mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2026-07-01 15:50:09 +00:00
REST API: Allow authors to read their own password protected posts.
Allow authenticated users to read the contents of password protected posts if they have the `edit_post` meta capability for the post. Props xknown, zieladam, peterwilsoncc, swissspidy, timothyblynjacobs. git-svn-id: https://develop.svn.wordpress.org/trunk@50717 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
@@ -1820,6 +1820,32 @@ class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te
|
||||
$this->assertErrorResponse( 'rest_forbidden', $response, 401 );
|
||||
}
|
||||
|
||||
public function test_get_post_draft_edit_context() {
|
||||
$post_content = 'Hello World!';
|
||||
$this->factory->post->create(
|
||||
array(
|
||||
'post_title' => 'Hola',
|
||||
'post_password' => 'password',
|
||||
'post_content' => $post_content,
|
||||
'post_excerpt' => $post_content,
|
||||
'post_author' => self::$editor_id,
|
||||
)
|
||||
);
|
||||
$draft_id = $this->factory->post->create(
|
||||
array(
|
||||
'post_status' => 'draft',
|
||||
'post_author' => self::$contributor_id,
|
||||
'post_content' => '<!-- wp:latest-posts {"displayPostContent":true} /--> <!-- wp:latest-posts {"displayPostContent":true,"displayPostContentRadio":"full_post"} /-->',
|
||||
)
|
||||
);
|
||||
wp_set_current_user( self::$contributor_id );
|
||||
$request = new WP_REST_Request( 'GET', sprintf( '/wp/v2/posts/%d', $draft_id ) );
|
||||
$request->set_param( 'context', 'edit' );
|
||||
$response = rest_get_server()->dispatch( $request );
|
||||
$data = $response->get_data();
|
||||
$this->assertNotContains( $post_content, $data['content']['rendered'] );
|
||||
}
|
||||
|
||||
public function test_get_post_invalid_id() {
|
||||
$request = new WP_REST_Request( 'GET', '/wp/v2/posts/' . REST_TESTS_IMPOSSIBLY_HIGH_NUMBER );
|
||||
$response = rest_get_server()->dispatch( $request );
|
||||
|
||||
Reference in New Issue
Block a user