Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
11/03/2024 06:19:06 PM (5 months ago)
Author:
espellcaste
Message:

A user is no longer de-authenticated when making REST API requests.

We are introducing a new BP_LoggedIn_User class to fetch data about a BuddyPress logged-in user. This new addition fixes an issue where a user could be de-authenticated when making REST API requests.

Props dcavins, DJPaul, johnjamesjacoby, and imath.

Closes https://github.com/buddypress/buddypress/pull/395
See #9229 and #9145
Fixes #7658

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/phpunit/testcases/friends/test-controller.php

    r14026 r14070  
    3939        $this->create_friendship();
    4040
    41         $this->bp::set_current_user( $this->user );
     41        wp_set_current_user( $this->user );
    4242
    4343        $request = new WP_REST_Request( 'GET', $this->endpoint_url );
     
    7676     */
    7777    public function test_get_item() {
    78         $this->bp::set_current_user( $this->user );
     78        wp_set_current_user( $this->user );
    7979
    8080        $request = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', $this->friend ) );
     
    9797     */
    9898    public function test_get_item_with_invalid_friend_id() {
    99         $this->bp::set_current_user( $this->user );
     99        wp_set_current_user( $this->user );
    100100
    101101        $request = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    121121     */
    122122    public function test_create_item() {
    123         $this->bp::set_current_user( $this->user );
     123        wp_set_current_user( $this->user );
    124124
    125125        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    145145        $u2 = static::factory()->user->create();
    146146
    147         $this->bp::set_current_user( $u2 );
     147        wp_set_current_user( $u2 );
    148148
    149149        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    167167        $u = static::factory()->user->create();
    168168
    169         $this->bp::set_current_user( $this->user );
     169        wp_set_current_user( $this->user );
    170170
    171171        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    190190
    191191        $this->create_friendship( $user );
    192         $this->bp::set_current_user( $this->user );
     192        wp_set_current_user( $this->user );
    193193
    194194        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    224224     */
    225225    public function test_regular_user_can_not_create_friendship_to_others() {
    226         $this->bp::set_current_user( static::factory()->user->create() );
     226        wp_set_current_user( static::factory()->user->create() );
    227227
    228228        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    240240     */
    241241    public function test_admins_can_create_friendship_to_others() {
    242         $this->bp::set_current_user( $this->user );
     242        wp_set_current_user( $this->user );
    243243
    244244        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    260260     */
    261261    public function test_admins_can_force_friendship_creation() {
    262         $this->bp::set_current_user( $this->user );
     262        wp_set_current_user( $this->user );
    263263
    264264        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    282282    public function test_regular_users_can_not_force_friendship_creation() {
    283283        $u = static::factory()->user->create();
    284         $this->bp::set_current_user( $u );
     284        wp_set_current_user( $u );
    285285
    286286        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    335335        $this->create_friendship();
    336336
    337         $this->bp::set_current_user( $this->friend );
     337        wp_set_current_user( $this->friend );
    338338
    339339        $request  = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', $this->user ) );
     
    353353        $this->create_friendship();
    354354
    355         $this->bp::set_current_user( $this->user );
     355        wp_set_current_user( $this->user );
    356356
    357357        $request  = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', $this->friend ) );
     
    365365     */
    366366    public function test_update_item_invalid_friend_id() {
    367         $this->bp::set_current_user( $this->user );
     367        wp_set_current_user( $this->user );
    368368
    369369        $request  = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    389389        $this->create_friendship();
    390390
    391         $this->bp::set_current_user( $this->friend );
     391        wp_set_current_user( $this->friend );
    392392
    393393        $request  = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', $this->user ) );
     
    407407        $this->create_friendship();
    408408
    409         $this->bp::set_current_user( $this->user );
     409        wp_set_current_user( $this->user );
    410410
    411411        $request  = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', $this->friend ) );
     
    425425        $this->create_friendship();
    426426
    427         $this->bp::set_current_user( $this->friend );
     427        wp_set_current_user( $this->friend );
    428428
    429429        $request = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', $this->user ) );
     
    444444        $this->create_friendship();
    445445
    446         $this->bp::set_current_user( $this->user );
     446        wp_set_current_user( $this->user );
    447447
    448448        $request = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', $this->friend ) );
     
    463463        $this->create_friendship();
    464464
    465         $this->bp::set_current_user( $this->user );
     465        wp_set_current_user( $this->user );
    466466
    467467        $request = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', $this->friend ) );
     
    482482        $this->create_friendship();
    483483
    484         $this->bp::set_current_user( $this->friend );
     484        wp_set_current_user( $this->friend );
    485485
    486486        $request  = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', $this->user ) );
     
    500500        $this->create_friendship();
    501501
    502         $this->bp::set_current_user( $this->friend );
     502        wp_set_current_user( $this->friend );
    503503
    504504        $request  = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    522522     */
    523523    public function test_prepare_item() {
    524         $this->bp::set_current_user( $this->user );
     524        wp_set_current_user( $this->user );
    525525
    526526        $request  = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', $this->friend ) );
Note: See TracChangeset for help on using the changeset viewer.