WordPress.org

Make WordPress Core

Changeset 42423


Ignore:
Timestamp:
01/01/18 02:30:39 (7 weeks ago)
Author:
rachelbaker
Message:

REST API: Adjust unit testes to expect a 401 status code in error responses from permission callbacks when user is not authenticated.

Missed in [42421].

Fixes #42828.

Location:
trunk/tests/phpunit/tests/rest-api
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/tests/phpunit/tests/rest-api/rest-attachments-controller.php

    r42343 r42423  
    525525    } 
    526526 
    527     public function test_get_item_private_post() { 
     527    public function test_get_item_private_post_not_authenticated() { 
    528528        wp_set_current_user( 0 ); 
    529529        $draft_post = $this->factory->post->create( array( 'post_status' => 'draft' ) ); 
     
    536536        $request    = new WP_REST_Request( 'GET', '/wp/v2/media/' . $id1 ); 
    537537        $response   = $this->server->dispatch( $request ); 
    538         $this->assertEquals( 403, $response->get_status() ); 
     538        $this->assertEquals( 401, $response->get_status() ); 
    539539    } 
    540540 
     
    554554    } 
    555555 
    556     public function test_get_item_auto_status_with_invalid_parent_returns_error() { 
     556    public function test_get_item_auto_status_with_invalid_parent_not_authenticated_returns_error() { 
    557557        $attachment_id = $this->factory->attachment->create_object( 
    558558            $this->test_file, REST_TESTS_IMPOSSIBLY_HIGH_NUMBER, array( 
     
    565565        $response      = $this->server->dispatch( $request ); 
    566566 
    567         $this->assertErrorResponse( 'rest_forbidden', $response, 403 ); 
     567        $this->assertErrorResponse( 'rest_forbidden', $response, 401 ); 
    568568    } 
    569569 
  • trunk/tests/phpunit/tests/rest-api/rest-posts-controller.php

    r42343 r42423  
    13281328    } 
    13291329 
    1330     public function test_get_post_without_permission() { 
     1330    public function test_get_post_draft_status_not_authenicated() { 
    13311331        $draft_id = $this->factory->post->create( 
    13321332            array( 
     
    13391339        $response = $this->server->dispatch( $request ); 
    13401340 
    1341         $this->assertErrorResponse( 'rest_forbidden', $response, 403 ); 
     1341        $this->assertErrorResponse( 'rest_forbidden', $response, 401 ); 
    13421342    } 
    13431343 
     
    14651465    } 
    14661466 
    1467     public function test_get_item_read_permission_custom_post_status() { 
     1467    public function test_get_item_read_permission_custom_post_status_not_authenticated() { 
    14681468        register_post_status( 'testpubstatus', array( 'public' => true ) ); 
    14691469        register_post_status( 'testprivtatus', array( 'public' => false ) ); 
     
    14871487        $request  = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', self::$post_id ) ); 
    14881488        $response = $this->server->dispatch( $request ); 
    1489         $this->assertEquals( 403, $response->get_status() ); 
     1489        $this->assertEquals( 401, $response->get_status() ); 
    14901490    } 
    14911491 
  • trunk/tests/phpunit/tests/rest-api/rest-settings-controller.php

    r42359 r42423  
    1111 */ 
    1212class WP_Test_REST_Settings_Controller extends WP_Test_REST_Controller_Testcase { 
     13     
    1314    protected static $administrator; 
     15    protected static $author; 
    1416 
    1517    public static function wpSetUpBeforeClass( $factory ) { 
     
    1921            ) 
    2022        ); 
     23 
     24        self::$author        = $factory->user->create( 
     25            array( 
     26                'role' => 'author', 
     27            ) 
     28        ); 
    2129    } 
    2230 
    2331    public static function wpTearDownAfterClass() { 
    2432        self::delete_user( self::$administrator ); 
     33        self::delete_user( self::$author ); 
    2534    } 
    2635 
     
    4655    } 
    4756 
    48     public function test_get_item_is_not_public() { 
     57    public function test_get_item_is_not_public_not_authenticated() { 
     58        $request  = new WP_REST_Request( 'GET', '/wp/v2/settings' ); 
     59        $response = $this->server->dispatch( $request ); 
     60        $this->assertEquals( 401, $response->get_status() ); 
     61    } 
     62 
     63    public function test_get_item_is_not_public_no_permission() { 
     64        wp_set_current_user( self::$author ); 
    4965        $request  = new WP_REST_Request( 'GET', '/wp/v2/settings' ); 
    5066        $response = $this->server->dispatch( $request ); 
  • trunk/tests/phpunit/tests/rest-api/rest-taxonomies-controller.php

    r42343 r42423  
    1111 */ 
    1212class WP_Test_REST_Taxonomies_Controller extends WP_Test_REST_Controller_Testcase { 
     13 
     14    protected static $contributor_id; 
     15 
     16    public static function wpSetUpBeforeClass( $factory ) { 
     17        self::$contributor_id = $factory->user->create( 
     18            array( 
     19                'role' => 'contributor', 
     20            ) 
     21        ); 
     22    } 
     23 
     24    public static function wpTearDownAfterClass() { 
     25        self::delete_user( self::$contributor_id ); 
     26    } 
    1327 
    1428    public function test_register_routes() { 
     
    102116    } 
    103117 
    104     public function test_get_non_public_taxonomy() { 
     118    public function test_get_non_public_taxonomy_not_authenticated() { 
     119        register_taxonomy( 'api-private', 'post', array( 'public' => false ) ); 
     120 
     121        $request  = new WP_REST_Request( 'GET', '/wp/v2/taxonomies/api-private' ); 
     122        $response = $this->server->dispatch( $request ); 
     123        $this->assertErrorResponse( 'rest_forbidden', $response, 401 ); 
     124    } 
     125 
     126        public function test_get_non_public_taxonomy_no_permission() { 
     127        wp_set_current_user( self::$contributor_id ); 
    105128        register_taxonomy( 'api-private', 'post', array( 'public' => false ) ); 
    106129 
Note: See TracChangeset for help on using the changeset viewer.