Changeset 14070 for trunk/tests/phpunit/testcases/groups/test-group-invites-controller.php

Timestamp:

11/03/2024 06:19:06 PM (5 months ago)

Author:

espellcaste

Message:

A user is no longer de-authenticated when making REST API requests.

We are introducing a new BP_LoggedIn_User class to fetch data about a BuddyPress logged-in user. This new addition fixes an issue where a user could be de-authenticated when making REST API requests.

Props dcavins, DJPaul, johnjamesjacoby, and imath.

Closes ​https://github.com/buddypress/buddypress/pull/395
See #9229 and #9145
Fixes #7658

File:

• trunk/tests/phpunit/testcases/groups/test-group-invites-controller.php (modified) (30 diffs)

trunk/tests/phpunit/testcases/groups/test-group-invites-controller.php

@@ -69 +69 @@
 
         // As site admin
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
         $request = new WP_REST_Request( 'GET', $this->endpoint_url );
         $request->set_query_params(
@@ -128 +128 @@
         $this->populate_group_with_invites( array( $u4 ), $this->group_id );
 
-        $this->bp::set_current_user( $this->g1admin );
+        wp_set_current_user( $this->g1admin );
         $request = new WP_REST_Request( 'GET', $this->endpoint_url );
         $request->set_query_params(
@@ -181 +181 @@
         );
 
-        $this->bp::set_current_user( $u1 );
+        wp_set_current_user( $u1 );
         $request = new WP_REST_Request( 'GET', $this->endpoint_url );
         $request->set_query_params(
@@ -238 +238 @@
         );
 
-        $this->bp::set_current_user( $u4 );
+        wp_set_current_user( $u4 );
         $request = new WP_REST_Request( 'GET', $this->endpoint_url );
         $request->set_query_params(
@@ -262 +262 @@
      */
     public function test_get_items_user_not_logged_in() {
-        $this->bp::set_current_user( 0 );
+        wp_set_current_user( 0 );
 
         $request = new WP_REST_Request( 'GET', $this->endpoint_url );
@@ -281 +281 @@
     public function test_get_items_without_permission() {
         $u1 = static::factory()->user->create();
-        $this->bp::set_current_user( $u1 );
+        wp_set_current_user( $u1 );
 
         $request = new WP_REST_Request( 'GET', $this->endpoint_url );
@@ -310 +310 @@
         );
 
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
         $request = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', $invite_id ) );
         $request->set_param( 'context', 'view' );
@@ -359 +359 @@
         );
 
-        $this->bp::set_current_user( $u1 );
+        wp_set_current_user( $u1 );
         $request = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', $invite_id ) );
         $request->set_param( 'context', 'view' );
@@ -384 +384 @@
         );
 
-        $this->bp::set_current_user( $this->g1admin );
+        wp_set_current_user( $this->g1admin );
         $request = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', $invite_id ) );
         $request->set_param( 'context', 'view' );
@@ -400 +400 @@
         $u1 = static::factory()->user->create();
 
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
 
         $request = new WP_REST_Request( 'POST', $this->endpoint_url );
@@ -428 +428 @@
         $u1 = static::factory()->user->create();
 
-        $this->bp::set_current_user( $this->g1admin );
+        wp_set_current_user( $this->g1admin );
 
         $request = new WP_REST_Request( 'POST', $this->endpoint_url );
@@ -455 +455 @@
     public function test_inviter_cannot_invite_member_to_group_if_already_member() {
         // $this->user is a creator of the group.
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
 
         $request = new WP_REST_Request( 'POST', $this->endpoint_url );
@@ -477 +477 @@
         $u = static::factory()->user->create();
 
-        $this->bp::set_current_user( 0 );
+        wp_set_current_user( 0 );
         $request = new WP_REST_Request( 'POST', $this->endpoint_url );
         $request->set_param( 'context', 'edit' );
@@ -496 +496 @@
      */
     public function test_create_item_invalid_member_id() {
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
 
