonalData class. 12 * 13 * @since 4.9.7 14 * 15 * @group ajax 16 * @group privacy 17 * @covers wp_ajax_wp_privacy_erase_personal_data 18 */ 19 class Tests_Ajax_PrivacyErasePersonalData extends WP_Ajax_UnitTestCase { 20 /** 21 * User Request ID. 22 * 23 * @since 4.9.7 24 * 25 * @var int 26 */ 27 protected static $request_id; 28 29 /** 30 * User Request Email. 31 * 32 * @since 4.9.7 33 * 34 * @var string 35 */ 36 protected static $request_email; 37 38 /** 39 * Create user erase request fixtures. 40 * 41 * @param WP_UnitTest_Factory $factory Factory. 42 */ 43 public static function wpSetUpBeforeClass( $factory ) { 44 self::$request_email = 'requester@example.com'; 45 self::$request_id = wp_create_user_request( self::$request_email, 'remove_personal_data' ); 46 } 47 48 /** 49 * Register a custom personal data eraser. 50 */ 51 public function setUp() { 52 parent::setUp(); 53 54 // Make sure the erasers response is not modified and avoid e.g. sending emails. 55 remove_all_filters( 'wp_privacy_personal_data_erasure_page' ); 56 remove_all_actions( 'wp_privacy_personal_data_erased' ); 57 58 // Only use our custom privacy personal data eraser. 59 remove_all_filters( 'wp_privacy_personal_data_erasers' ); 60 add_filter( 'wp_privacy_personal_data_erasers', array( $this, 'register_custom_personal_data_eraser' ) ); 61 } 62 63 /** 64 * The function should successfully send exporters response data when the current user has the required capabilites. 65 * 66 * @ticket 43438 67 */ 68 public function test_wp_ajax_wp_privacy_export_personal_data_should_success_when_current_user_has_required_capabilities() { 69 $this->_setRole( 'administrator' ); 70 $this->assertTrue( current_user_can( 'erase_others_personal_data' ) ); 71 $this->assertTrue( current_user_can( 'delete_users' ) ); 72 73 // Set up a request. 74 $_POST['action'] = 'wp-privacy-erase-personal-data'; 75 $_POST['security'] = wp_create_nonce( 'wp-privacy-erase-personal-data-' . self::$request_id ); 76 $_POST['eraser'] = 1; 77 $_POST['page'] = 1; 78 $_POST['id'] = self::$request_id; 79 80 // Make the request. 81 try { 82 $this->_handleAjax( $_POST['action'] ); 83 } catch ( WPAjaxDieContinueException $e ) { 84 unset( $e ); 85 } 86 87 // Get the response. 88 $response = json_decode( $this->_last_response, true ); 89 90 $this->assertTrue( $response['success'] ); 91 $this->assertSame( 'A message regarding retained data for requester@example.com.', $response['data']['messages'][0] ); 92 $this->assertTrue( $response['data']['items_removed'] ); 93 $this->assertTrue( $response['data']['items_retained'] ); 94 $this->assertTrue( $response['data']['done'] ); 95 } 96 97 /** 98 * The function should send an error when the current user is missing required capabilities. 99 * 100 * @ticket 43438 101 */ 102 public function test_wp_ajax_wp_privacy_erase_personal_data_should_error_when_current_user_missing_required_capabilities() { 103 $this->_setRole( 'author' ); 104 $this->assertFalse( current_user_can( 'erase_others_personal_data' ) ); 105 $this->assertFalse( current_user_can( 'delete_users' ) ); 106 107 // Set up a request. 108 $_POST['action'] = 'wp-privacy-erase-personal-data'; 109 $_POST['security'] = wp_create_nonce( 'wp-privacy-erase-personal-data-' . self::$request_id ); 110 $_POST['eraser'] = 1; 111 $_POST['page'] = 1; 112 $_POST['id'] = self::$request_id; 113 114 // Make the request. 115 try { 116 $this->_handleAjax( $_POST['action'] ); 117 } catch ( WPAjaxDieContinueException $e ) { 118 unset( $e ); 119 } 120 121 // Get the response. 122 $response = json_decode( $this->_last_response, true ); 123 124 $this->assertFalse( $response['success'] ); 125 $this->assertSame( 'Invalid request.', $response['data'] ); 126 } 127 128 /** 129 * The function should send error when the request ID is missing. 130 * 131 * @ticket 43438 132 */ 133 public function test_wp_ajax_wp_privacy_erase_personal_data_should_error_when_missing_request_id() { 134 $this->_setRole( 'administrator' ); 135 136 $this->assertNotWPError( self::$request_id ); 137 138 // Set up a request. 