WordPress.org

Make WordPress Core


Ignore:
Timestamp:
01/01/2018 02:30:39 AM (4 years ago)
Author:
rachelbaker
Message:

REST API: Adjust unit testes to expect a 401 status code in error responses from permission callbacks when user is not authenticated.

Missed in [42421].

Fixes #42828.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/tests/phpunit/tests/rest-api/rest-settings-controller.php

    r42359 r42423  
    1111 */
    1212class WP_Test_REST_Settings_Controller extends WP_Test_REST_Controller_Testcase {
     13   
    1314    protected static $administrator;
     15    protected static $author;
    1416
    1517    public static function wpSetUpBeforeClass( $factory ) {
     
    1921            )
    2022        );
     23
     24        self::$author        = $factory->user->create(
     25            array(
     26                'role' => 'author',
     27            )
     28        );
    2129    }
    2230
    2331    public static function wpTearDownAfterClass() {
    2432        self::delete_user( self::$administrator );
     33        self::delete_user( self::$author );
    2534    }
    2635
     
    4655    }
    4756
    48     public function test_get_item_is_not_public() {
     57    public function test_get_item_is_not_public_not_authenticated() {
     58        $request  = new WP_REST_Request( 'GET', '/wp/v2/settings' );
     59        $response = $this->server->dispatch( $request );
     60        $this->assertEquals( 401, $response->get_status() );
     61    }
     62
     63    public function test_get_item_is_not_public_no_permission() {
     64        wp_set_current_user( self::$author );
    4965        $request  = new WP_REST_Request( 'GET', '/wp/v2/settings' );
    5066        $response = $this->server->dispatch( $request );
Note: See TracChangeset for help on using the changeset viewer.