tmdinosaurcenter
/
tainacan
mirror of https://github.com/tainacan/tainacan
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tnc_col_edit_users, get_capablities endpoint #274

This commit is contained in:
leogermani 2019-11-05 17:07:38 -03:00
parent 57d89a8351
commit 7a8dc9c474
3 changed files with 309 additions and 111 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

171
src/api/endpoints/class-tainacan-rest-roles-controller.php
View File

@ -58,23 +58,6 @@ class REST_Roles_Controller extends REST_Controller {
'methods' => \WP_REST_Server::EDITABLE,
'callback' => array($this, 'update_item'),
'permission_callback' => array($this, 'update_item_permissions_check'),
'args' => array(
'name' => array(
'description' => __('New role name', 'tainacan'),
'type' => 'string',
'required' => false
),
'add_cap' => array(
'description' => __('Slug of the capability to be added to the role', 'tainacan'),
'type' => 'string',
'required' => false
),
'remove_cap' => array(
'description' => __('Slug of the capability to be removed from the role', 'tainacan'),
'type' => 'string',
'required' => false
),
)
),
array(
'methods' => \WP_REST_Server::READABLE,
@ -84,12 +67,39 @@ class REST_Roles_Controller extends REST_Controller {
'schema' => [$this, 'get_schema']
));
register_rest_route(
$this->namespace, '/collection/(?P<collection_id>[\d]+)/' . $this->rest_base,
$this->namespace, '/collection/(?P<collection_id>[\d]+)/capabilities',
array(
array(
'methods' => \WP_REST_Server::READABLE,
'callback' => array($this, 'get_collection_roles'),
'permission_callback' => array($this, 'get_collection_roles_permissions_check'),
'callback' => array($this, 'get_capabilities'),
'permission_callback' => array($this, 'get_capabilities_permissions_check'),
)
));
register_rest_route(
$this->namespace, '/capabilities',
array(
array(
'methods' => \WP_REST_Server::READABLE,
'callback' => array($this, 'get_capabilities'),
'permission_callback' => array($this, 'get_capabilities_permissions_check'),
'args' => array(
'filter' => array(
'description' => __('Filter', 'tainacan'),
'type' => 'enum',
'required' => false,
''
),
'add_cap' => array(
'description' => __('Slug of the capability to be added to the role', 'tainacan'),
'type' => 'string',
'required' => false
),
'remove_cap' => array(
'description' => __('Slug of the capability to be removed from the role', 'tainacan'),
'type' => 'string',
'required' => false
),
)
)
));
}
@ -204,17 +214,6 @@ class REST_Roles_Controller extends REST_Controller {
$role_slug = $request['role'];
// avoid confusion ...
if ( in_array($role_slug, $this->core_roles) ) {
return new \WP_REST_Response([
'error_message' => __('This role name is protected.', 'tainacan'),
'error' => $name
], 400);
}
// ... even though it could work
$role_slug = 0 === \strpos($role_slug, 'tainacan-') ? $role_slug : 'tainacan-' . $role_slug;
// check if role exists
// get the role from roles array that contains the display_name
$roles = \wp_roles()->roles;
@ -228,6 +227,7 @@ class REST_Roles_Controller extends REST_Controller {
$role = $roles[$role_slug];
if ( isset($request['name']) ) {
$name = esc_html( esc_sql( $request['name'] ) );
// the slug remains the same
\wp_roles()->roles[$role_slug]['name'] = $name;
@ -247,9 +247,7 @@ class REST_Roles_Controller extends REST_Controller {
\wp_roles()->add_cap($role_slug, $request['add_cap']);
\tainacan_roles()->add_dependencies($role_slug, $request['add_cap']);
}
if ( isset($request['remove_cap']) ) {
} elseif ( isset($request['remove_cap']) ) {
// validate that we only deal with tainacan capabilities
if ( ! in_array( \tainacan_roles()->get_cap_generic_name($request['remove_cap']) , \tainacan_roles()->get_all_caps_slugs() ) ) {
return new \WP_REST_Response([
@ -270,7 +268,32 @@ class REST_Roles_Controller extends REST_Controller {
* @return bool|\WP_Error
*/
public function update_item_permissions_check( $request ) {
return current_user_can('tnc_rep_edit_users');
if ( current_user_can('tnc_rep_edit_users') ) {
return true;
}
if ( !isset($request['name']) ) {
$return = true;
$cap = '';