139 $_POST['action'] = 'wp-privacy-erase-personal-data'; 140 $_POST['security'] = wp_create_nonce( 'wp-privacy-erase-personal-data-' . self::$request_id ); 141 $_POST['eraser'] = 1; 142 $_POST['page'] = 1; 143 $_POST['id'] = null; // Missing request ID. 144 145 // Make the request. 146 try { 147 $this->_handleAjax( $_POST['action'] ); 148 } catch ( WPAjaxDieContinueException $e ) { 149 unset( $e ); 150 } 151 152 // Get the response. 153 $response = json_decode( $this->_last_response, true ); 154 155 $this->assertFalse( $response['success'] ); 156 $this->assertSame( 'Missing request ID.', $response['data'] ); 157 } 158 159 /** 160 * Register handler for a custom personal data exporter. 161 * 162 * @since 4.9.7 163 * 164 * @param array $erasers An array of personal data erasers. 165 * @return array $erasers An array of personal data erasers. 166 */ 167 public function register_custom_personal_data_eraser( $erasers ) { 168 $erasers['custom_exporter'] = array( 169 'eraser_friendly_name' => __( 'Custom Eraser' ), 170 'callback' => array( $this, 'custom_personal_data_eraser' ), 171 ); 172 return $erasers; 173 } 174 175 /** 176 * Custom Personal Data Eraser. 177 * 178 * @since 4.9.7 179 * 180 * @param string $email_address The comment author email address. 181 * @param int $page Page number. 182 * @return array $return Erase data. 183 */ 184 public function custom_personal_data_eraser( $email_address, $page = 1 ) { 185 if ( 1 === $page ) { 186 return array( 187 'items_removed' => true, 188 'items_retained' => true, 189 'messages' => array( sprintf( 'A message regarding retained data for %s.', $email_address ) ), 190 'done' => true, 191 ); 192 } 193 194 return array( 195 'items_removed' => false, 196 'items_retained' => false, 197 'messages' => array(), 198 'done' => true, 199 ); 200 } 201 202 } -
new file tests/phpunit/tests/ajax/PrivacyExportPersonalData.php
diff --git tests/phpunit/tests/ajax/PrivacyExportPersonalData.php tests/phpunit/tests/ajax/PrivacyExportPersonalData.php new file mode 100644 index 0000000..cdbcbff
- + 1 <?php 2 /** 3 * Testing Ajax handler for exporting personal data. 4 * 5 * @package WordPress\UnitTests 6 * 7 * @since 4.9.7 8 */ 9 10 /** 11 * Tests_Ajax_PrivacyExportPersonalData class. 12 * 13 * @since 4.9.7 14 * 15 * @group ajax 16 * @group privacy 17 * @covers wp_ajax_wp_privacy_export_personal_data 18 */ 19 class Tests_Ajax_PrivacyExportPersonalData extends WP_Ajax_UnitTestCase { 20 /** 21 * User Request ID. 22 * 23 * @since 4.9.7 24 * 25 * @var int 26 */ 27 protected static $request_id; 28 29 /** 30 * User Request Email. 31 * 32 * @since 4.9.7 33 * 34 * @var string 35 */ 36 protected static $request_email; 37 38 /** 39 * Create user export request fixtures. 40 * 41 * @param WP_UnitTest_Factory $factory Factory. 42 */ 43 public static function wpSetUpBeforeClass( $factory ) { 44 self::$request_email = 'requester@example.com'; 45 self::$request_id = wp_create_user_request( self::$request_email, 'export_personal_data' ); 46 } 47 48 /** 49 * Register a custom personal data exporter. 50 */ 51 public function setUp() { 52 parent::setUp(); 53 54 // Make sure the exporter response is not modified and avoid e.g. writing export file to disk. 55 remove_all_filters( 'wp_privacy_personal_data_export_page' ); 56 57 // Only use our custom privacy personal data exporter. 58 remove_all_filters( 'wp_privacy_personal_data_exporters' ); 59 add_filter( 'wp_privacy_personal_data_exporters', array( $this, 'register_custom_personal_data_exporter' ) ); 60 } 61 62 /** 63 * The function should successfully send exporter data response when the current user has the required capability. 64 * 65 * @ticket 43438 66 */ 67 public function test_wp_ajax_wp_privacy_export_personal_data_should_success_when_current_user_has_required_capability() { 68 $this->_setRole( 'administrator' ); 69 $this->assertTrue( current_user_can( 'export_others_personal_data' ) ); 70 71 $this->assertNotWPError( self::$request_id ); 72 73 // Set up a request. 