WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
10/24/2020 04:02:34 PM (6 years ago)
Author:
TimothyBlynJacobs
Message:

REST API: Don't validate status if it hasn't changed.

In particular, this allows for sending status=inherit to an attachment if it's current status is inherit. This status would be rejected because it is an "internal" post status which isn't exposed.

As a general rule, a developer should always be able to PUT back a GET response without error.

Props dfenton, pputzer, TimothyBlynJacobs.
Fixes #40399.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/phpunit/tests/rest-api/rest-attachments-controller.php

    r49215 r49302  
    10051005        $request->set_param( 'post', $attachment_id );
    10061006        $response = rest_get_server()->dispatch( $request );
     1007        $this->assertErrorResponse( 'rest_invalid_param', $response, 400 );
     1008    }
     1009
     1010    /**
     1011     * @ticket 40399
     1012     */
     1013    public function test_update_item_with_existing_inherit_status() {
     1014        wp_set_current_user( self::$editor_id );
     1015        $parent_id     = self::factory()->post->create( array() );
     1016        $attachment_id = self::factory()->attachment->create_object(
     1017            $this->test_file,
     1018            $parent_id,
     1019            array(
     1020                'post_mime_type' => 'image/jpeg',
     1021                'post_excerpt'   => 'A sample caption',
     1022                'post_author'    => self::$editor_id,
     1023            )
     1024        );
     1025
     1026        $request = new WP_REST_Request( 'POST', '/wp/v2/media/' . $attachment_id );
     1027        $request->set_param( 'status', 'inherit' );
     1028        $response = rest_get_server()->dispatch( $request );
     1029
     1030        $this->assertNotWPError( $response->as_error() );
     1031        $this->assertEquals( 'inherit', $response->get_data()['status'] );
     1032    }
     1033
     1034    /**
     1035     * @ticket 40399
     1036     */
     1037    public function test_update_item_with_new_inherit_status() {
     1038        wp_set_current_user( self::$editor_id );
     1039        $attachment_id = self::factory()->attachment->create_object(
     1040            $this->test_file,
     1041            0,
     1042            array(
     1043                'post_mime_type' => 'image/jpeg',
     1044                'post_excerpt'   => 'A sample caption',
     1045                'post_author'    => self::$editor_id,
     1046                'post_status'    => 'private',
     1047            )
     1048        );
     1049
     1050        $request = new WP_REST_Request( 'POST', '/wp/v2/media/' . $attachment_id );
     1051        $request->set_param( 'status', 'inherit' );
     1052        $response = rest_get_server()->dispatch( $request );
     1053
    10071054        $this->assertErrorResponse( 'rest_invalid_param', $response, 400 );
    10081055    }
Note: See TracChangeset for help on using the changeset viewer.