WordPress.org

Make WordPress Core

Changeset 42423


Ignore:
Timestamp:
01/01/2018 02:30:39 AM (5 months ago)
Author:
rachelbaker
Message:

REST API: Adjust unit testes to expect a 401 status code in error responses from permission callbacks when user is not authenticated.

Missed in [42421].

Fixes #42828.

Location:
trunk/tests/phpunit/tests/rest-api
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/tests/phpunit/tests/rest-api/rest-attachments-controller.php

    r42343 r42423  
    525525    }
    526526
    527     public function test_get_item_private_post() {
     527    public function test_get_item_private_post_not_authenticated() {
    528528        wp_set_current_user( 0 );
    529529        $draft_post = $this->factory->post->create( array( 'post_status' => 'draft' ) );
     
    536536        $request    = new WP_REST_Request( 'GET', '/wp/v2/media/' . $id1 );
    537537        $response   = $this->server->dispatch( $request );
    538         $this->assertEquals( 403, $response->get_status() );
     538        $this->assertEquals( 401, $response->get_status() );
    539539    }
    540540
     
    554554    }
    555555
    556     public function test_get_item_auto_status_with_invalid_parent_returns_error() {
     556    public function test_get_item_auto_status_with_invalid_parent_not_authenticated_returns_error() {
    557557        $attachment_id = $this->factory->attachment->create_object(
    558558            $this->test_file, REST_TESTS_IMPOSSIBLY_HIGH_NUMBER, array(
     
    565565        $response      = $this->server->dispatch( $request );
    566566
    567         $this->assertErrorResponse( 'rest_forbidden', $response, 403 );
     567        $this->assertErrorResponse( 'rest_forbidden', $response, 401 );
    568568    }
    569569
  • trunk/tests/phpunit/tests/rest-api/rest-posts-controller.php

    r42343 r42423  
    13281328    }
    13291329
    1330     public function test_get_post_without_permission() {
     1330    public function test_get_post_draft_status_not_authenicated() {
    13311331        $draft_id = $this->factory->post->create(
    13321332            array(
     
    13391339        $response = $this->server->dispatch( $request );
    13401340
    1341         $this->assertErrorResponse( 'rest_forbidden', $response, 403 );
     1341        $this->assertErrorResponse( 'rest_forbidden', $response, 401 );
    13421342    }
    13431343
     
    14651465    }
    14661466
    1467     public function test_get_item_read_permission_custom_post_status() {
     1467    public function test_get_item_read_permission_custom_post_status_not_authenticated() {
    14681468        register_post_status( 'testpubstatus', array( 'public' => true ) );
    14691469        register_post_status( 'testprivtatus', array( 'public' => false ) );
     
    14871487        $request  = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) );
    14881488        $response = $this->server->dispatch( $request );
    1489         $this->assertEquals( 403, $response->get_status() );
     1489        $this->assertEquals( 401, $response->get_status() );
    14901490    }
    14911491
  • trunk/tests/phpunit/tests/rest-api/rest-settings-controller.php

    r42359 r42423  
    1111 */
    1212class WP_Test_REST_Settings_Controller extends WP_Test_REST_Controller_Testcase {
     13   
    1314    protected static $administrator;
     15    protected static $author;
    1416
    1517    public static function wpSetUpBeforeClass( $factory ) {
     
    1921            )
    2022        );
     23
     24        self::$author        = $factory->user->create(
     25            array(
     26                'role' => 'author',
     27            )
     28        );
    2129    }
    2230
    2331    public static function wpTearDownAfterClass() {
    2432        self::delete_user( self::$administrator );
     33        self::delete_user( self::$author );
    2534    }
    2635
     
    4655    }
    4756
    48     public function test_get_item_is_not_public() {
     57    public function test_get_item_is_not_public_not_authenticated() {
     58        $request  = new WP_REST_Request( 'GET', '/wp/v2/settings' );
     59        $response = $this->server->dispatch( $request );
     60        $this->assertEquals( 401, $response->get_status() );
     61    }
     62
     63    public function test_get_item_is_not_public_no_permission() {
     64        wp_set_current_user( self::$author );
    4965        $request  = new WP_REST_Request( 'GET', '/wp/v2/settings' );
    5066        $response = $this->server->dispatch( $request );
  • trunk/tests/phpunit/tests/rest-api/rest-taxonomies-controller.php

    r42343 r42423  
    1111 */
    1212class WP_Test_REST_Taxonomies_Controller extends WP_Test_REST_Controller_Testcase {
     13
     14    protected static $contributor_id;
     15
     16    public static function wpSetUpBeforeClass( $factory ) {
     17        self::$contributor_id = $factory->user->create(
     18            array(
     19                'role' => 'contributor',
     20            )
     21        );
     22    }
     23
     24    public static function wpTearDownAfterClass() {
     25        self::delete_user( self::$contributor_id );
     26    }
    1327
    1428    public function test_register_routes() {
     
    102116    }
    103117
    104     public function test_get_non_public_taxonomy() {
     118    public function test_get_non_public_taxonomy_not_authenticated() {
     119        register_taxonomy( 'api-private', 'post', array( 'public' => false ) );
     120
     121        $request  = new WP_REST_Request( 'GET', '/wp/v2/taxonomies/api-private' );
     122        $response = $this->server->dispatch( $request );
     123        $this->assertErrorResponse( 'rest_forbidden', $response, 401 );
     124    }
     125
     126        public function test_get_non_public_taxonomy_no_permission() {
     127        wp_set_current_user( self::$contributor_id );
    105128        register_taxonomy( 'api-private', 'post', array( 'public' => false ) );
    106129
Note: See TracChangeset for help on using the changeset viewer.