74 $_POST['action'] = 'wp-privacy-export-personal-data'; 75 $_POST['security'] = wp_create_nonce( 'wp-privacy-export-personal-data-' . self::$request_id ); 76 $_POST['exporter'] = 1; 77 $_POST['page'] = 1; 78 $_POST['id'] = self::$request_id; 79 $_POST['sendAsEmail'] = false; 80 81 // Make the request. 82 try { 83 $this->_handleAjax( $_POST['action'] ); 84 } catch ( WPAjaxDieContinueException $e ) { 85 unset( $e ); 86 } 87 88 // Get the response. 89 $response = json_decode( $this->_last_response, true ); 90 91 $this->assertTrue( $response['success'] ); 92 $this->assertSame( 'custom-exporter-item-id', $response['data']['data']['item_id'] ); 93 $this->assertSame( 'Email', $response['data']['data']['data'][0]['name'] ); 94 $this->assertSame( self::$request_email, $response['data']['data']['data'][0]['value'] ); 95 } 96 97 /** 98 * The function should successfully send exporters response data when the user is administrator. 99 * 100 * @ticket 43438 101 */ 102 public function test_wp_ajax_wp_privacy_export_personal_data_should_error_when_current_user_missing_required_capability() { 103 $this->_setRole( 'author' ); 104 $this->assertFalse( current_user_can( 'export_others_personal_data' ) ); 105 106 $this->assertNotWPError( self::$request_id ); 107 108 // Set up a request. 109 $_POST['action'] = 'wp-privacy-export-personal-data'; 110 $_POST['security'] = wp_create_nonce( 'wp-privacy-export-personal-data-' . self::$request_id ); 111 $_POST['exporter'] = 1; 112 $_POST['page'] = 1; 113 $_POST['id'] = self::$request_id; 114 $_POST['sendAsEmail'] = false; 115 116 // Make the request. 117 try { 118 $this->_handleAjax( $_POST['action'] ); 119 } catch ( WPAjaxDieContinueException $e ) { 120 unset( $e ); 121 } 122 123 // Get the response. 124 $response = json_decode( $this->_last_response, true ); 125 126 $this->assertFalse( $response['success'] ); 127 $this->assertSame( 'Invalid request.', $response['data'] ); 128 } 129 130 /** 131 * The function should send error when the request ID is missing. 132 * 133 * @ticket 43438 134 */ 135 public function test_wp_ajax_wp_privacy_export_personal_data_should_error_when_missing_request_id() { 136 $this->_setRole( 'administrator' ); 137 138 $this->assertNotWPError( self::$request_id ); 139 140 // Set up a request. 141 $_POST['action'] = 'wp-privacy-export-personal-data'; 142 $_POST['security'] = wp_create_nonce( 'wp-privacy-export-personal-data-' . self::$request_id ); 143 $_POST['exporter'] = 1; 144 $_POST['page'] = 1; 145 $_POST['sendAsEmail'] = false; 146 $_POST['id'] = null; // Missing request ID. 147 148 // Make the request. 149 try { 150 $this->_handleAjax( $_POST['action'] ); 151 } catch ( WPAjaxDieContinueException $e ) { 152 unset( $e ); 153 } 154 155 // Get the response. 156 $response = json_decode( $this->_last_response, true ); 157 158 $this->assertFalse( $response['success'] ); 159 $this->assertSame( 'Missing request ID.', $response['data'] ); 160 } 161 162 /** 163 * Register handler for a custom personal data exporter. 164 * 165 * @since 4.9.7 166 * 167 * @param array $exporters An array of personal data exporters. 168 * @return array $exporters An array of personal data exporters. 169 */ 170 public function register_custom_personal_data_exporter( $exporters ) { 171 $exporters['custom_exporter'] = array( 172 'exporter_friendly_name' => __( 'Custom Exporter' ), 173 'callback' => array( $this, 'custom_personal_data_exporter' ), 174 ); 175 return $exporters; 176 } 177 178 /** 179 * Custom Personal Data Exporter. 180 * 181 * @since 4.9.7 182 * 183 * @param string $email_address The comment author email address. 184 * @param int $page Page number. 185 * @return array $return Export data. 186 */ 187 public function custom_personal_data_exporter( $email_address, $page = 1 ) { 188 $data_to_export = array(); 189 190 if ( 1 === $page ) { 191 $data_to_export = array( 192 'group_id' => 'custom-exporter-group-id', 193 'group_label' => 'custom-exporter-group-label', 194 'item_id' => 'custom-exporter-item-id', 195 'data' => array( 196 array( 197 'name' => 'Email', 198 'value' => $email_address, 199 ), 200 ), 201 ); 202 } 203 204 return array( 205 'data' => $data_to_export, 206 'done' => true, 207 ); 208 } 209 210 }