if ( isset($request['add_cap']) ) {
$return = in_array( \tainacan_roles()->get_cap_generic_name($request['add_cap']), \tainacan_roles()->get_collection_caps_slugs());
$cap = $request['add_cap'];
} elseif ( isset($request['remove_cap']) ) {
$return = in_array( \tainacan_roles()->get_cap_generic_name($request['remove_cap']), \tainacan_roles()->get_collection_caps_slugs());
$cap = $request['remove_cap'];
}
if ($return) {
$collection_id = preg_replace('/[a-z_]/', '', $cap);
if ( is_numeric($collection_id) ) {
return current_user_can('tnc_col_' . $collection_id . '_edit_users');
}
}
}
return false;
}
/**
@ -312,7 +335,7 @@ class REST_Roles_Controller extends REST_Controller {
* @return bool|\WP_Error
*/
public function get_items_permissions_check( $request ) {
return current_user_can('tnc_rep_edit_users');
return current_user_can('read');
}
/**
@ -352,8 +375,14 @@ class REST_Roles_Controller extends REST_Controller {
*
* @return bool|\WP_Error
*/
public function get_collection_roles_permissions_check( $request ) {
return current_user_can('tnc_rep_edit_users');
public function get_capabilities_permissions_check( $request ) {
if ( current_user_can('tnc_rep_edit_users') ) {
return true;
}
if ( isset($request['collection_id']) ) {
return current_user_can( 'tnc_col_' . $request['collection_id'] . '_edit_users' );
}
return false;
}
/**
@ -361,45 +390,75 @@ class REST_Roles_Controller extends REST_Controller {
*
* @return \WP_Error|\WP_REST_Response
*/
public function get_collection_roles( $request ) {
public function get_capabilities( $request ) {
$collection_id = $request['collection_id'];
$collection_id = isset($request['collection_id']) ? $request['collection_id'] : false;
$roles = \wp_roles()->roles;
$caps = \tainacan_roles()->get_all_caps();
$col_caps = [];
foreach ($caps as $cap => $c) {
if ( \strpos($cap, 'tnc_col_') === 0 || \strpos($cap, 'manage_tainacan_collection_') === 0 ) {
$col_caps[$cap] = $c;
$caps_return = [];
if ($collection_id) {
$col_caps = [];
foreach ($caps as $cap => $c) {
if ( \strpos($cap, 'tnc_col_') === 0 || \strpos($cap, 'manage_tainacan_collection_') === 0 ) {
$col_caps[$cap] = $c;
}
}
$caps = $col_caps;
}
foreach ($col_caps as $cap => $c) {
$col_caps[$cap]['roles'] = [];
foreach ($caps as $cap => $c) {
$realcap = $cap;
if ($collection_id) {
$realcap = str_replace('%d', $collection_id, $cap);
}
$caps_return[$realcap] = $caps[$cap];
$caps_return[$realcap]['roles'] = [];
$caps_return[$realcap]['roles_inherited'] = [];
foreach ($roles as $slug => $role) {
// capabilities we are looking for
$caps_aliases = [
str_replace('%d', $collection_id, $cap),
str_replace('%d', 'all', $cap)
];
foreach ($caps_aliases as $alias) {
if ( array_key_exists($alias, $role['capabilities']) ) {
$col_caps[$cap]['roles'][$slug] = [
if ( array_key_exists($realcap, $role['capabilities']) ) {
$caps_return[$realcap]['roles'][$slug] = [
'slug' => $slug,
'name' => translate_user_role($role['name']),
];
}
// inherited roles
$supercaps = [];
if ( ( $cap == 'manage_tainacan_collection_%d' || \strpos($cap, 'tnc_col_') === 0 ) && $collection_id ) {
$supercaps = [
'manage_tainacan_collection_all',
'manage_tainacan_collection_' . $collection_id,
str_replace('%d', 'all', $cap)
];
}
$supercaps[] = 'manage_tainacan';
foreach ($supercaps as $supercap) {
if ( array_key_exists($supercap, $role['capabilities']) ) {
$caps_return[$realcap]['roles_inherited'][$slug] = [
'slug' => $slug,
'name' => translate_user_role($role['name']),
];
break;
}
} // for each alias
} // for each supercaps
} // for each role
} // for each cap
return new \WP_REST_Response(['capabilities' => $col_caps], 200);
return new \WP_REST_Response(['capabilities' => $caps_return], 200);
}

120
src/classes/class-tainacan-roles.php
View File

@ -37,74 +37,91 @@ class Roles {
$this->capabilities = [
'manage_tainacan' => [
'display_name' => __('Manage Tainacan', 'tainacan'),
'description' => __('Manage all Tainacan features and all Collections', 'tainacan')
'description' => __('Manage all Tainacan features and all Collections', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_edit_users' => [
