Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
11/03/2024 06:19:06 PM (13 months ago)
Author:
espellcaste
Message:

A user is no longer de-authenticated when making REST API requests.

We are introducing a new BP_LoggedIn_User class to fetch data about a BuddyPress logged-in user. This new addition fixes an issue where a user could be de-authenticated when making REST API requests.

Props dcavins, DJPaul, johnjamesjacoby, and imath.

Closes https://github.com/buddypress/buddypress/pull/395
See #9229 and #9145
Fixes #7658

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/phpunit/testcases/notifications/test-controller.php

    r14026 r14070  
    3333    public function test_get_items() {
    3434        $notification_id = $this->bp::factory()->notification->create( array( 'user_id' => $this->user ) );
    35         $this->bp::set_current_user( $this->user );
     35        wp_set_current_user( $this->user );
    3636
    3737        $request = new WP_REST_Request( 'GET', $this->endpoint_url );
     
    6060        $this->bp::factory()->notification->create( array( 'user_id' => $u2 ) );
    6161
    62         $this->bp::set_current_user( $this->user );
     62        wp_set_current_user( $this->user );
    6363
    6464        $request = new WP_REST_Request( 'GET', $this->endpoint_url );
     
    8989        $this->bp::factory()->notification->create( array( 'user_id' => $u2 ) );
    9090
    91         $this->bp::set_current_user( $u3 );
     91        wp_set_current_user( $u3 );
    9292
    9393        $request = new WP_REST_Request( 'GET', $this->endpoint_url );
     
    115115    public function test_get_items_user_cannot_see_notifications_from_others() {
    116116        $u = static::factory()->user->create();
    117         $this->bp::set_current_user( $u );
     117        wp_set_current_user( $u );
    118118
    119119        $request = new WP_REST_Request( 'GET', $this->endpoint_url );
     
    128128     */
    129129    public function test_get_item() {
    130         $this->bp::set_current_user( $this->user );
     130        wp_set_current_user( $this->user );
    131131
    132132        $notification = $this->endpoint->get_notification_object( $this->notification_id );
     
    149149     */
    150150    public function test_get_embedded_user_from_notification_item() {
    151         $this->bp::set_current_user( $this->user );
     151        wp_set_current_user( $this->user );
    152152
    153153        $notification_id = $this->bp::factory()->notification->create( array( 'user_id' => $this->user ) );
     
    185185        );
    186186
    187         $this->bp::set_current_user( $this->user );
     187        wp_set_current_user( $this->user );
    188188
    189189        $request = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', $notification_id ) );
     
    219219        );
    220220
    221         $this->bp::set_current_user( $this->user );
     221        wp_set_current_user( $this->user );
    222222
    223223        $request = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', $notification_id ) );
     
    249249        $blog_title = 'The Foo Bar Blog';
    250250
    251         $this->bp::set_current_user( $this->user );
     251        wp_set_current_user( $this->user );
    252252
    253253        $blog_id = self::factory()->blog->create(
     
    303303        $u               = static::factory()->user->create();
    304304
    305         $this->bp::set_current_user( $u );
     305        wp_set_current_user( $u );
    306306
    307307        $request = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', $notification_id ) );
     
    316316     */
    317317    public function test_create_item() {
    318         $this->bp::set_current_user( $this->user );
     318        wp_set_current_user( $this->user );
    319319
    320320        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    333333     */
    334334    public function test_rest_create_item() {
    335         $this->bp::set_current_user( $this->user );
     335        wp_set_current_user( $this->user );
    336336
    337337        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    366366    public function test_create_item_user_cannot_create() {
    367367        $u = static::factory()->user->create();
    368         $this->bp::set_current_user( $u );
     368        wp_set_current_user( $u );
    369369
    370370        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    385385        $notification_id = $this->bp::factory()->notification->create( $this->set_notification_data() );
    386386
    387         $this->bp::set_current_user( $this->user );
     387        wp_set_current_user( $this->user );
    388388
    389389        $request = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', $notification_id ) );
     
    409409     */
    410410    public function test_update_item_invalid_id() {
    411         $this->bp::set_current_user( $this->user );
     411        wp_set_current_user( $this->user );
    412412
    413413        $request = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    440440
    441441        $u = static::factory()->user->create();
    442         $this->bp::set_current_user( $u );
     442        wp_set_current_user( $u );
    443443
    444444        $request = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', $notification_id ) );
     
    455455        $notification_id = $this->bp::factory()->notification->create( $this->set_notification_data() );
    456456
    457         $this->bp::set_current_user( $this->user );
     457        wp_set_current_user( $this->user );
    458458
    459459        $request = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', $notification_id ) );
     
    476476
    477477        $this->assertEquals( $notification_id, $notification->id );
    478         $this->bp::set_current_user( $this->user );
     478        wp_set_current_user( $this->user );
    479479
    480480        $request = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', $notification_id ) );
     
    495495     */
    496496    public function test_delete_item_invalid_id() {
    497         $this->bp::set_current_user( $this->user );
     497        wp_set_current_user( $this->user );
    498498
    499499        $request = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    522522
    523523        $u = static::factory()->user->create();
    524         $this->bp::set_current_user( $u );
     524        wp_set_current_user( $u );
    525525
    526526        $request = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', $notification_id ) );
     
    535535     */
    536536    public function test_prepare_item() {
    537         $this->bp::set_current_user( $this->user );
     537        wp_set_current_user( $this->user );
    538538
    539539        $notification = $this->endpoint->get_notification_object( $this->notification_id );
     
    672672        );
    673673
    674         $this->bp::set_current_user( $this->user );
     674        wp_set_current_user( $this->user );
    675675        $expected = 'bar_value';
    676676
     
    719719
    720720        $notification_id = $this->bp::factory()->notification->create( $this->set_notification_data() );
    721         $this->bp::set_current_user( $this->user );
     721        wp_set_current_user( $this->user );
    722722        $expected = 'foo_value';
    723723
Note: See TracChangeset for help on using the changeset viewer.