1 | <?php |
---|
2 | |
---|
3 | |
---|
4 | class Tests_Query_Status_Perm extends WP_UnitTestCase { |
---|
5 | |
---|
6 | static $subscriber; |
---|
7 | static $editor; |
---|
8 | |
---|
9 | static public function setUpBeforeClass() { |
---|
10 | $role = get_role( 'subscriber' ); |
---|
11 | $role->add_cap( 'read_private_pages' ); |
---|
12 | |
---|
13 | self::$subscriber = wp_insert_user(array( |
---|
14 | 'user_login' => 'subscriber', |
---|
15 | 'user_role' => 'subscriber', |
---|
16 | 'user_pass' => '123', |
---|
17 | )); |
---|
18 | |
---|
19 | self::$editor = wp_insert_user(array( |
---|
20 | 'user_login' => 'editor', |
---|
21 | 'user_role' => 'editor', |
---|
22 | 'user_pass' => '123', |
---|
23 | )); |
---|
24 | |
---|
25 | wp_insert_post( |
---|
26 | array( |
---|
27 | 'post_title' => 'public post', |
---|
28 | 'post_status' => 'publish', |
---|
29 | 'post_type' => 'post', |
---|
30 | 'post_author' => self::$editor, |
---|
31 | ) |
---|
32 | ); |
---|
33 | |
---|
34 | wp_insert_post( |
---|
35 | array( |
---|
36 | 'post_title' => 'public page', |
---|
37 | 'post_status' => 'publish', |
---|
38 | 'post_type' => 'page', |
---|
39 | 'post_author' => self::$editor, |
---|
40 | ) |
---|
41 | ); |
---|
42 | |
---|
43 | wp_insert_post( |
---|
44 | array( |
---|
45 | 'post_title' => 'private post', |
---|
46 | 'post_status' => 'private', |
---|
47 | 'post_type' => 'post', |
---|
48 | 'post_author' => self::$editor, |
---|
49 | ) |
---|
50 | ); |
---|
51 | |
---|
52 | wp_insert_post( |
---|
53 | array( |
---|
54 | 'post_title' => 'private page', |
---|
55 | 'post_status' => 'private', |
---|
56 | 'post_type' => 'page', |
---|
57 | 'post_author' => self::$editor, |
---|
58 | ) |
---|
59 | ); |
---|
60 | } |
---|
61 | |
---|
62 | public function test_perm_readable() { |
---|
63 | wp_set_current_user( 1 ); // admin. |
---|
64 | $query = new WP_Query( |
---|
65 | array( |
---|
66 | 'post_type' => array( |
---|
67 | 'post', |
---|
68 | 'page', |
---|
69 | ), |
---|
70 | 'post_status' => 'private', |
---|
71 | 'perm' => 'readable', |
---|
72 | ) |
---|
73 | ); |
---|
74 | $this->assertSame( 2, $query->found_posts, 'admin can read private posts and pages and should see both editor\'s posts'); |
---|
75 | } |
---|
76 | |
---|
77 | public function test_perm_readable_multiple_statuses() { |
---|
78 | wp_set_current_user( 1 ); // admin. |
---|
79 | $query = new WP_Query( |
---|
80 | array( |
---|
81 | 'post_type' => array( |
---|
82 | 'post', |
---|
83 | 'page', |
---|
84 | ), |
---|
85 | 'post_status' => array( 'private', 'publish' ), |
---|
86 | 'perm' => 'readable', |
---|
87 | ) |
---|
88 | ); |
---|
89 | $this->assertSame( 4, $query->found_posts, 'admin can read private posts and pages and should see both editor\'s posts'); |
---|
90 | } |
---|
91 | |
---|
92 | public function test_perm_editable() { |
---|
93 | wp_set_current_user( 1 ); // admin. |
---|
94 | $query = new WP_Query( |
---|
95 | array( |
---|
96 | 'post_type' => array( |
---|
97 | 'post', |
---|
98 | 'page', |
---|
99 | ), |
---|
100 | 'post_status' => 'private', |
---|
101 | 'perm' => 'editable', |
---|
102 | ) |
---|
103 | ); |
---|
104 | $this->assertSame( 2, $query->found_posts, 'admin can edit private posts and pages and should see both editor\'s posts'); |
---|
105 | } |
---|
106 | |
---|
107 | public function test_perm_readable_not_admin() { |
---|
108 | wp_set_current_user( self::$subscriber ); // admin. |
---|
109 | $query = new WP_Query( |
---|
110 | array( |
---|
111 | 'post_type' => array( |
---|
112 | 'post', |
---|
113 | 'page', |
---|
114 | ), |
---|
115 | 'post_status' => 'private', |
---|
116 | 'perm' => 'readable', |
---|
117 | ) |
---|
118 | ); |
---|
119 | $this->assertSame( 1, $query->found_posts, 'subscriber can read private pages and pages and should see editor\'s page'); |
---|
120 | } |
---|
121 | |
---|
122 | public function test_perm_readable_custom_status() { |
---|
123 | wp_set_current_user( self::$subscriber ); // admin. |
---|
124 | |
---|
125 | register_post_status( |
---|
126 | 'private_test', |
---|
127 | array( |
---|
128 | 'private' => true, |
---|
129 | ) |
---|
130 | ); |
---|
131 | |
---|
132 | wp_insert_post( |
---|
133 | array( |
---|
134 | 'post_title' => 'private custom post status', |
---|
135 | 'post_status' => 'private_test', |
---|
136 | 'post_type' => 'post', |
---|
137 | 'post_author' => self::$editor, |
---|
138 | ) |
---|
139 | ); |
---|
140 | |
---|
141 | $query = new WP_Query( |
---|
142 | array( |
---|
143 | 'post_type' => array( |
---|
144 | 'post', |
---|
145 | 'page', |
---|
146 | ), |
---|
147 | 'post_status' => 'private_test', |
---|
148 | 'perm' => 'readable', |
---|
149 | ) |
---|
150 | ); |
---|
151 | $this->assertSame( 0, $query->found_posts, 'subscriber cant read private posts of this custom status and should not get any result'); |
---|
152 | } |
---|
153 | |
---|
154 | } |
---|