'display_name' => __('Manage Users', 'tainacan'),
'description' => __('Manage users roles and permissions', 'tainacan')
'description' => __('Manage users roles and permissions', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_edit_collections' => [
'display_name' => __('Create Collections', 'tainacan'),
'description' => __('Create new collections to the repository and edit its details', 'tainacan'),
'dependencies' => [
'upload_files'
]
],
'scope' => 'repository'
],
'tnc_rep_delete_collections' => [
'display_name' => __('Delete Collections', 'tainacan'),
'description' => __('Delete their own collections from the repository', 'tainacan')
'description' => __('Delete their own collections from the repository', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_edit_taxonomies' => [
'display_name' => __('Create and edit taxonomies', 'tainacan'),
'description' => __('Create new taxonomies and edit its terms', 'tainacan')
'description' => __('Create new taxonomies and edit its terms', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_edit_others_taxonomies' => [
'display_name' => __('Edit all Taxonomies', 'tainacan'),
'description' => __('Edit all taxonomies and terms, including taxonomies created by other users', 'tainacan')
'description' => __('Edit all taxonomies and terms, including taxonomies created by other users', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_delete_taxonomies' => [
'display_name' => __('Delete Taxonomies', 'tainacan'),
'description' => __('Delete taxonomies', 'tainacan')
'description' => __('Delete taxonomies', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_delete_others_taxonomies' => [
'display_name' => __('Delete all Taxonomies', 'tainacan'),
'description' => __('Delete all taxonomies and terms, including taxonomies created by other users', 'tainacan')
'description' => __('Delete all taxonomies and terms, including taxonomies created by other users', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_edit_metadata' => [
'display_name' => __('Manage Repository Metadata', 'tainacan'),
'description' => __('Create/edit metadata in repository level', 'tainacan')
'description' => __('Create/edit metadata in repository level', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_edit_filters' => [
'display_name' => __('Manage Repository Filters', 'tainacan'),
'description' => __('Create/edit filters in repository level', 'tainacan')
'description' => __('Create/edit filters in repository level', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_delete_metadata' => [
'display_name' => __('Delete Repository Metadata', 'tainacan'),
'description' => __('Delete metadata in repository level', 'tainacan')
'description' => __('Delete metadata in repository level', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_delete_filters' => [
'display_name' => __('Delete Repository Filters', 'tainacan'),
'description' => __('Delete filters in repository level', 'tainacan')
'description' => __('Delete filters in repository level', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_read_private_collections' => [
'display_name' => __('View private collections', 'tainacan'),
'description' => __('Access to view and browse private collections', 'tainacan')
'description' => __('Access to view and browse private collections', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_read_private_taxonomies' => [
'display_name' => __('View private taxonomies', 'tainacan'),
'description' => __('Access to private taxonomies information', 'tainacan')
'description' => __('Access to private taxonomies information', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_read_private_metadata' => [
'display_name' => __('View private repository metadata', 'tainacan'),
'description' => __('Access to private metadata in repository level', 'tainacan')
'description' => __('Access to private metadata in repository level', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_read_private_filters' => [
'display_name' => __('View private repository filters', 'tainacan'),
