Users: Fail gracefully when checking mapped capabilities without providing the required object ID.

This avoids an `Undefined array key 0` PHP warning for `current_user_can()` capability checks that require a specific object to check against but an object ID was not passed.

A `_doing_it_wrong()` notice is also added, so that developers and site administrators are aware that the capability mapping is failing in the absence of the required object ID.

The list of mapped capabilities that require an object ID:

* `delete_post` / `delete_page`
* `edit_post` / `edit_page`
* `read_post` / `read_page`
* `publish_post`
* `edit_(post|comment|term|user)_meta` / `delete_*_meta` / `add_*_meta`
* `edit_comment`
* `edit_term` / `delete_term` / `assign_term`

Follow-up to [34091], [34113], [47178].

Props jeherve, peterwilsoncc, henry.wright, johnbillion, mattheweppelsheimer, hellofromTonya, JeffPaul, azouamauriac, Ninos Ego, TobiasBg, wpsmith, GaryJ, nacin, johnstonphilip, azaozz, SergeyBiryukov.
Fixes #44591.

git-svn-id: https://develop.svn.wordpress.org/trunk@53408 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov
2022-05-17 18:59:24 +00:00
parent f6775703e1
commit 590ca0ff94
4 changed files with 236 additions and 7 deletions

View File

@@ -1974,7 +1974,7 @@ class Tests_User extends WP_UnitTestCase {
)
);
// _doing_wrong() should be called because the filter callback
// _doing_it_wrong() should be called because the filter callback
// adds a item with a 'name' that is the same as one generated by core.
$this->setExpectedIncorrectUsage( 'wp_user_personal_data_exporter' );
add_filter( 'wp_privacy_additional_user_profile_data', array( $this, 'export_additional_user_profile_data_with_dup_name' ) );