Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
11/03/2024 06:19:06 PM (9 months ago)
Author:
espellcaste
Message:

A user is no longer de-authenticated when making REST API requests.

We are introducing a new BP_LoggedIn_User class to fetch data about a BuddyPress logged-in user. This new addition fixes an issue where a user could be de-authenticated when making REST API requests.

Props dcavins, DJPaul, johnjamesjacoby, and imath.

Closes https://github.com/buddypress/buddypress/pull/395
See #9229 and #9145
Fixes #7658

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/phpunit/testcases/xprofile/test-xprofile-group-controller.php

    r14026 r14070  
    3333     */
    3434    public function test_get_items() {
    35         $this->bp::set_current_user( $this->user );
     35        wp_set_current_user( $this->user );
    3636
    3737        $this->bp::factory()->xprofile_group->create_many( 5 );
     
    7272     */
    7373    public function test_get_items_include_groups() {
    74         $this->bp::set_current_user( $this->user );
     74        wp_set_current_user( $this->user );
    7575
    7676        $g1 = $this->bp::factory()->xprofile_group->create();
     
    125125     */
    126126    public function test_get_item() {
    127         $this->bp::set_current_user( $this->user );
     127        wp_set_current_user( $this->user );
    128128
    129129        $field_group = $this->endpoint->get_xprofile_field_group_object( $this->group_id );
     
    181181     */
    182182    public function test_get_item_invalid_id() {
    183         $this->bp::set_current_user( $this->user );
     183        wp_set_current_user( $this->user );
    184184
    185185        $request = new WP_REST_Request( 'GET', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    194194     */
    195195    public function test_create_item() {
    196         $this->bp::set_current_user( $this->user );
     196        wp_set_current_user( $this->user );
    197197
    198198        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    211211     */
    212212    public function test_rest_create_item() {
    213         $this->bp::set_current_user( $this->user );
     213        wp_set_current_user( $this->user );
    214214
    215215        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    242242    public function test_create_item_user_without_permission() {
    243243        $u = static::factory()->user->create();
    244         $this->bp::set_current_user( $u );
     244        wp_set_current_user( $u );
    245245
    246246        $request = new WP_REST_Request( 'POST', $this->endpoint_url );
     
    259259    public function test_update_item() {
    260260        $new_name = 'Updated name';
    261         $this->bp::set_current_user( $this->user );
     261        wp_set_current_user( $this->user );
    262262
    263263        $request = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', $this->group_id ) );
     
    279279     */
    280280    public function test_update_item_invalid_id() {
    281         $this->bp::set_current_user( $this->user );
     281        wp_set_current_user( $this->user );
    282282
    283283        $request  = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    302302    public function test_update_item_without_permission() {
    303303        $u = static::factory()->user->create();
    304         $this->bp::set_current_user( $u );
     304        wp_set_current_user( $u );
    305305
    306306        $request  = new WP_REST_Request( 'PUT', sprintf( $this->endpoint_url . '/%d', $this->group_id ) );
     
    314314     */
    315315    public function test_delete_item() {
    316         $this->bp::set_current_user( $this->user );
     316        wp_set_current_user( $this->user );
    317317
    318318        $field_group = $this->endpoint->get_xprofile_field_group_object( $this->group_id );
     
    335335     */
    336336    public function test_delete_item_invalid_id() {
    337         $this->bp::set_current_user( $this->user );
     337        wp_set_current_user( $this->user );
    338338
    339339        $request  = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', REST_TESTS_IMPOSSIBLY_HIGH_NUMBER ) );
     
    358358    public function test_delete_item_without_permission() {
    359359        $u = static::factory()->user->create();
    360         $this->bp::set_current_user( $u );
     360        wp_set_current_user( $u );
    361361
    362362        $request  = new WP_REST_Request( 'DELETE', sprintf( $this->endpoint_url . '/%d', $this->group_id ) );
     
    370370     */
    371371    public function test_prepare_item() {
    372         $this->bp::set_current_user( $this->user );
     372        wp_set_current_user( $this->user );
    373373
    374374        $group = $this->endpoint->get_xprofile_field_group_object( $this->group_id );
     
    479479        );
    480480
    481         $this->bp::set_current_user( $this->user );
     481        wp_set_current_user( $this->user );
    482482        $expected = 'bar_group_value';
    483483
     
    525525        );
    526526
    527         $this->bp::set_current_user( $this->user );
     527        wp_set_current_user( $this->user );
    528528        $expected = 'foo_group_value';
    529529
Note: See TracChangeset for help on using the changeset viewer.