Skip to content

Commit 6d1ee65

Browse files
miinamiina
committed
Add more tests. Add exception for namespace to as ruleset.
1 parent f0f4a77 commit 6d1ee65

File tree

3 files changed

+54
-8
lines changed

3 files changed

+54
-8
lines changed

lib/class-wp-rest-block-renderer-controller.php

Lines changed: 6 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,6 @@ class WP_REST_Block_Renderer_Controller extends WP_REST_Controller {
2121
* @access public
2222
*/
2323
public function __construct() {
24-
// @codingStandardsIgnoreLine - PHPCS mistakes $this->namespace for the namespace keyword.
2524
$this->namespace = 'gutenberg/v1';
2625
$this->rest_base = 'block-renderer';
2726
}
@@ -38,7 +37,6 @@ public function register_routes() {
3837
continue;
3938
}
4039

41-
// @codingStandardsIgnoreLine - PHPCS mistakes $this->namespace for the namespace keyword.
4240
register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P<name>' . $block_type->name . ')', array(
4341
'args' => array(
4442
'name' => array(
@@ -82,10 +80,10 @@ public function register_routes() {
8280
public function get_item_permissions_check( $request ) {
8381
global $post;
8482

85-
$post_ID = isset( $request['post_id'] ) ? intval( $request['post_id'] ) : 0;
83+
$post_id = isset( $request['post_id'] ) ? intval( $request['post_id'] ) : 0;
8684

87-
if ( 0 < $post_ID ) {
88-
$post = get_post( $post_ID );
85+
if ( 0 < $post_id ) {
86+
$post = get_post( $post_id );
8987
if ( ! $post || ! current_user_can( 'edit_post', $post->ID ) ) {
9088
return new WP_Error( 'gutenberg_block_cannot_read', __( 'Sorry, you are not allowed to read Gutenberg blocks of this post', 'gutenberg' ), array(
9189
'status' => rest_authorization_required_code(),
@@ -114,10 +112,10 @@ public function get_item_permissions_check( $request ) {
114112
public function get_item( $request ) {
115113
global $post;
116114

117-
$post_ID = isset( $request['post_id'] ) ? intval( $request['post_id'] ) : 0;
115+
$post_id = isset( $request['post_id'] ) ? intval( $request['post_id'] ) : 0;
118116

119-
if ( 0 < $post_ID ) {
120-
$post = get_post( $post_ID );
117+
if ( 0 < $post_id ) {
118+
$post = get_post( $post_id );
121119

122120
// Set up postdata since this will be needed if post_id was set.
123121
setup_postdata( $post );

phpcs.xml.dist

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,9 @@
2020
<file>./phpunit</file>
2121
<file>gutenberg.php</file>
2222

23+
<rule ref="PHPCompatibility.PHP.NewKeywords.t_namespaceFound">
24+
<exclude-pattern>lib/class-wp-rest-block-renderer-controller.php</exclude-pattern>
25+
</rule>
2326
<!-- These special comments are markers for the build process -->
2427
<rule ref="Squiz.Commenting.InlineComment.WrongStyle">
2528
<exclude-pattern>gutenberg.php</exclude-pattern>

phpunit/class-rest-block-renderer-controller-test.php

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,13 @@ class REST_Block_Renderer_Controller_Test extends WP_Test_REST_Controller_Testca
4040
*/
4141
protected static $post_id;
4242

43+
/**
44+
* Author test user ID.
45+
*
46+
* @var int
47+
*/
48+
protected static $author_id;
49+
4350
/**
4451
* Create test data before the tests run.
4552
*
@@ -52,6 +59,12 @@ public static function wpSetUpBeforeClass( $factory ) {
5259
)
5360
);
5461

62+
self::$author_id = $factory->user->create(
63+
array(
64+
'role' => 'author',
65+
)
66+
);
67+
5568
self::$post_id = $factory->post->create( array(
5669
'post_title' => 'Test Post',
5770
) );
@@ -316,6 +329,38 @@ public function test_get_item_with_post_context() {
316329
$this->assertEquals( $expected_title, $data['rendered'] );
317330
}
318331

332+
/**
333+
* Test getting item with invalid post ID.
334+
*/
335+
public function test_get_item_without_permissions_invalid_post() {
336+
wp_set_current_user( self::$user_id );
337+
338+
$request = new WP_REST_Request( 'GET', '/gutenberg/v1/block-renderer/' . self::$context_block_name );
339+
$request->set_param( 'context', 'edit' );
340+
341+
// Test with invalid post ID.
342+
$request->set_param( 'post_id', PHP_INT_MAX );
343+
$response = $this->server->dispatch( $request );
344+
345+
$this->assertErrorResponse( 'gutenberg_block_cannot_read', $response, 403 );
346+
}
347+
348+
/**
349+
* Test getting item without permissions to edit context post.
350+
*/
351+
public function test_get_item_without_permissions_cannot_edit_post() {
352+
wp_set_current_user( self::$author_id );
353+
354+
$request = new WP_REST_Request( 'GET', '/gutenberg/v1/block-renderer/' . self::$context_block_name );
355+
$request->set_param( 'context', 'edit' );
356+
357+
// Test with private post ID.
358+
$request->set_param( 'post_id', self::$post_id );
359+
$response = $this->server->dispatch( $request );
360+
361+
$this->assertErrorResponse( 'gutenberg_block_cannot_read', $response, 403 );
362+
}
363+
319364
/**
320365
* Get item schema.
321366
*

0 commit comments

Comments
 (0)