vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-06-28 22:30:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Privacy: More precise checking of user request action names.

Browse Source 
Props garrett-eclipse.
Fixes #46536.


git-svn-id: https://develop.svn.wordpress.org/trunk@49475 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Helen Hou-Sandi
2020-11-02 18:40:06 +00:00
parent 4985f741d3
commit 140b29db87
4 changed files with 40 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
tests/phpunit/tests/privacy/wpCreateUserRequest.php
View File

@@ -92,13 +92,26 @@ class Tests_WpCreateUserRequest extends WP_UnitTestCase {
$this->assertSame( 'invalid_email', $actual->get_error_code() );
}
/**
* Ensure a WP_Error is returned when no action is passed.
*
* @ticket 46536
*/
public function test_missing_action() {
$actual = wp_create_user_request( self::$registered_user_email, false );
$this->assertWPError( $actual );
$this->assertSame( 'invalid_action', $actual->get_error_code() );
}
/**
* Ensure a WP_Error is returned when an invalid action is passed.
*
* @ticket 44707
* @ticket 46536
*/
public function test_invalid_action() {
$actual = wp_create_user_request( self::$registered_user_email, false );
$actual = wp_create_user_request( self::$registered_user_email, 'invalid_action_name' );
$this->assertWPError( $actual );
$this->assertSame( 'invalid_action', $actual->get_error_code() );
@@ -161,13 +174,13 @@ class Tests_WpCreateUserRequest extends WP_UnitTestCase {
* @ticket 44707
*/
public function test_sanitized_action_name() {
$actual = wp_create_user_request( self::$non_registered_user_email, 'some[custom*action\name' );
$actual = wp_create_user_request( self::$non_registered_user_email, 'export[_person*al_\data' );
$this->assertNotWPError( $actual );
$post = get_post( $actual );
$this->assertSame( 'somecustomactionname', $post->post_name );
$this->assertSame( 'export_personal_data', $post->post_name );
$this->assertSame( self::$non_registered_user_email, $post->post_title );
}

4
tests/phpunit/tests/user/wpSendUserRequest.php
View File

@@ -374,7 +374,7 @@ class Tests_User_WpSendUserRequest extends WP_UnitTestCase {
update_user_meta( self::$admin_user->ID, 'locale', 'es_ES' );
wp_set_current_user( self::$admin_user->ID );
$request_id = wp_create_user_request( 'erase-user-not-registered@example.com', 'erase_personal_data' );
$request_id = wp_create_user_request( 'erase-user-not-registered@example.com', 'remove_personal_data' );
wp_send_user_request( $request_id );
$mailer = tests_retrieve_phpmailer_instance();
@@ -396,7 +396,7 @@ class Tests_User_WpSendUserRequest extends WP_UnitTestCase {
update_user_meta( self::$admin_user->ID, 'locale', 'de_DE' );
wp_set_current_user( self::$admin_user->ID );
$request_id = wp_create_user_request( 'export-user-not-registered@example.com', 'erase_personal_data' );
$request_id = wp_create_user_request( 'export-user-not-registered@example.com', 'remove_personal_data' );
wp_send_user_request( $request_id );
$mailer = tests_retrieve_phpmailer_instance();