'description' => __('Access to private filters in repository level', 'tainacan')
'description' => __('Access to private filters in repository level', 'tainacan'),
'scope' => 'repository'
],
'tnc_rep_read_logs' => [
'display_name' => __('View Logs', 'tainacan'),
'description' => __('Access to activities logs. Note that activity logs might contain information on private collections, items and metadata.', 'tainacan')
'description' => __('Access to activities logs. Note that activity logs might contain information on private collections, items and metadata.', 'tainacan'),
'scope' => 'repository'
],
/**
@ -114,79 +131,100 @@ class Roles {
*/
'manage_tainacan_collection_%d' => [
'display_name' => __('Manage Collection', 'tainacan'),
'description' => __('Manage all collection settings, items, metadata, filters, etc.', 'tainacan')
'description' => __('Manage all collection settings, items, metadata, filters, etc.', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_edit_users' => [
'display_name' => __('Edit users permissions', 'tainacan'),
'description' => __('Configure which roles and users have permission to perform actions in this collection', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_bulk_edit' => [
'display_name' => __('Bulk edit items', 'tainacan'),
'description' => __('Access to the Bulk edit items feature.', 'tainacan')
'description' => __('Access to the Bulk edit items feature.', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_edit_metadata' => [
'display_name' => __('Manage metadata', 'tainacan'),
'description' => __('Create/edit metadata in this collection', 'tainacan')
'description' => __('Create/edit metadata in this collection', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_edit_filters' => [
'display_name' => __('Manage filters', 'tainacan'),
'description' => __('Create/edit filters in this collection', 'tainacan')
'description' => __('Create/edit filters in this collection', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_delete_metadata' => [
'display_name' => __('Delete metadata', 'tainacan'),
'description' => __('Delete metadata in this collection', 'tainacan')
'description' => __('Delete metadata in this collection', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_delete_filters' => [
'display_name' => __('Delete filters', 'tainacan'),
'description' => __('Delete filters in this collection', 'tainacan')
'description' => __('Delete filters in this collection', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_read_private_metadata' => [
'display_name' => __('View private metadata', 'tainacan'),
'description' => __('Access private metadata in this collection', 'tainacan')
'description' => __('Access private metadata in this collection', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_read_private_filters' => [
'display_name' => __('View private filters', 'tainacan'),
'description' => __('Access private filters in this collection', 'tainacan')
'description' => __('Access private filters in this collection', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_read_private_items' => [
'display_name' => __('View private items', 'tainacan'),
'description' => __('Access to view private items in this collection', 'tainacan')
'description' => __('Access to view private items in this collection', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_edit_items' => [
'display_name' => __('Edit items', 'tainacan'),
'description' => __('Create and edit items in this collection', 'tainacan'),
'dependencies' => [
'upload_files'
]
],
'scope' => 'collection'
],
'tnc_col_%d_publish_items' => [
'display_name' => __('Publish items', 'tainacan'),
'description' => __('Publish items in this collection', 'tainacan'),
'dependencies' => [
'upload_files'
]
],
'scope' => 'collection'
],
'tnc_col_%d_edit_others_items' => [
'display_name' => __('Edit others items', 'tainacan'),
'description' => __('Edit items created by other users in this collection', 'tainacan'),
'dependencies' => [
'upload_files'
]
],
'scope' => 'collection'
],
'tnc_col_%d_edit_published_items' => [
