Changeset 39288
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
r39287 r39288 386 386 } 387 387 388 if ( empty( $request['post'] ) && ! current_user_can( 'moderate_comments' ) ) { 389 return new WP_Error( 'rest_comment_invalid_post_id', __( 'Sorry, you are not allowed to create this comment without a post.' ), array( 'status' => rest_authorization_required_code() ) ); 390 } 391 392 if ( ! empty( $request['post'] ) && $post = get_post( (int) $request['post'] ) ) { 393 if ( 'draft' === $post->post_status ) { 394 return new WP_Error( 'rest_comment_draft_post', __( 'Sorry, you are not allowed to create a comment on this post.' ), array( 'status' => 403 ) ); 395 } 396 397 if ( 'trash' === $post->post_status ) { 398 return new WP_Error( 'rest_comment_trash_post', __( 'Sorry, you are not allowed to create a comment on this post.' ), array( 'status' => 403 ) ); 399 } 400 401 if ( ! $this->check_read_post_permission( $post ) ) { 402 return new WP_Error( 'rest_cannot_read_post', __( 'Sorry, you are not allowed to read the post for this comment.' ), array( 'status' => rest_authorization_required_code() ) ); 403 } 404 405 if ( ! comments_open( $post->ID ) ) { 406 return new WP_Error( 'rest_comment_closed', __( 'Sorry, comments are closed on this post.' ), array( 'status' => 403 ) ); 407 } 388 if ( empty( $request['post'] ) ) { 389 return new WP_Error( 'rest_comment_invalid_post_id', __( 'Sorry, you are not allowed to create this comment without a post.' ), array( 'status' => 403 ) ); 390 } 391 392 $post = get_post( (int) $request['post'] ); 393 if ( ! $post ) { 394 return new WP_Error( 'rest_comment_invalid_post_id', __( 'Sorry, you are not allowed to create this comment without a post.' ), array( 'status' => 403 ) ); 395 } 396 397 if ( 'draft' === $post->post_status ) { 398 return new WP_Error( 'rest_comment_draft_post', __( 'Sorry, you are not allowed to create a comment on this post.' ), array( 'status' => 403 ) ); 399 } 400 401 if ( 'trash' === $post->post_status ) { 402 return new WP_Error( 'rest_comment_trash_post', __( 'Sorry, you are not allowed to create a comment on this post.' ), array( 'status' => 403 ) ); 403 } 404 405 if ( ! $this->check_read_post_permission( $post ) ) { 406 return new WP_Error( 'rest_cannot_read_post', __( 'Sorry, you are not allowed to read the post for this comment.' ), array( 'status' => rest_authorization_required_code() ) ); 407 } 408 409 if ( ! comments_open( $post->ID ) ) { 410 return new WP_Error( 'rest_comment_closed', __( 'Sorry, comments are closed on this post.' ), array( 'status' => 403 ) ); 408 411 } 409 412 -
trunk/tests/phpunit/tests/rest-api/rest-comments-controller.php
r39287 r39288 1307 1307 1308 1308 $response = $this->server->dispatch( $request ); 1309 $this->assertEquals( 201, $response->get_status() ); 1309 1310 $this->assertErrorResponse( 'rest_comment_invalid_post_id', $response, 403 ); 1310 1311 } 1311 1312
Note: See TracChangeset
for help on using the changeset viewer.