diff --git a/src/wp-includes/canonical.php b/src/wp-includes/canonical.php index 167b5cf562..bd4131396e 100644 --- a/src/wp-includes/canonical.php +++ b/src/wp-includes/canonical.php @@ -77,6 +77,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { $redirect = $original; $redirect_url = false; + $redirect_obj = false; // Notice fixing. if ( ! isset( $redirect['path'] ) ) { @@ -102,6 +103,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { if ( is_feed() && $post_id ) { $redirect_url = get_post_comments_feed_link( $post_id, get_query_var( 'feed' ) ); + $redirect_obj = get_post( $post_id ); if ( $redirect_url ) { $redirect['query'] = _remove_qs_args_if_not_in_url( @@ -126,6 +128,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { } $redirect_url = get_permalink( $post_id ); + $redirect_obj = get_post( $post_id ); if ( $redirect_url ) { $redirect['query'] = _remove_qs_args_if_not_in_url( @@ -150,6 +153,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { if ( $post_type_obj->public && 'auto-draft' !== $redirect_post->post_status ) { $redirect_url = get_permalink( $redirect_post ); + $redirect_obj = get_post( $redirect_post ); $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], @@ -197,6 +201,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { if ( $post_id ) { $redirect_url = get_permalink( $post_id ); + $redirect_obj = get_post( $post_id ); $redirect['path'] = rtrim( $redirect['path'], (int) get_query_var( 'page' ) . '/' ); $redirect['query'] = remove_query_arg( 'page', $redirect['query'] ); @@ -223,27 +228,32 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { ) { if ( ! empty( $_GET['attachment_id'] ) ) { $redirect_url = get_attachment_link( get_query_var( 'attachment_id' ) ); + $redirect_obj = get_post( get_query_var( 'attachment_id' ) ); if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'attachment_id', $redirect['query'] ); } } else { $redirect_url = get_attachment_link(); + $redirect_obj = get_post(); } } elseif ( is_single() && ! empty( $_GET['p'] ) && ! $redirect_url ) { $redirect_url = get_permalink( get_query_var( 'p' ) ); + $redirect_obj = get_post( get_query_var( 'p' ) ); if ( $redirect_url ) { $redirect['query'] = remove_query_arg( array( 'p', 'post_type' ), $redirect['query'] ); } } elseif ( is_single() && ! empty( $_GET['name'] ) && ! $redirect_url ) { $redirect_url = get_permalink( $wp_query->get_queried_object_id() ); + $redirect_obj = get_post( $wp_query->get_queried_object_id() ); if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'name', $redirect['query'] ); } } elseif ( is_page() && ! empty( $_GET['page_id'] ) && ! $redirect_url ) { $redirect_url = get_permalink( get_query_var( 'page_id' ) ); + $redirect_obj = get_post( get_query_var( 'page_id' ) ); if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'page_id', $redirect['query'] ); @@ -256,6 +266,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { && 'page' === get_option( 'show_on_front' ) && get_query_var( 'page_id' ) === (int) get_option( 'page_for_posts' ) ) { $redirect_url = get_permalink( get_option( 'page_for_posts' ) ); + $redirect_obj = get_post( get_option( 'page_for_posts' ) ); if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'page_id', $redirect['query'] ); @@ -310,6 +321,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { && $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE $wpdb->posts.post_author = %d AND $wpdb->posts.post_status = 'publish' LIMIT 1", $author->ID ) ) ) { $redirect_url = get_author_posts_url( $author->ID, $author->user_nicename ); + $redirect_obj = $author; if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'author', $redirect['query'] ); @@ -385,6 +397,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { || ! has_term( $category->term_id, 'category', $wp_query->get_queried_object_id() ) ) { $redirect_url = get_permalink( $wp_query->get_queried_object_id() ); + $redirect_obj = get_post( $wp_query->get_queried_object_id() ); } } } @@ -395,6 +408,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { if ( ! $redirect_url ) { $redirect_url = get_permalink( get_queried_object_id() ); + $redirect_obj = get_post( get_queried_object_id() ); } if ( $page > 1 ) { @@ -740,6 +754,32 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) { $requested_url = preg_replace_callback( '|%[a-fA-F0-9][a-fA-F0-9]|', 'lowercase_octets', $requested_url ); } + if ( + $redirect_obj && + is_a( $redirect_obj, 'WP_Post' ) + ) { + $post_status_obj = get_post_status_object( get_post_status( $redirect_obj ) ); + if ( + // Unviewable post types are never redirected. + ! is_post_type_viewable( $redirect_obj->post_type ) || + // Internal or protected posts never redirect. + $post_status_obj->internal || + $post_status_obj->protected || + ( + // Don't redirect a non-public post... + ! $post_status_obj->public && + ( + // ...unless it's private and the logged in user has access. + $post_status_obj->private && + ! current_user_can( 'read_post', $redirect_obj->ID ) + ) + ) + ) { + $redirect_obj = false; + $redirect_url = false; + } + } + /** * Filters the canonical redirect URL. * diff --git a/src/wp-includes/link-template.php b/src/wp-includes/link-template.php index 519e307764..2543cec12b 100644 --- a/src/wp-includes/link-template.php +++ b/src/wp-includes/link-template.php @@ -420,6 +420,17 @@ function get_attachment_link( $post = null, $leavename = false ) { $parent = false; } + if ( $parent ) { + $parent_status_obj = get_post_status_object( get_post_status( $post->post_parent ) ); + if ( + ! is_post_type_viewable( get_post_type( $post->post_parent ) ) || + $parent_status_obj->internal || + $parent_status_obj->protected + ) { + $parent = false; + } + } + if ( $wp_rewrite->using_permalinks() && $parent ) { if ( 'page' === $parent->post_type ) { $parentlink = _get_page_link( $post->post_parent ); // Ignores page_on_front. diff --git a/tests/phpunit/tests/canonical/postStatus.php b/tests/phpunit/tests/canonical/postStatus.php new file mode 100644 index 0000000000..7660206b26 --- /dev/null +++ b/tests/phpunit/tests/canonical/postStatus.php @@ -0,0 +1,970 @@ + 0, + 'subscriber' => $factory->user->create( array( 'role' => 'subscriber' ) ), + 'content_author' => $factory->user->create( array( 'role' => 'author' ) ), + 'editor' => $factory->user->create( array( 'role' => 'editor' ) ), + ); + + $post_statuses = array( 'publish', 'future', 'draft', 'pending', 'private', 'auto-draft', 'a-private-status' ); + foreach ( $post_statuses as $post_status ) { + $post_date = ''; + if ( 'future' === $post_status ) { + $post_date = strftime( '%Y-%m-%d %H:%M:%S', strtotime( '+1 year' ) ); + } + + self::$posts[ $post_status ] = $factory->post->create_and_get( + array( + 'post_type' => 'post', + 'post_title' => "$post_status post", + 'post_name' => "$post_status-post", + 'post_status' => $post_status, + 'post_content' => "Prevent canonical redirect exposing post slugs.\n\nPage 2", + 'post_author' => self::$users['content_author'], + 'post_date' => $post_date, + ) + ); + + // Add fake attachment to the post (file upload not needed). + self::$posts[ "$post_status-attachment" ] = $factory->post->create_and_get( + array( + 'post_type' => 'attachment', + 'post_title' => "$post_status inherited attachment", + 'post_name' => "$post_status-inherited-attachment", + 'post_status' => 'inherit', + 'post_content' => "Prevent canonical redirect exposing post via attachments.\n\nPage 2", + 'post_author' => self::$users['content_author'], + 'post_parent' => self::$posts[ $post_status ]->ID, + 'post_date' => $post_date, + ) + ); + + // Set up a page with same. + self::$posts[ "$post_status-page" ] = $factory->post->create_and_get( + array( + 'post_type' => 'page', + 'post_title' => "$post_status page", + 'post_name' => "$post_status-page", + 'post_status' => $post_status, + 'post_content' => "Prevent canonical redirect exposing page slugs.\n\nPage 2", + 'post_author' => self::$users['content_author'], + 'post_date' => $post_date, + ) + ); + } + + // Create a public CPT using a private status. + self::$posts['a-public-cpt'] = $factory->post->create_and_get( + array( + 'post_type' => 'a-public-cpt', + 'post_title' => 'a-public-cpt', + 'post_name' => 'a-public-cpt', + 'post_status' => 'private', + 'post_content' => 'Prevent canonical redirect exposing a-public-cpt titles.', + 'post_author' => self::$users['content_author'], + ) + ); + + // Add fake attachment to the public cpt (file upload not needed). + self::$posts['a-public-cpt-attachment'] = $factory->post->create_and_get( + array( + 'post_type' => 'attachment', + 'post_title' => 'a-public-cpt post inherited attachment', + 'post_name' => 'a-public-cpt-inherited-attachment', + 'post_status' => 'inherit', + 'post_content' => "Prevent canonical redirect exposing post via attachments.