Ticket #45014: 45014.1.diff
| File 45014.1.diff, 3.5 KB (added by , 8 years ago) |
|---|
-
src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php
diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php index 472115e121..5208594799 100644
a b class WP_REST_Posts_Controller extends WP_REST_Controller { 1781 1781 $rels[] = 'https://api.w.org/action-publish'; 1782 1782 } 1783 1783 1784 if ( current_user_can( 'unfiltered_html' ) ) { 1785 $rels[] = 'https://api.w.org/action-unfiltered-html'; 1786 } 1787 1784 1788 if ( 'post' === $post_type->name ) { 1785 1789 if ( current_user_can( $post_type->cap->edit_others_posts ) && current_user_can( $post_type->cap->publish_posts ) ) { 1786 1790 $rels[] = 'https://api.w.org/action-sticky'; … … class WP_REST_Posts_Controller extends WP_REST_Controller { 2190 2194 ); 2191 2195 } 2192 2196 2197 $links[] = array( 2198 'rel' => 'https://api.w.org/action-unfiltered-html', 2199 'title' => __( 'The current user can post HTML markup and JavaScript.' ), 2200 'href' => $href, 2201 'targetSchema' => array( 2202 'type' => 'object', 2203 'properties' => array( 2204 'unfiltered_html' => array( 2205 'type' => 'boolean', 2206 ), 2207 ), 2208 ), 2209 ); 2210 2193 2211 if ( 'post' === $this->post_type ) { 2194 2212 $links[] = array( 2195 2213 'rel' => 'https://api.w.org/action-sticky', -
tests/phpunit/tests/rest-api/rest-posts-controller.php
diff --git a/tests/phpunit/tests/rest-api/rest-posts-controller.php b/tests/phpunit/tests/rest-api/rest-posts-controller.php index 0de10c9651..ded82940ee 100644
a b class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te 3992 3992 $this->assertArrayHasKey( 'https://api.w.org/action-assign-tags', $links ); 3993 3993 } 3994 3994 3995 public function test_assign_unfiltered_html_action_superadmin() { 3996 $post_id = self::factory()->post->create(); 3997 wp_set_current_user( self::$superadmin_id ); 3998 $request = new WP_REST_Request( 'GET', '/wp/v2/posts/' . $post_id ); 3999 $request->set_param( 'context', 'edit' ); 4000 $response = rest_do_request( $request ); 4001 $links = $response->get_links(); 4002 $this->assertArrayHasKey( 'https://api.w.org/action-unfiltered-html', $links ); 4003 } 4004 4005 public function test_assign_unfiltered_html_action_editor() { 4006 $post_id = self::factory()->post->create(); 4007 wp_set_current_user( self::$editor_id ); 4008 $request = new WP_REST_Request( 'GET', '/wp/v2/posts/' . $post_id ); 4009 $request->set_param( 'context', 'edit' ); 4010 $response = rest_do_request( $request ); 4011 $links = $response->get_links(); 4012 // Editors can only unfiltered html on single site. 4013 if ( is_multisite() ) { 4014 $this->assertArrayNotHasKey( 'https://api.w.org/action-unfiltered-html', $links ); 4015 } else { 4016 $this->assertArrayHasKey( 'https://api.w.org/action-unfiltered-html', $links ); 4017 } 4018 } 4019 4020 public function test_assign_unfiltered_html_action_author() { 4021 $post_id = self::factory()->post->create(); 4022 wp_set_current_user( self::$author_id ); 4023 $request = new WP_REST_Request( 'GET', '/wp/v2/posts/' . $post_id ); 4024 $request->set_param( 'context', 'edit' ); 4025 $response = rest_do_request( $request ); 4026 $links = $response->get_links(); 4027 // Authors can't ever unfiltered html 4028 $this->assertArrayNotHasKey( 'https://api.w.org/action-unfiltered-html', $links ); 4029 } 4030 3995 4031 public function tearDown() { 3996 4032 _unregister_post_type( 'youseeeme' ); 3997 4033 if ( isset( $this->attachment_id ) ) {