mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2026-07-04 17:20:07 +00:00
App Passwords: Introduce fine grained capabilities.
Previously, all permission checks for using app passwords were implemented using `edit_user`. This commit introduces a series of more fine grained meta capabilities that should be used instead: `create_app_password`, `list_app_passwords`, `read_app_password`, `edit_app_password`, `delete_app_password` and `delete_app_passwords`. These capabilities all map to `edit_user` by default, but may now be customized by developers. Props johnbillion, TimothyBlynJacobs. Fixes #51703. git-svn-id: https://develop.svn.wordpress.org/trunk@50114 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
@@ -190,7 +190,7 @@ class WP_Test_REST_Application_Passwords_Controller extends WP_Test_REST_Control
|
||||
wp_set_current_user( self::$subscriber_id );
|
||||
|
||||
$response = rest_do_request( sprintf( '/wp/v2/users/%d/application-passwords', self::$admin ) );
|
||||
$this->assertErrorResponse( 'rest_cannot_manage_application_passwords', $response, 403 );
|
||||
$this->assertErrorResponse( 'rest_cannot_list_application_passwords', $response, 403 );
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -272,7 +272,7 @@ class WP_Test_REST_Application_Passwords_Controller extends WP_Test_REST_Control
|
||||
|
||||
$uuid = $item['uuid'];
|
||||
$response = rest_do_request( sprintf( '/wp/v2/users/%d/application-passwords/%s', self::$admin, $uuid ) );
|
||||
$this->assertErrorResponse( 'rest_cannot_manage_application_passwords', $response, 403 );
|
||||
$this->assertErrorResponse( 'rest_cannot_read_application_password', $response, 403 );
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -394,7 +394,7 @@ class WP_Test_REST_Application_Passwords_Controller extends WP_Test_REST_Control
|
||||
$request = new WP_REST_Request( 'POST', sprintf( '/wp/v2/users/%d/application-passwords', self::$admin ) );
|
||||
$request->set_body_params( array( 'name' => 'App' ) );
|
||||
$response = rest_do_request( $request );
|
||||
$this->assertErrorResponse( 'rest_cannot_manage_application_passwords', $response, 403 );
|
||||
$this->assertErrorResponse( 'rest_cannot_create_application_passwords', $response, 403 );
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -500,7 +500,7 @@ class WP_Test_REST_Application_Passwords_Controller extends WP_Test_REST_Control
|
||||
$request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/users/%d/application-passwords/%s', self::$admin, $uuid ) );
|
||||
$request->set_body_params( array( 'name' => 'New App' ) );
|
||||
$response = rest_do_request( $request );
|
||||
$this->assertErrorResponse( 'rest_cannot_manage_application_passwords', $response, 403 );
|
||||
$this->assertErrorResponse( 'rest_cannot_edit_application_password', $response, 403 );
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -643,7 +643,7 @@ class WP_Test_REST_Application_Passwords_Controller extends WP_Test_REST_Control
|
||||
$uuid = $item['uuid'];
|
||||
$request = new WP_REST_Request( 'DELETE', sprintf( '/wp/v2/users/%d/application-passwords/%s', self::$admin, $uuid ) );
|
||||
$response = rest_do_request( $request );
|
||||
$this->assertErrorResponse( 'rest_cannot_manage_application_passwords', $response, 403 );
|
||||
$this->assertErrorResponse( 'rest_cannot_delete_application_password', $response, 403 );
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -747,7 +747,7 @@ class WP_Test_REST_Application_Passwords_Controller extends WP_Test_REST_Control
|
||||
|
||||
$request = new WP_REST_Request( 'DELETE', sprintf( '/wp/v2/users/%d/application-passwords', self::$admin ) );
|
||||
$response = rest_do_request( $request );
|
||||
$this->assertErrorResponse( 'rest_cannot_manage_application_passwords', $response, 403 );
|
||||
$this->assertErrorResponse( 'rest_cannot_delete_application_passwords', $response, 403 );
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -522,7 +522,13 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
|
||||
$expected['delete_user'],
|
||||
$expected['edit_user_meta'],
|
||||
$expected['delete_user_meta'],
|
||||
$expected['add_user_meta']
|
||||
$expected['add_user_meta'],
|
||||
$expected['create_app_password'],
|
||||
$expected['list_app_passwords'],
|
||||
$expected['read_app_password'],
|
||||
$expected['edit_app_password'],
|
||||
$expected['delete_app_passwords'],
|
||||
$expected['delete_app_password']
|
||||
);
|
||||
|
||||
$expected = array_keys( $expected );
|
||||
|
||||
Reference in New Issue
Block a user