- Timestamp:
- 08/03/2017 09:58:50 PM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/tests/phpunit/tests/rest-api/rest-users-controller.php
r41225 r41226 1592 1592 1593 1593 $this->assertErrorResponse( 'rest_user_invalid_id', $response, 404 ); 1594 } 1595 1596 /** 1597 * @ticket 40263 1598 */ 1599 public function test_update_item_only_roles_as_editor() { 1600 $user_id = $this->factory->user->create( array( 1601 'role' => 'author', 1602 ) ); 1603 1604 wp_set_current_user( self::$editor ); 1605 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/users/%d', $user_id ) ); 1606 $request->set_param( 'roles', array( 'editor' ) ); 1607 $response = $this->server->dispatch( $request ); 1608 $this->assertErrorResponse( 'rest_cannot_edit_roles', $response, 403 ); 1609 } 1610 1611 /** 1612 * @ticket 40263 1613 */ 1614 public function test_update_item_only_roles_as_site_administrator() { 1615 $user_id = $this->factory->user->create( array( 1616 'role' => 'author', 1617 ) ); 1618 1619 wp_set_current_user( self::$user ); 1620 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/users/%d', $user_id ) ); 1621 $request->set_param( 'roles', array( 'editor' ) ); 1622 $response = $this->server->dispatch( $request ); 1623 $this->assertEquals( 200, $response->get_status() ); 1624 1625 $new_data = $response->get_data(); 1626 $this->assertEquals( 'editor', $new_data['roles'][0] ); 1627 } 1628 1629 /** 1630 * @ticket 40263 1631 */ 1632 public function test_update_item_including_roles_and_other_params() { 1633 $user_id = $this->factory->user->create( array( 1634 'role' => 'author', 1635 ) ); 1636 1637 wp_set_current_user( self::$user ); 1638 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/users/%d', $user_id ) ); 1639 $request->set_param( 'roles', array( 'editor' ) ); 1640 $request->set_param( 'name', 'Short-Lived User' ); 1641 $response = $this->server->dispatch( $request ); 1642 1643 if ( is_multisite() ) { 1644 // Site administrators can promote users, as verified by the 1645 // previous test, but they cannot perform other user-editing 1646 // operations. This also tests the branch of logic that verifies 1647 // that no parameters other than 'id' and 'roles' are specified for 1648 // a roles update. 1649 $this->assertErrorResponse( 'rest_cannot_edit', $response, 403 ); 1650 } else { 1651 $this->assertEquals( 200, $response->get_status() ); 1652 1653 $new_data = $response->get_data(); 1654 $this->assertEquals( 'editor', $new_data['roles'][0] ); 1655 } 1594 1656 } 1595 1657
Note: See TracChangeset
for help on using the changeset viewer.