diff --git a/src/api/endpoints/class-tainacan-rest-collections-controller.php b/src/api/endpoints/class-tainacan-rest-collections-controller.php index 697bfe663..b606b8dcd 100644 --- a/src/api/endpoints/class-tainacan-rest-collections-controller.php +++ b/src/api/endpoints/class-tainacan-rest-collections-controller.php @@ -133,7 +133,11 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller { * @return bool|WP_Error */ public function get_items_permissions_check($request){ - return true; + if(current_user_can('read')){ + return true; + } + + return false; } /** @@ -143,7 +147,11 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller { * @return bool|WP_Error */ public function get_item_permissions_check($request){ - return true; + if(current_user_can('read')){ + return true; + } + + return false; } /** @@ -184,7 +192,11 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller { * @return bool|WP_Error */ public function create_item_permissions_check( $request ) { - return true; + if(current_user_can('edit_posts')){ + return true; + } + + return false; } /** @@ -232,7 +244,11 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller { * @return bool|WP_Error */ public function delete_item_permissions_check( $request ) { - return true; + if(current_user_can('delete_posts')){ + return true; + } + + return false; } /** @@ -255,7 +271,11 @@ class TAINACAN_REST_Collections_Controller extends WP_REST_Controller { * @return bool|WP_Error */ public function update_item_permissions_check( $request ) { - return true; + if(current_user_can('edit_posts')){ + return true; + } + + return false; } public function get_collection_params() { diff --git a/src/api/endpoints/class-tainacan-rest-items-controller.php b/src/api/endpoints/class-tainacan-rest-items-controller.php index 26adb96a5..e45906889 100644 --- a/src/api/endpoints/class-tainacan-rest-items-controller.php +++ b/src/api/endpoints/class-tainacan-rest-items-controller.php @@ -132,7 +132,11 @@ class TAINACAN_REST_Items_Controller extends WP_REST_Controller { * @return bool|WP_Error */ public function get_item_permissions_check( $request ) { - return true; + if(current_user_can('read')){ + return true; + } + + return false; } /** @@ -210,7 +214,11 @@ class TAINACAN_REST_Items_Controller extends WP_REST_Controller { * @return bool|WP_Error */ public function create_item_permissions_check( $request ) { - return true; + if(current_user_can('edit_posts')){ + return true; + } + + return false; } /** @@ -237,7 +245,11 @@ class TAINACAN_REST_Items_Controller extends WP_REST_Controller { * @return bool|WP_Error */ public function delete_item_permissions_check( $request ) { - return true; + if(current_user_can('delete_posts')){ + return true; + } + + return false; } } diff --git a/src/api/endpoints/class-tainacan-rest-metadata-controller.php b/src/api/endpoints/class-tainacan-rest-metadata-controller.php index 397f427a9..560d5d263 100644 --- a/src/api/endpoints/class-tainacan-rest-metadata-controller.php +++ b/src/api/endpoints/class-tainacan-rest-metadata-controller.php @@ -160,7 +160,11 @@ class TAINACAN_REST_Metadata_Controller extends WP_REST_Controller { } public function create_item_permissions_check( $request ) { - return true; + if(current_user_can('edit_posts')){ + return true; + } + + return false; } public function prepare_item_for_response( $item, $request ) { @@ -204,11 +208,19 @@ class TAINACAN_REST_Metadata_Controller extends WP_REST_Controller { } public function get_item_permissions_check( $request ) { - return true; + if(current_user_can('read')){ + return true; + } + + return false; } public function get_items_permissions_check( $request ) { - return true; + if(current_user_can('read')){ + return true; + } + + return false; } public function get_collection_params() { @@ -227,7 +239,11 @@ class TAINACAN_REST_Metadata_Controller extends WP_REST_Controller { } public function delete_item_permissions_check( $request ) { - return parent::delete_item_permissions_check( $request ); // TODO: Change the autogenerated stub + if(current_user_can('delete_posts')){ + return true; + } + + return false; } } diff --git a/src/classes/repositories/class-tainacan-logs.php b/src/classes/repositories/class-tainacan-logs.php index 