WordPress.org

Make WordPress Core


Ignore:
Timestamp:
07/22/2015 04:05:17 AM (5 years ago)
Author:
pento
Message:

Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so.

Merge of [33357] to the 4.2 branch.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/4.2/tests/phpunit/tests/user/capabilities.php

    r32177 r33358  
    742742        $this->assertFalse( $user->has_cap( 'publish_pages' ) );
    743743    }
     744
     745    function test_subscriber_cant_edit_posts() {
     746        $user = new WP_User( $this->factory->user->create( array( 'role' => 'subscriber' ) ) );
     747        wp_set_current_user( $user->ID );
     748
     749        $post = $this->factory->post->create( array( 'post_author' => 1 ) );
     750
     751        $this->assertFalse( current_user_can( 'edit_post', $post ) );
     752        $this->assertFalse( current_user_can( 'edit_post', $post + 1 ) );
     753    }
    744754}
Note: See TracChangeset for help on using the changeset viewer.