Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
11/03/2024 06:19:06 PM (14 months ago)
Author:
espellcaste
Message:

A user is no longer de-authenticated when making REST API requests.

We are introducing a new BP_LoggedIn_User class to fetch data about a BuddyPress logged-in user. This new addition fixes an issue where a user could be de-authenticated when making REST API requests.

Props dcavins, DJPaul, johnjamesjacoby, and imath.

Closes https://github.com/buddypress/buddypress/pull/395
See #9229 and #9145
Fixes #7658

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/phpunit/testcases/xprofile/test-xprofile-field-controller.php

    r14026 r14070  
    3535     */
    3636    public function test_get_items() {
    37         $this->bp::set_current_user( $this->user );
     37        wp_set_current_user( $this->user );
    3838
    3939        $this->bp::factory()->xprofile_field->create_many( 5, array( 'field_group_id' => $this->group_id ) );
     
    121121     */
    122122    public function test_get_item() {
    123         $this->bp::set_current_user( $this->user );
     123        wp_set_current_user( $this->user );
    124124
    125125        $field = $this->endpoint->get_xprofile_field_object( $this->field_id );
     
    179179     */
    180180    public function test_get_item_with_invalid_id() {
    181         $this->bp::set_current_user( $this->user );
     181        wp_set_current_user( $this->user );
    182182
    183183        $request = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    192192     */
    193193    public function test_create_item() {
    194         $this->bp::set_current_user( $this->user );
     194        wp_set_current_user( $this->user );
    195195
    196196        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    210210     */
    211211    public function test_rest_create_item() {
    212         $this->bp::set_current_user( $this->user );
     212        wp_set_current_user( $this->user );
    213213
    214214        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    228228     */
    229229    public function test_create_item_with_without_required_field() {
    230         $this->bp::set_current_user( $this->user );
     230        wp_set_current_user( $this->user );
    231231
    232232        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    246246     */
    247247    public function test_create_item_with_invalid_type() {
    248         $this->bp::set_current_user( $this->user );
     248        wp_set_current_user( $this->user );
    249249
    250250        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    281281        $u = static::factory()->user->create();
    282282
    283         $this->bp::set_current_user( $u );
     283        wp_set_current_user( $u );
    284284
    285285        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    299299    public function test_update_item() {
    300300        $new_name = 'Updated name';
    301         $this->bp::set_current_user( $this->user );
     301        wp_set_current_user( $this->user );
    302302
    303303        $request = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', $this->field_id ) );
     
    331331     */
    332332    public function test_update_item_invalid_id() {
    333         $this->bp::set_current_user( $this->user );
     333        wp_set_current_user( $this->user );
    334334
    335335        $request = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    363363    public function test_update_item_without_permission() {
    364364        $u = static::factory()->user->create();
    365         $this->bp::set_current_user( $u );
     365        wp_set_current_user( $u );
    366366
    367367        $request = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', $this->field_id ) );
     
    379379     */
    380380    public function test_delete_item() {
    381         $this->bp::set_current_user( $this->user );
     381        wp_set_current_user( $this->user );
    382382
    383383        $field = $this->endpoint->get_xprofile_field_object( $this->field_id );
     
    400400     */
    401401    public function test_delete_item_invalid_id() {
    402         $this->bp::set_current_user( $this->user );
     402        wp_set_current_user( $this->user );
    403403
    404404        $request = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    425425    public function test_delete_item_without_permission() {
    426426        $u = static::factory()->user->create();
    427         $this->bp::set_current_user( $u );
     427        wp_set_current_user( $u );
    428428
    429429        $request = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', $this->field_id ) );
     
    438438     */
    439439    public function test_prepare_item() {
    440         $this->bp::set_current_user( $this->user );
     440        wp_set_current_user( $this->user );
    441441
    442442        $field = $this->endpoint->get_xprofile_field_object( $this->field_id );
     
    476476        );
    477477
    478         $this->bp::set_current_user( $this->user );
     478        wp_set_current_user( $this->user );
    479479        $expected = 'bar_field_value';
    480480
     
    522522        );
    523523
    524         $this->bp::set_current_user( $this->user );
     524        wp_set_current_user( $this->user );
    525525
    526526        $expected = 'foo_field_value';
Note: See TracChangeset for help on using the changeset viewer.