'display_name' => __('Edit published items', 'tainacan'),
'description' => __('Edit items in this collection after they are published', 'tainacan'),
'dependencies' => [
'upload_files'
]
],
'scope' => 'collection'
],
'tnc_col_%d_delete_items' => [
'display_name' => __('Delete items', 'tainacan'),
'description' => __('Delete items in this collection', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_delete_others_items' => [
'display_name' => __('Delete others items', 'tainacan'),
'description' => __('Delete items created by other users in this collection', 'tainacan'),
'scope' => 'collection'
],
'tnc_col_%d_delete_published_items' => [
'display_name' => __('Delete published items', 'tainacan'),
'description' => __('Delete items in this collection after they are published', 'tainacan'),
'scope' => 'collection'
],
@ -284,8 +322,24 @@ class Roles {
return $this->capabilities;
}
public function get_collection_caps() {
return array_filter( $this->get_all_caps(), function($el) { return $el['scope'] == 'collection'; } );
}
public function get_repository_caps() {
return array_filter( $this->get_all_caps(), function($el) { return $el['scope'] == 'repository'; } );
}
public function get_all_caps_slugs() {
return array_keys($this->capabilities);
return array_keys($this->get_all_caps());
}
public function get_collection_caps_slugs() {
return array_keys($this->get_collection_caps());
}
public function get_repository_caps_slugs() {
return array_keys($this->get_repository_caps());
}
public function init_default_roles() {
@ -316,8 +370,8 @@ class Roles {
* @return string Capability slug as in the keys of $this->capabilities
*/
public function get_cap_generic_name($cap) {
$cap = preg_replace('/^(.+_)[0-9]+(_.+)$/', '${1}%d${2}', $cap);
$cap = preg_replace('/^(.+_)all(_.+)$/', '${1}%d${2}', $cap);
$cap = preg_replace('/^(.+_)[0-9]+(_.+)?$/', '${1}%d${2}', $cap);
$cap = preg_replace('/^(.+_)all(_.+)?$/', '${1}%d${2}', $cap);
return $cap;
}

129
tests/test-api-roles.php
View File

@ -8,16 +8,6 @@ namespace Tainacan\Tests;
*/
class TAINACAN_REST_Roles_Controller extends TAINACAN_UnitApiTestCase {
/**
* just while we dont refactor capabilities
*/
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
$role = get_role('administrator');
$role->add_cap('tnc_rep_edit_users');
global $current_user;
$current_user->get_role_caps();
}
public function setUp() {
parent::setUp();
@ -83,7 +73,7 @@ class TAINACAN_REST_Roles_Controller extends TAINACAN_UnitApiTestCase {
//var_dump($create);
$this->assertEquals( 201, $create->get_status() );
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/new-role');
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/tainacan-new-role');
$request->set_query_params(
[
@ -101,7 +91,7 @@ class TAINACAN_REST_Roles_Controller extends TAINACAN_UnitApiTestCase {
$this->assertTrue($role['capabilities']['tnc_rep_edit_collections']);
$this->assertEquals('Changed name', $role['name']);
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/new-role');
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/tainacan-new-role');
$request->set_query_params(
[
@ -113,6 +103,18 @@ class TAINACAN_REST_Roles_Controller extends TAINACAN_UnitApiTestCase {
$this->assertEquals( 400, $response->get_status() );
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/tainacan-new-role');
$request->set_query_params(
[
'add_cap' => 'manage_tainacan_collection_234'
]
);
$response = $this->server->dispatch($request);
$this->assertEquals( 200, $response->get_status() );
}
public function test_get_role() {
@ -154,7 +156,7 @@ class TAINACAN_REST_Roles_Controller extends TAINACAN_UnitApiTestCase {
//var_dump($create);
$this->assertEquals( 201, $create->get_status() );
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/new-role');
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/tainacan-new-role');
$request->set_query_params(
[
@ -175,7 +177,7 @@ class TAINACAN_REST_Roles_Controller extends TAINACAN_UnitApiTestCase {
$this->assertTrue($role['capabilities']['upload_files']);
}
public function test_get_collection_roles() {