\n\nPage 2", + 'post_author' => self::$users['content_author'], + 'post_parent' => self::$posts['a-public-cpt']->ID, + ) + ); + + // Create a private CPT with a public status. + self::$posts['a-private-cpt'] = $factory->post->create_and_get( + array( + 'post_type' => 'a-private-cpt', + 'post_title' => 'a-private-cpt', + 'post_name' => 'a-private-cpt', + 'post_status' => 'publish', + 'post_content' => 'Prevent canonical redirect exposing a-private-cpt titles.', + 'post_author' => self::$users['content_author'], + ) + ); + + // Add fake attachment to the private cpt (file upload not needed). + self::$posts['a-private-cpt-attachment'] = $factory->post->create_and_get( + array( + 'post_type' => 'attachment', + 'post_title' => 'a-private-cpt post inherited attachment', + 'post_name' => 'a-private-cpt-inherited-attachment', + 'post_status' => 'inherit', + 'post_content' => "Prevent canonical redirect exposing post via attachments.\n\nPage 2", + 'post_author' => self::$users['content_author'], + 'post_parent' => self::$posts['a-private-cpt']->ID, + ) + ); + + // Post for trashing. + self::$posts['trash'] = $factory->post->create_and_get( + array( + 'post_type' => 'post', + 'post_title' => 'trash post', + 'post_name' => 'trash-post', + 'post_status' => 'publish', + 'post_content' => "Prevent canonical redirect exposing post slugs.\n\nPage 2", + 'post_author' => self::$users['content_author'], + ) + ); + + self::$posts['trash-attachment'] = $factory->post->create_and_get( + array( + 'post_type' => 'attachment', + 'post_title' => 'trash post inherited attachment', + 'post_name' => 'trash-post-inherited-attachment', + 'post_status' => 'inherit', + 'post_content' => "Prevent canonical redirect exposing post via attachments.\n\nPage 2", + 'post_author' => self::$users['content_author'], + 'post_parent' => self::$posts['trash']->ID, + ) + ); + + // Page for trashing. + self::$posts['trash-page'] = $factory->post->create_and_get( + array( + 'post_type' => 'page', + 'post_title' => 'trash page', + 'post_name' => 'trash-page', + 'post_status' => 'publish', + 'post_content' => "Prevent canonical redirect exposing page slugs.\n\nPage 2", + 'post_author' => self::$users['content_author'], + ) + ); + wp_trash_post( self::$posts['trash']->ID ); + wp_trash_post( self::$posts['trash-page']->ID ); + } + + function setUp() { + parent::setUp(); + self::setup_custom_types(); + } + + /** + * Set up a custom post type and private status. + * + * This needs to be called both in the class setup and + * test setup. + */ + public static function setup_custom_types() { + // Register public custom post type. + register_post_type( + 'a-public-cpt', + array( + 'public' => true, + 'rewrite' => array( + 'slug' => 'a-public-cpt', + ), + ) + ); + + // Register private custom post type. + register_post_type( + 'a-private-cpt', + array( + 'public' => false, + 'rewrite' => array( + 'slug' => 'a-private-cpt', + ), + ) + ); + + // Register custom private post status. + register_post_status( + 'a-private-status', + array( + 'private' => true, + ) + ); + } + + /** + * Test canonical redirect does not reveal private posts presence. + * + * @ticket 5272 + * @dataProvider data_canonical_redirects_to_ugly_permalinks + * + * @param string $post_key Post key used for creating fixtures. + * @param string $user_role User role. + * @param string $requested Requested URL. + * @param string $expected Expected URL. + */ + public function test_canonical_redirects_to_ugly_permalinks( $post_key, $user_role, $requested, $expected ) { + wp_set_current_user( self::$users[ $user_role ] ); + $this->set_permalink_structure( '' ); + $post = self::$posts[ $post_key ]; + clean_post_cache( $post->ID ); + + /* + * The dataProvider runs before the fixures are set up, therefore the + * post object IDs are placeholders that needs to be replaced. + */ + $requested = str_replace( '%ID%', $post->ID, $requested ); + $expected = str_replace( '%ID%', $post->ID, $expected ); + + $this->assertCanonical( $requested, $expected ); + } + + /** + * Data provider for test_canonical_redirects_to_ugly_permalinks. + * + * @return array[] Array of arguments for tests { + * @type string $post_key Post key used for creating fixtures. + * @type string $user_role User role. + * @type string $requested Requested URL. + * @type string $expected Expected URL. + * } + */ + function data_canonical_redirects_to_ugly_permalinks() { + $data = array(); + $all_user_list = array( 'anon', 'subscriber', 'content_author', 'editor' ); + $select_allow_list = array( 'content_author', 'editor' ); + $select_block_list = array( 'anon', 'subscriber' ); + // All post/page keys + $all_user_post_status_keys = array( 'publish' ); + $select_user_post_status_keys = array( 'private', 'a-private-status' ); + $no_user_post_status_keys = array( 'future', 'draft', 'pending', 'auto-draft' ); // Excludes trash for attachment rules. + $select_user_post_type_keys = array( 'a-public-cpt' ); + $no_user_post_type_keys = array( 'a-private-cpt' ); + + foreach ( $all_user_post_status_keys as $post_key ) { + foreach ( $all_user_list as $user ) { + /* + * In the event `redirect_canonical()` is updated to redirect ugly permalinks + * to a canonical ugly version, these expected values can be changed. + */ + $data[] = array( + "$post_key-page", + $user, + '/?post_type=page&p=%ID%', + '/?post_type=page&p=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key-post", + "/?name=$post_key-post", + ); + + // Ensure rss redirects to rss2. + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss2&p=%ID%', + ); + + // Ensure rss redirects to rss2. + $data[] = array( + "$post_key-page", + $user, + '/?feed=rss&page_id=%ID%', + '/?feed=rss2&page_id=%ID%', + ); + } + } + + foreach ( $select_user_post_status_keys as $post_key ) { + foreach ( $select_allow_list as $user ) { + /* + * In the event `redirect_canonical()` is updated to redirect ugly permalinks + * to a canonical ugly version, these expected values can be changed. + */ + $data[] = array( + "$post_key-page", + $user, + '/?post_type=page&p=%ID%', + '/?post_type=page&p=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key-post", + "/?name=$post_key-post", + ); + + // Ensure rss redirects to rss2. + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss2&p=%ID%', + ); + + // Ensure rss redirects to rss2. + $data[] = array( + "$post_key-page", + $user, + '/?feed=rss&page_id=%ID%', + '/?feed=rss2&page_id=%ID%', + ); + } + + foreach ( $select_block_list as $user ) { + /* + * In the event `redirect_canonical()` is updated to redirect ugly permalinks + * to a canonical ugly version, these expected values MUST NOT be changed. + */ + $data[] = array( + "$post_key-page", + $user, + '/?post_type=page&p=%ID%', + '/?post_type=page&p=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key-post", + "/?name=$post_key-post", + ); + + // Ensure post's existence is not demonstrated by changing rss to rss2. + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss&p=%ID%', + ); + + // Ensure post's existence is not demonstrated by changing rss to rss2. + $data[] = array( + "$post_key-page", + $user, + '/?feed=rss&page_id=%ID%', + '/?feed=rss&page_id=%ID%', + ); + } + } + + foreach ( $no_user_post_status_keys as $post_key ) { + foreach ( $all_user_list as $user ) { + /* + * In the event `redirect_canonical()` is updated to redirect ugly permalinks + * to a canonical ugly version, these expected values MUST NOT be changed. + */ + $data[] = array( + "$post_key-page", + $user, + '/?post_type=page&p=%ID%', + '/?post_type=page&p=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key-post", + "/?name=$post_key-post", + ); + + // Ensure post's existence is not demonstrated by changing rss to rss2. + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss&p=%ID%', + ); + + // Ensure post's existence is not demonstrated by changing rss to rss2. + $data[] = array( + "$post_key-page", + $user, + '/?feed=rss&page_id=%ID%', + '/?feed=rss&page_id=%ID%', + ); + } + } + + foreach ( array( 'trash' ) as $post_key ) { + foreach ( $all_user_list as $user ) { + /* + * In the event `redirect_canonical()` is updated to redirect ugly permalinks + * to a canonical ugly version, these expected values MUST NOT be changed. + */ + $data[] = array( + "$post_key-page", + $user, + '/?post_type=page&p=%ID%', + '/?post_type=page&p=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key-post", + "/?name=$post_key-post", + ); + + // Ensure post's existence is not demonstrated by changing rss to rss2. + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss&p=%ID%', + ); + + // Ensure post's existence is not demonstrated by changing rss to