Changes between Initial Version and Version 1 of Ticket #47443, comment 11
- Timestamp:
- 01/24/2020 10:28:51 PM (5 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #47443, comment 11
initial v1 1 Nevermind, thinking it over again, since "future" means "to be published in the future" it doesn't really make sense to have different permissions for the "publish" and "future" cases. The original edit to ''wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php'' is better. Added a new patch that reverts the change to this file but keeps my new unit test.1 Nevermind, thinking it over again, since "future" means "to be published in the future" it doesn't really make sense to have different permissions for the "publish" and "future" cases. The original edit to ''wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php'' is better. Added a new patch that reverts the change to this file, but keeps my new unit test. 2 2 3 3 But is it a problem that the patch would allow a user to publish posts via the Rest API, even if they only had the "edit_published_posts" capability? This seems tricky. If it's not a problem, then I could simply edit the unit test (test_create_post_publish_without_permission) that's failing. It would pass if I removed the "edit_published_posts" capability in addition to the "publish_posts" capability. What is the best practice for adjusting previous unit tests in a case like this?