         $request = new WP_REST_Request( 'POST', $this->endpoint_url );
@@ -518 +518 @@
         $u = static::factory()->user->create();
 
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
 
         $request = new WP_REST_Request( 'POST', $this->endpoint_url );
@@ -539 +539 @@
         $u = static::factory()->user->create();
 
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
 
         $request = new WP_REST_Request( 'POST', $this->endpoint_url );
@@ -562 +562 @@
         $u2 = static::factory()->user->create();
 
-        $this->bp::set_current_user( $u2 );
+        wp_set_current_user( $u2 );
 
         $request = new WP_REST_Request( 'POST', $this->endpoint_url );
@@ -592 +592 @@
         );
 
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
 
         $request = new WP_REST_Request( 'PUT', $this->endpoint_url . '/' . $invite_id );
@@ -619 +619 @@
         );
 
-        $this->bp::set_current_user( $u1 );
+        wp_set_current_user( $u1 );
 
         $request = new WP_REST_Request( 'PUT', $this->endpoint_url . '/' . $invite_id );
@@ -636 +636 @@
      */
     public function test_update_item_invalid_id() {
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
 
         $request  = new WP_REST_Request( 'PUT', $this->endpoint_url . '/' . REST_TESTS_IMPOSSIBLY_HIGH_NUMBER );
@@ -658 +658 @@
             )
         );
-        $this->bp::set_current_user( 0 );
+        wp_set_current_user( 0 );
         $request  = new WP_REST_Request( 'PUT', $this->endpoint_url . '/' . $invite_id );
         $response = $this->server->dispatch( $request );
@@ -681 +681 @@
         );
 
-        $this->bp::set_current_user( $u2 );
+        wp_set_current_user( $u2 );
 
         $request  = new WP_REST_Request( 'PUT', $this->endpoint_url . '/' . $invite_id );
@@ -704 +704 @@
 
         // Delete as site admin.
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
 
         $request  = new WP_REST_Request( 'DELETE', $this->endpoint_url . '/' . $invite_id );
@@ -731 +731 @@
         );
 
-        $this->bp::set_current_user( $u1 );
+        wp_set_current_user( $u1 );
 
         $request  = new WP_REST_Request( 'DELETE', $this->endpoint_url . '/' . $invite_id );
@@ -752 +752 @@
         $this->bp::add_user_to_group( $u2, $this->g1 );
 
-        $this->bp::set_current_user( $u2 );
+        wp_set_current_user( $u2 );
 
         $invite_id = groups_invite_user(
@@ -782 +782 @@
         $this->bp::add_user_to_group( $u2, $this->g1 );
 
-        $this->bp::set_current_user( $u2 );
+        wp_set_current_user( $u2 );
 
         $invite_id = groups_invite_user(
@@ -793 +793 @@
         );
 
-        $this->bp::set_current_user( $this->g1admin );
+        wp_set_current_user( $this->g1admin );
 
         $request  = new WP_REST_Request( 'DELETE', $this->endpoint_url . '/' . $invite_id );
@@ -818 +818 @@
             )
         );
-        $this->bp::set_current_user( 0 );
+        wp_set_current_user( 0 );
         $request = new WP_REST_Request( 'DELETE', $this->endpoint_url . '/' . $invite_id );
         $request->set_query_params(
@@ -846 +846 @@
             )
         );
-        $this->bp::set_current_user( $u2 );
+        wp_set_current_user( $u2 );
 
         $request = new WP_REST_Request( 'DELETE', $this->endpoint_url . '/' . $invite_id );
@@ -864 +864 @@
      */
     public function test_delete_item_invalid_id() {
-        $this->bp::set_current_user( $this->user );
+        wp_set_current_user( $this->user );
 
         $request  = new WP_REST_Request( 'DELETE', $this->endpoint_url . '/' . REST_TESTS_IMPOSSIBLY_HIGH_NUMBER );