rss2. + $data[] = array( + "$post_key-page", + $user, + '/?feed=rss&page_id=%ID%', + '/?feed=rss&page_id=%ID%', + ); + } + } + + foreach ( $select_user_post_type_keys as $post_key ) { + foreach ( $select_allow_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + '/?a-public-cpt=a-public-cpt', + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + '/?attachment_id=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key&post_type=$post_key", + "/?name=$post_key&post_type=$post_key", + ); + + // Ensure rss is replaced by rss2. + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?a-public-cpt=a-public-cpt&feed=rss2', + ); + } + + foreach ( $select_block_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + '/?p=%ID%', + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + '/?attachment_id=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key&post_type=$post_key", + "/?name=$post_key&post_type=$post_key", + ); + + // Ensure rss is not replaced with rss2. + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss&p=%ID%', + ); + } + } + + foreach ( $no_user_post_type_keys as $post_key ) { + foreach ( $all_user_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + '/?p=%ID%', + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + '/?attachment_id=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key&post_type=$post_key", + "/?name=$post_key&post_type=$post_key", + ); + + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss&p=%ID%', + ); + } + } + + return $data; + } + + /** + * Test canonical redirect does not reveal private slugs. + * + * @ticket 5272 + * @dataProvider data_canonical_redirects_to_pretty_permalinks + * + * @param string $post_key Post key used for creating fixtures. + * @param string $user_role User role. + * @param string $requested Requested URL. + * @param string $expected Expected URL. + */ + public function test_canonical_redirects_to_pretty_permalinks( $post_key, $user_role, $requested, $expected ) { + wp_set_current_user( self::$users[ $user_role ] ); + $this->set_permalink_structure( '/%postname%/' ); + $post = self::$posts[ $post_key ]; + clean_post_cache( $post->ID ); + + /* + * The dataProvider runs before the fixures are set up, therefore the + * post object IDs are placeholders that needs to be replaced. + */ + $requested = str_replace( '%ID%', $post->ID, $requested ); + $expected = str_replace( '%ID%', $post->ID, $expected ); + + $this->assertCanonical( $requested, $expected ); + } + + /** + * Data provider for test_canonical_redirects_to_pretty_permalinks. + * + * @return array[] Array of arguments for tests { + * @type string $post_key Post key used for creating fixtures. + * @type string $user_role User role. + * @type string $requested Requested URL. + * @type string $expected Expected URL. + * } + */ + function data_canonical_redirects_to_pretty_permalinks() { + $data = array(); + $all_user_list = array( 'anon', 'subscriber', 'content_author', 'editor' ); + $select_allow_list = array( 'content_author', 'editor' ); + $select_block_list = array( 'anon', 'subscriber' ); + // All post/page keys + $all_user_post_status_keys = array( 'publish' ); + $select_user_post_status_keys = array( 'private', 'a-private-status' ); + $no_user_post_status_keys = array( 'future', 'draft', 'pending', 'auto-draft' ); // Excludes trash for attachment rules. + $select_user_post_type_keys = array( 'a-public-cpt' ); + $no_user_post_type_keys = array( 'a-private-cpt' ); + + foreach ( $all_user_post_status_keys as $post_key ) { + foreach ( $all_user_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + "/$post_key-post/", + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + "/$post_key-post/$post_key-inherited-attachment/", + ); + + $data[] = array( + "$post_key-page", + $user, + '/?post_type=page&p=%ID%', + "/$post_key-page/", + ); + + $data[] = array( + "$post_key-page", + $user, + '/?page_id=%ID%', + "/$post_key-page/", + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key-post", + "/$post_key-post/", + ); + + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + "/$post_key-post/feed/", + ); + + $data[] = array( + "$post_key-page", + $user, + '/?feed=rss&page_id=%ID%', + "/$post_key-page/feed/", + ); + } + } + + foreach ( $select_user_post_status_keys as $post_key ) { + foreach ( $select_allow_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + "/$post_key-post/", + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + "/$post_key-post/$post_key-inherited-attachment/", + ); + + $data[] = array( + "$post_key-page", + $user, + '/?post_type=page&p=%ID%', + "/$post_key-page/", + ); + + $data[] = array( + "$post_key-page", + $user, + '/?page_id=%ID%', + "/$post_key-page/", + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key-post", + "/$post_key-post/", + ); + + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + "/$post_key-post/feed/", + ); + + $data[] = array( + "$post_key-page", + $user, + '/?feed=rss&page_id=%ID%', + "/$post_key-page/feed/", + ); + } + + foreach ( $select_block_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + '/?p=%ID%', + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + '/?attachment_id=%ID%', + ); + + $data[] = array( + "$post_key-page", + $user, + '/?post_type=page&p=%ID%', + '/?post_type=page&p=%ID%', + ); + + $data[] = array( + "$post_key-page", + $user, + '/?page_id=%ID%', + '/?page_id=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key-post", + "/?name=$post_key-post", + ); + + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss&p=%ID%', + ); + + $data[] = array( + "$post_key-page", + $user, + '/?feed=rss&page_id=%ID%', + '/?feed=rss&page_id=%ID%', + ); + } + } + + foreach ( $select_user_post_type_keys as $post_key ) { + foreach ( $select_allow_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + "/$post_key/$post_key/", + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + "/$post_key/$post_key/$post_key-inherited-attachment/", + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key&post_type=$post_key", + "/$post_key/$post_key/?post_type=$post_key", + ); + + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + "/$post_key/$post_key/feed/", + ); + } + + foreach ( $select_block_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + '/?p=%ID%', + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + '/?attachment_id=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key&post_type=$post_key", + "/?name=$post_key&post_type=$post_key", + ); + + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss&p=%ID%', + ); + } + } + + foreach ( $no_user_post_type_keys as $post_key ) { + foreach ( $all_user_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + '/?p=%ID%', + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + "/$post_key-inherited-attachment/", + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key&post_type=$post_key", + "/?name=$post_key&post_type=$post_key", + ); + + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss&p=%ID%', + ); + } + } + + foreach ( $no_user_post_status_keys as $post_key ) { + foreach ( $all_user_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + '/?p=%ID%', + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + '/?attachment_id=%ID%', + ); + + $data[] = array( + "$post_key-page", + $user, + '/?post_type=page&p=%ID%', + '/?post_type=page&p=%ID%', + ); + + $data[] = array( + "$post_key-page", + $user, + '/?page_id=%ID%', + '/?page_id=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key-post", + "/?name=$post_key-post", + ); + + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss&p=%ID%', + ); + + $data[] = array( + "$post_key-page", + $user, + '/?feed=rss&page_id=%ID%', + '/?feed=rss&page_id=%ID%', + ); + } + } + + foreach ( array( 'trash' ) as $post_key ) { + foreach ( $all_user_list as $user ) { + $data[] = array( + $post_key, + $user, + '/?p=%ID%', + '/?p=%ID%', + ); + + $data[] = array( + "$post_key-attachment", + $user, + '/?attachment_id=%ID%', + '/trash-post-inherited-attachment/', + ); + + $data[] = array( + "$post_key", + $user, + '/trash-post/trash-post-inherited-attachment/', + '/trash-post-inherited-attachment/', + ); + + $data[] = array( + "$post_key", + $user, + '/trash-post__trashed/trash-post-inherited-attachment/', + '/trash-post-inherited-attachment/', + ); + + $data[] = array( + "$post_key-page", + $user, + '/?post_type=page&p=%ID%', + '/?post_type=page&p=%ID%', + ); + + $data[] = array( + "$post_key-page", + $user, + '/?page_id=%ID%', + '/?page_id=%ID%', + ); + + $data[] = array( + $post_key, + $user, + "/?name=$post_key-post", + "/?name=$post_key-post", + ); + + $data[] = array( + $post_key, + $user, + '/?feed=rss&p=%ID%', + '/?feed=rss&p=%ID%', + ); + + $data[] = array( + "$post_key-page", + $user, + '/?feed=rss&page_id=%ID%', + '/?feed=rss&page_id=%ID%', + ); + } + } + + return $data; + } +}