WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
03/02/2025 11:33:56 PM (3 months ago)
Author:
peterwilsoncc
Message:

Users: Use editable_roles filter for multisite sub-sites.

Adds a check of the editable_roles filter when adding users to a multisite sub-site to ensure the role is permitted to be used on the network. If the role is blocked by the filter, attempting to add the role will trigger a wp_die() similar to attempting to add a user with the role on a single site install.

Props eartboard, hareesh-pillai, ideag, sukhendu2002, spacedmonkey, thomaswm.
Fixes #43251.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/phpunit/tests/multisite/wpmuValidateUserSignup.php

    r51860 r59901  
    221221            $this->assertContains( 'invalid_nonce', $valid['errors']->get_error_codes() );
    222222        }
     223
     224        /**
     225         * Ensure that wp_ensure_editable_role does not throw an exception when the role is editable.
     226         *
     227         * @ticket 43251
     228         *
     229         * @covers ::wp_ensure_editable_role
     230         */
     231        public function test_wp_ensure_editable_role_allows_editable_roles() {
     232            $role = get_role( 'editor' );
     233            $this->assertInstanceOf( 'WP_Role', $role, 'The editor role should exist.' );
     234            $this->assertNull( wp_ensure_editable_role( 'editor' ), 'The editor role should be editable.' );
     235        }
     236
     237        /**
     238         * Ensure that wp_ensure_editable_role throws an exception for non-existent roles.
     239         *
     240         * @ticket 43251
     241         *
     242         * @covers ::wp_ensure_editable_role
     243         */
     244        public function test_wp_ensure_editable_role_does_not_allow_non_existent_role() {
     245            $this->expectException( 'WPDieException' );
     246            $role = get_role( 'non-existent-role' );
     247            $this->assertNotInstanceOf( 'WP_Role', $role, 'The non-existent-role role should not exist.' );
     248            wp_ensure_editable_role( 'non-existent-role' );
     249        }
     250
     251        /**
     252         * Ensure that wp_ensure_editable_role throws an exception for roles that are not editable.
     253         *
     254         * @ticket 43251
     255         *
     256         * @covers ::wp_ensure_editable_role
     257         */
     258        public function test_wp_ensure_editable_role_does_not_allow_uneditable_roles() {
     259            add_filter(
     260                'editable_roles',
     261                function ( $roles ) {
     262                    unset( $roles['editor'] );
     263                    return $roles;
     264                }
     265            );
     266            $this->expectException( 'WPDieException' );
     267            $role = get_role( 'editor' );
     268            $this->assertInstanceOf( 'WP_Role', $role, 'The editor role should exist.' );
     269            wp_ensure_editable_role( 'editor' );
     270        }
    223271    }
    224272
Note: See TracChangeset for help on using the changeset viewer.