Make WordPress Core

Changeset 39047


Ignore:
Timestamp:
10/31/2016 03:52:08 AM (8 years ago)
Author:
rmccue
Message:

REST API: Support password on non-post post types.

The password field was incorrectly only added to "post" post types, but is supported for all post types in the Dashboard UI.

Props jnylen0.
Fixes #38582.

Location:
trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php

    r39011 r39047  
    420420        );
    421421
     422        unset( $schema['properties']['password'] );
     423
    422424        return $schema;
    423425    }
  • trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php

    r39046 r39047  
    17481748                    'readonly'    => true,
    17491749                ),
     1750                'password'        => array(
     1751                    'description' => __( 'A password to protect access to the content and excerpt.' ),
     1752                    'type'        => 'string',
     1753                    'context'     => array( 'edit' ),
     1754                ),
    17501755            ),
    17511756        );
     
    19491954                'context'     => array( 'view', 'edit' ),
    19501955            );
    1951 
    1952             $schema['properties']['password'] = array(
    1953                 'description' => __( 'A password to protect access to the content and excerpt.' ),
    1954                 'type'        => 'string',
    1955                 'context'     => array( 'edit' ),
    1956             );
    19571956        }
    19581957
  • trunk/tests/phpunit/tests/rest-api/rest-pages-controller.php

    r38975 r39047  
    359359    }
    360360
     361    public function test_get_page_with_password() {
     362        $page_id = $this->factory->post->create( array(
     363            'post_type'     => 'page',
     364            'post_password' => '$inthebananastand',
     365        ) );
     366
     367        $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/pages/%d', $page_id ) );
     368        $response = $this->server->dispatch( $request );
     369
     370        $data = $response->get_data();
     371        $this->assertEquals( '', $data['content']['rendered'] );
     372        $this->assertTrue( $data['content']['protected'] );
     373        $this->assertEquals( '', $data['excerpt']['rendered'] );
     374        $this->assertTrue( $data['excerpt']['protected'] );
     375    }
     376
     377    public function test_get_page_with_password_using_password() {
     378        $page_id = $this->factory->post->create( array(
     379            'post_type'     => 'page',
     380            'post_password' => '$inthebananastand',
     381            'post_content'  => 'Some secret content.',
     382            'post_excerpt'  => 'Some secret excerpt.',
     383        ) );
     384
     385        $page = get_post( $page_id );
     386        $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/pages/%d', $page_id ) );
     387        $request->set_param( 'password', '$inthebananastand' );
     388        $response = $this->server->dispatch( $request );
     389
     390        $data = $response->get_data();
     391        $this->assertEquals( wpautop( $page->post_content ), $data['content']['rendered'] );
     392        $this->assertTrue( $data['content']['protected'] );
     393        $this->assertEquals( wpautop( $page->post_excerpt ), $data['excerpt']['rendered'] );
     394        $this->assertTrue( $data['excerpt']['protected'] );
     395    }
     396
     397    public function test_get_page_with_password_using_incorrect_password() {
     398        $page_id = $this->factory->post->create( array(
     399            'post_type'     => 'page',
     400            'post_password' => '$inthebananastand',
     401        ) );
     402
     403        $page = get_post( $page_id );
     404        $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/pages/%d', $page_id ) );
     405        $request->set_param( 'password', 'wrongpassword' );
     406        $response = $this->server->dispatch( $request );
     407
     408        $this->assertErrorResponse( 'rest_post_incorrect_password', $response, 403 );
     409    }
     410
     411    public function test_get_page_with_password_without_permission() {
     412        $page_id = $this->factory->post->create( array(
     413            'post_type'     => 'page',
     414            'post_password' => '$inthebananastand',
     415            'post_content'  => 'Some secret content.',
     416            'post_excerpt'  => 'Some secret excerpt.',
     417        ) );
     418        $request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/pages/%d', $page_id ) );
     419        $response = $this->server->dispatch( $request );
     420        $data = $response->get_data();
     421        $this->assertEquals( '', $data['content']['rendered'] );
     422        $this->assertTrue( $data['content']['protected'] );
     423        $this->assertEquals( '', $data['excerpt']['rendered'] );
     424        $this->assertTrue( $data['excerpt']['protected'] );
     425    }
     426
    361427    public function test_get_item_schema() {
    362428        $request = new WP_REST_Request( 'OPTIONS', '/wp/v2/pages' );
     
    364430        $data = $response->get_data();
    365431        $properties = $data['schema']['properties'];
    366         $this->assertEquals( 21, count( $properties ) );
     432        $this->assertEquals( 22, count( $properties ) );
    367433        $this->assertArrayHasKey( 'author', $properties );
    368434        $this->assertArrayHasKey( 'comment_status', $properties );
     
    380446        $this->assertArrayHasKey( 'modified_gmt', $properties );
    381447        $this->assertArrayHasKey( 'parent', $properties );
     448        $this->assertArrayHasKey( 'password', $properties );
    382449        $this->assertArrayHasKey( 'ping_status', $properties );
    383450        $this->assertArrayHasKey( 'slug', $properties );
  • trunk/tests/phpunit/tests/rest-api/rest-posts-controller.php

    r38975 r39047  
    771771
    772772        $data = $response->get_data();
     773        $this->assertEquals( '', $data['content']['rendered'] );
    773774        $this->assertTrue( $data['content']['protected'] );
     775        $this->assertEquals( '', $data['excerpt']['rendered'] );
    774776        $this->assertTrue( $data['excerpt']['protected'] );
    775777    }
     
    791793        $data = $response->get_data();
    792794        $this->assertEquals( wpautop( $post->post_content ), $data['content']['rendered'] );
     795        $this->assertTrue( $data['content']['protected'] );
    793796        $this->assertEquals( wpautop( $post->post_excerpt ), $data['excerpt']['rendered'] );
     797        $this->assertTrue( $data['excerpt']['protected'] );
    794798    }
    795799
     
    818822        $this->check_get_post_response( $response, 'view' );
    819823        $this->assertEquals( '', $data['content']['rendered'] );
     824        $this->assertTrue( $data['content']['protected'] );
    820825        $this->assertEquals( '', $data['excerpt']['rendered'] );
    821 
     826        $this->assertTrue( $data['excerpt']['protected'] );
    822827    }
    823828
Note: See TracChangeset for help on using the changeset viewer.