vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-06-28 14:20:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Users: Use promote_users for role updates in edit_user().

Browse Source 
`edit_user()` can also update user roles but was still using the `edit_users` capability instead of the newer `promote_users` capability introduced in [14176].
This makes the role handling consistent with the bulk dropdown menu for role changes.

Props flixos90, johnjamesjacoby, ocean90.
Fixes #42564.

git-svn-id: https://develop.svn.wordpress.org/trunk@42855 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Dominik Schilling (ocean90)
2018-03-19 20:28:28 +00:00
parent ff5180e2a5
commit 877a59a843
2 changed files with 58 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
tests/phpunit/tests/user.php
View File

@@ -1541,4 +1541,43 @@ class Tests_User extends WP_UnitTestCase {
$this->assertContains( '\'Test\' blog\'s "name" has <html entities> &', $email->subject, 'Email subject does not contain the decoded HTML entities' );
$this->assertNotContains( '&#039;Test&#039; blog&#039;s &quot;name&quot; has &lt;html entities&gt; &amp;', $email->subject, 'Email subject does contains HTML entities' );
}
/**
* @ticket 42564
*/
function test_edit_user_role_update() {
$_POST = $_GET = $_REQUEST = array();
$administrator = self::factory()->user->create(
array(
'role' => 'administrator',
)
);
wp_set_current_user( $administrator );
// Don't let anyone with 'promote_users' (administrator) edit their own role to something without it (subscriber).
$_POST['role'] = 'subscriber';
$_POST['email'] = 'subscriber@subscriber.test';
$_POST['nickname'] = 'subscriber';
$this->assertSame( $administrator, edit_user( $administrator ) );
// Should still have the old role.
$this->assertSame( array( 'administrator' ), get_userdata( $administrator )->roles );
// Promote an editor to an administrator.
$editor = self::factory()->user->create(
array(
'role' => 'editor',
)
);
$_POST['role'] = 'administrator';
$_POST['email'] = 'administrator@administrator.test';
$_POST['nickname'] = 'administrator';
$this->assertSame( $editor, edit_user( $editor ) );
// Should have the new role.
$this->assertSame( array( 'administrator' ), get_userdata( $editor )->roles );
}
}