public function test_get_collection_caps() {
$collection = $this->tainacan_entity_factory->create_entity(
'collection',
@ -200,24 +202,107 @@ class TAINACAN_REST_Roles_Controller extends TAINACAN_UnitApiTestCase {
$contributor->add_cap( 'tnc_col_all_edit_published_items' );
$request = new \WP_REST_Request('GET', $this->namespace . '/collection/' . $collection->get_id() . '/roles');
$request = new \WP_REST_Request('GET', $this->namespace . '/collection/' . $collection->get_id() . '/capabilities');
$response = $this->server->dispatch($request);
//var_dump($create);
$this->assertEquals( 200, $response->get_status() );
$caps = $response->get_data()['capabilities'];
$this->assertArrayHasKey('editor', $caps['manage_tainacan_collection_%d']['roles']);
$this->assertArrayHasKey('editor', $caps['manage_tainacan_collection_' . $collection->get_id()]['roles']);
$this->assertArrayHasKey('author', $caps['tnc_col_%d_edit_items']['roles']);
$this->assertArrayHasKey('author', $caps['tnc_col_%d_edit_metadata']['roles']);
$this->assertArrayHasKey('author', $caps['tnc_col_%d_edit_filters']['roles']);
$this->assertArrayHasKey('author', $caps['tnc_col_' . $collection->get_id() . '_edit_items']['roles']);
$this->assertArrayHasKey('author', $caps['tnc_col_' . $collection->get_id() . '_edit_metadata']['roles']);
$this->assertArrayHasKey('author', $caps['tnc_col_' . $collection->get_id() . '_edit_filters']['roles']);
$this->assertArrayHasKey('contributor', $caps['tnc_col_%d_edit_items']['roles']);
$this->assertArrayHasKey('contributor', $caps['tnc_col_%d_edit_published_items']['roles']);
$this->assertArrayHasKey('contributor', $caps['tnc_col_' . $collection->get_id() . '_edit_items']['roles_inherited']);
$this->assertArrayHasKey('contributor', $caps['tnc_col_' . $collection->get_id() . '_edit_published_items']['roles_inherited']);
$this->assertArrayHasKey('administrator', $caps['tnc_col_' . $collection->get_id() . '_delete_published_items']['roles_inherited']);
}
function test_get_repo_capabilities() {
$role = add_role('test', 'test', ['tnc_rep_edit_metadata'=>true]);
$request = new \WP_REST_Request('GET', $this->namespace . '/capabilities');
$response = $this->server->dispatch($request);
$this->assertEquals( 200, $response->get_status() );
$caps = $response->get_data()['capabilities'];
$this->assertArrayHasKey('editor', $caps['manage_tainacan']['roles']);
$this->assertArrayHasKey('administrator', $caps['manage_tainacan']['roles']);
$this->assertArrayHasKey('test', $caps['tnc_rep_edit_metadata']['roles']);
$this->assertArrayHasKey('editor', $caps['tnc_rep_edit_metadata']['roles_inherited']);
}
function test_edit_collection_users_permission() {
global $current_user;
$subscriber = $this->factory()->user->create(array( 'role' => 'subscriber' ));
wp_set_current_user($subscriber);
$sub_user = get_userdata( $subscriber );
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/contributor');
$request->set_query_params(
[
'name' => 'Changed name',
'add_cap' => 'tnc_col_12_edit_items'
]
);
$response = $this->server->dispatch($request);
$this->assertEquals( 403, $response->get_status(), 'should not be permitted');
$sub_user->add_cap('tnc_col_12_edit_users');
$current_user = $sub_user;
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/contributor');
$request->set_query_params(
[
'name' => 'Changed name',
'add_cap' => 'tnc_col_12_edit_items'
]
);
$response = $this->server->dispatch($request);
$this->assertEquals( 403, $response->get_status(), 'should still not be permitted because edits name');
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/contributor');
$request->set_query_params(
[
'add_cap' => 'tnc_rep_edit_metadata'
]
);
$response = $this->server->dispatch($request);
$this->assertEquals( 403, $response->get_status(), 'should not be permitted');
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/contributor');
$request->set_query_params(
[
'add_cap' => 'tnc_col_12_edit_items'
]
);
$response = $this->server->dispatch($request);
$this->assertEquals( 200, $response->get_status(), 'should be permitted');
}