App Passwords: Unify availability language.

Previously App Passwords used a mix of "enabled" and "available". We've now standardized on using "available". Additionally, we now use a 501 status code when indicating that App Passwords is not available. Props SergeyBiryukov, ocean90, TimothyBlynJacobs. Fixes #51513. git-svn-id: https://develop.svn.wordpress.org/trunk@49617 602fd350-edb4-49c9-b593-d223f7449a82
2025-10-16 12:05:38 +00:00 · 2020-11-16 22:40:11 +00:00 · 2020-11-16 22:40:11 +00:00 · ba8de96fc6
commit ba8de96fc6
parent 56ffe940b0
5 changed files with 18 additions and 12 deletions
--- a/src/wp-admin/authorize-application.php
+++ b/src/wp-admin/authorize-application.php
@ -90,15 +90,16 @@ if ( is_wp_error( $is_valid ) ) {

 if ( ! wp_is_application_passwords_available_for_user( $user ) ) {
 	if ( wp_is_application_passwords_available() ) {
-		$message = __( 'Application passwords are not enabled for your account. Please contact the site administrator for assistance.' );
+		$message = __( 'Application passwords are not available for your account. Please contact the site administrator for assistance.' );
 	} else {
-		$message = __( 'Application passwords are not enabled.' );
+		$message = __( 'Application passwords are not available.' );
 	}

 	wp_die(
 		$message,
 		__( 'Cannot Authorize Application' ),
 		array(
+			'response'  => 501,
 			'link_text' => __( 'Go Back' ),
 			'link_url'  => $reject_url ? add_query_arg( 'error', 'disabled', $reject_url ) : admin_url(),
 		)
--- a/src/wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php
+++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php
@ -503,8 +503,8 @@ class WP_REST_Application_Passwords_Controller extends WP_REST_Controller {
 		if ( ! wp_is_application_passwords_available() ) {
 			return new WP_Error(
 				'application_passwords_disabled',
-				__( 'Application passwords are not enabled.' ),
-				array( 'status' => 500 )
+				__( 'Application passwords are not available.' ),
+				array( 'status' => 501 )
 			);
 		}

@ -547,8 +547,8 @@ class WP_REST_Application_Passwords_Controller extends WP_REST_Controller {
 		if ( ! wp_is_application_passwords_available_for_user( $user ) ) {
 			return new WP_Error(
 				'application_passwords_disabled_for_user',
-				__( 'Application passwords are not enabled for your account. Please contact the site administrator for assistance.' ),
-				array( 'status' => 500 )
+				__( 'Application passwords are not available for your account. Please contact the site administrator for assistance.' ),
+				array( 'status' => 501 )
 			);
 		}

--- a/src/wp-includes/user.php
+++ b/src/wp-includes/user.php
@ -350,10 +350,15 @@ function wp_authenticate_application_password( $input_user, $username, $password
 				__( 'Unknown username. Check again or try your email address.' )
 			);
 		}
-	} elseif ( ! wp_is_application_passwords_available_for_user( $user ) ) {
+	} elseif ( ! wp_is_application_passwords_available() ) {
 		$error = new WP_Error(
 			'application_passwords_disabled',
-			__( 'Application passwords are disabled for the requested user.' )
+			'Application passwords are not available.'
+		);
+	} elseif ( ! wp_is_application_passwords_available_for_user( $user ) ) {
+		$error = new WP_Error(
+			'application_passwords_disabled_for_user',
+			__( 'Application passwords are not available for your account. Please contact the site administrator for assistance.' )
 		);
 	}

@ -4131,7 +4136,7 @@ function wp_is_application_passwords_available() {
 }

 /**
- * Checks if Application Passwords is enabled for a specific user.
+ * Checks if Application Passwords is available for a specific user.
 *
 * By default all users can use Application Passwords. Use {@see 'wp_is_application_passwords_available_for_user'}
 * to restrict availability to certain users.
--- a/tests/phpunit/tests/auth.php
+++ b/tests/phpunit/tests/auth.php
@ -527,7 +527,7 @@ class Tests_Auth extends WP_UnitTestCase {

 		$error = wp_authenticate_application_password( null, self::$_user->user_login, 'password' );
 		$this->assertWPError( $error );
-		$this->assertSame( 'application_passwords_disabled', $error->get_error_code() );
+		$this->assertSame( 'application_passwords_disabled_for_user', $error->get_error_code() );
 	}

 	/**
--- a/tests/phpunit/tests/rest-api/rest-application-passwords-controller.php
+++ b/tests/phpunit/tests/rest-api/rest-application-passwords-controller.php
@ -112,7 +112,7 @@ class WP_Test_REST_Application_Passwords_Controller extends WP_Test_REST_Control
 		add_filter( 'wp_is_application_passwords_available', '__return_false' );

 		$response = rest_do_request( '/wp/v2/users/me/application-passwords' );
-		$this->assertErrorResponse( 'application_passwords_disabled', $response, 500 );
+		$this->assertErrorResponse( 'application_passwords_disabled', $response, 501 );
 	}

 	/**
@ -123,7 +123,7 @@ class WP_Test_REST_Application_Passwords_Controller extends WP_Test_REST_Control
 		add_filter( 'wp_is_application_passwords_available_for_user', '__return_false' );

 		$response = rest_do_request( '/wp/v2/users/me/application-passwords' );
-		$this->assertErrorResponse( 'application_passwords_disabled_for_user', $response, 500 );
+		$this->assertErrorResponse( 'application_passwords_disabled_for_user', $response, 501 );
 	}

 	/**