8a20364db..e88f2bf03 100644 --- a/src/classes/repositories/class-tainacan-logs.php +++ b/src/classes/repositories/class-tainacan-logs.php @@ -203,6 +203,6 @@ class Logs extends Repository { } $msn = apply_filters('tainacan-insert-log-message-title', $msn, $type, $new_value); - Entities\Log::create($msn, '', $new_value, $value); + Entities\Log::create($msn, 'empty', $new_value, $value); } } \ No newline at end of file diff --git a/tests/tainacan-unit-api-test-case.php b/tests/tainacan-unit-api-test-case.php index 9316d0002..231b2b3ba 100644 --- a/tests/tainacan-unit-api-test-case.php +++ b/tests/tainacan-unit-api-test-case.php @@ -18,13 +18,26 @@ class TAINACAN_UnitApiTestCase extends TAINACAN_UnitTestCase { * Default Tainacan Namespace * @var string default '/tainacan/v2' */ - protected $namespaced_route = '/tainacan/v2'; + protected $namespace = '/tainacan/v2'; + + protected $user_id; public function setUp(){ parent::setUp(); - + + // Create a Administrator user for test api with cookie authentication + $this->user_id = $this->factory->user->create( + array( + 'role' => 'administrator' + ) + ); + + // Set that user as current user + wp_set_current_user( $this->user_id ); + global $wp_rest_server; $this->server = $wp_rest_server = new \WP_REST_Server; + do_action( 'rest_api_init' ); } } \ No newline at end of file diff --git a/tests/test-api-collections.php b/tests/test-api-collections.php index f1e08e6aa..a9d1f8625 100644 --- a/tests/test-api-collections.php +++ b/tests/test-api-collections.php @@ -10,11 +10,11 @@ class TAINACAN_REST_Collections_Controller extends TAINACAN_UnitApiTestCase { public function test_register_route() { $routes = $this->server->get_routes(); - $this->assertArrayHasKey($this->namespaced_route, $routes ); + $this->assertArrayHasKey($this->namespace, $routes ); } public function test_endpoints() { - $the_route = $this->namespaced_route; + $the_route = $this->namespace; $routes = $this->server->get_routes(); foreach( $routes as $route => $route_config ) { if( 0 === strpos( $the_route, $route ) ) { @@ -30,24 +30,21 @@ class TAINACAN_REST_Collections_Controller extends TAINACAN_UnitApiTestCase { } public function test_create_and_fetch_collection_by_id(){ - - $collection_JSON = json_encode([ + $collection_JSON = json_encode([ 'name' => 'TesteJsonAdd', 'description' => 'Teste JSON', ]); - $request = new \WP_REST_Request('POST', $this->namespaced_route.'/collections'); - //$request->set_param('name', 'TesteJsonAdd'); - //$request->set_param('description', 'Teste JSON'); + $request = new \WP_REST_Request('POST', $this->namespace . '/collections'); $request->set_body($collection_JSON); - + $response = $this->server->dispatch( $request ); $this->assertEquals( 201, $response->get_status() ); $collection = json_decode($response->get_data()); $id = $collection->id; - $requestGet = new \WP_REST_Request( 'GET', $this->namespaced_route . '/collections/'.$id ); + $requestGet = new \WP_REST_Request( 'GET', $this->namespace . '/collections/' . $id ); $responseGet = $this->server->dispatch( $requestGet ); $this->assertEquals( 200, $responseGet->get_status() ); @@ -55,7 +52,6 @@ class TAINACAN_REST_Collections_Controller extends TAINACAN_UnitApiTestCase { $data = json_decode($responseGet->get_data(), true); $this->assertEquals('TesteJsonAdd', $data['name']); - } public function test_fetch_collections(){ @@ -69,8 +65,11 @@ class TAINACAN_REST_Collections_Controller extends TAINACAN_UnitApiTestCase { ), true ); - $request = new \WP_REST_Request( 'GET', $this->namespaced_route . '/collections' ); + + $request = new \WP_REST_Request( 'GET', $this->namespace . '/collections' ); + $response = $this->server->dispatch( $request ); + $this->assertEquals( 200, $response->get_status() ); $data = json_decode($response->get_data()); @@ -91,7 +90,7 @@ class TAINACAN_REST_Collections_Controller extends TAINACAN_UnitApiTestCase { $request = new \WP_REST_Request( 'DELETE', - $this->namespaced_route . '/collections/' . $collection1->get_id() + $this->namespace . '/collections/' . $collection1->get_id() ); $request->set_body($delete_permanently); @@ -116,7 +115,7 @@ class TAINACAN_REST_Collections_Controller extends TAINACAN_UnitApiTestCase { $request = new \WP_REST_Request( 'DELETE', - $this->namespaced_route . '/collections/' . $collection2->get_id() + $this->namespace . '/collections/' . $collection2->get_id() ); $request->set_body($delete_permanently); diff --git a/tests/test-api-items.php b/tests/test-api-items.php index 96021165f..bd5adc47b 100644 --- a/tests/test-api-items.php +++ b/tests/test-api-items.php @@ -19,7 +19,7 @@ class TAINACAN_REST_Items_Controller extends TAINACAN_UnitApiTestCase { 'description' => 'The Progressive JavasScript Framework' ]); - $request = new \WP_REST_Request('POST', $this->namespaced_route . '/items/collection/' . $collection->get_id()); + $request = new \WP_REST_Request('POST', $this->namespace . '/items/collection/' . $collection->get_id()); $request->set_body($item_json); $response = $this->server->dispatch($request); @@ -61,7 +61,7 @@ class TAINACAN_REST_Items_Controller extends TAINACAN_UnitApiTestCase { true ); - $request = new \WP_REST_Request('GET', $this->namespaced_route . '/items/collection/' . $collection->get_id()); + $request = new \WP_REST_Request('GET', $this->namespace . '/items/collection/' . $collection->get_id()); $response = $this->server->dispatch($request); $this->assertEquals(200, $response->get_status()); @@ -95,7 +95,7 @@ class TAINACAN_REST_Items_Controller extends TAINACAN_UnitApiTestCase { $request = new \WP_REST_Request( 'DELETE', - $this->namespaced_route . '/items/' . $item1->get_id() + $this->namespace . '/items/' . $item1->get_id() ); $request->set_body($delete_permanently); @@ -128,7 +128,7 @@ class TAINACAN_REST_Items_Controller extends TAINACAN_UnitApiTestCase { $request = new \WP_REST_Request( 'DELETE', - $this->namespaced_route . '/items/' . $item2->get_id() + $this->namespace . '/items/' . $item2->get_id() ); $request->set_body($delete_permanently); diff --git a/tests/test-api-metadata.php b/tests/test-api-metadata.php index 6862e169a..937108dd7 100644 --- a/tests/test-api-metadata.php +++ b/tests/test-api-metadata.php @@ -31,7 +31,7 @@ class TAINACAN_REST_Metadata_Controller extends TAINACAN_UnitApiTestCase { $request = new \WP_REST_Request( 'POST', - $this->namespaced_route . '/metadata/collection/' . $collection->get_id() + $this->namespace . '/metadata/collection/' . $collection->get_id() ); $request->set_body($metadata); @@ -52,7 +52,7 @@ class TAINACAN_REST_Metadata_Controller extends TAINACAN_UnitApiTestCase { $request = new \WP_REST_Request( 'POST', - $this->namespaced_route . '/metadata/item/' . $item->get_id() + $this->namespace . '/metadata/item/' . $item->get_id() ); $request->set_body($meta_values); @@ -75,7 +75,8 @@ class TAINACAN_REST_Metadata_Controller extends TAINACAN_UnitApiTestCase { $collection = $this->tainacan_entity_factory->create_entity( 'collection', array( - 'name' => 'Statement' + 'name' => 'Statement', + 'description' => 'No Statement' ), true ); @@ -114,7 +115,7 @@ class TAINACAN_REST_Metadata_Controller extends TAINACAN_UnitApiTestCase { $request = new \WP_REST_Request( 'GET', - $this->namespaced_route . '/metadata/collection/' . $collection->get_id() + $this->namespace . '/metadata/collection/' . $collection->get_id() ); $response = $this->server->dispatch($request); @@ -131,7 +132,7 @@ class TAINACAN_REST_Metadata_Controller extends TAINACAN_UnitApiTestCase { $request = new \WP_REST_Request( 'GET', - $this->namespaced_route . '/metadata/item/' . $item->get_id() + $this->namespace . '/metadata/item/' . $item->get_id() ); $response = $this->server->dispatch($request); diff --git a/tests/test-item-metadata.php b/tests/test-item-metadata.php index b8e7f78d9..ca4513f81 100644 --- a/tests/test-item-metadata.php +++ b/tests/test-item-metadata.php @@ -23,7 +23,8 @@ class Item_Metadata extends TAINACAN_UnitTestCase { $collection = $this->tainacan_entity_factory->create_entity( 'collection', array( - 'name' => 'teste' + 'name' => 'teste', + 'description' => 'No description', ), true ); @@ -74,7 +75,8 @@ class Item_Metadata extends TAINACAN_UnitTestCase { $collection = $this->tainacan_entity_factory->create_entity( 'collection', array( - 'name' => 'teste' + 'name' => 'teste', + 'description' => 'No description', ), true ); @@ -128,7 +130,8 @@ class Item_Metadata extends TAINACAN_UnitTestCase { $collection = $this->tainacan_entity_factory->create_entity( 'collection', array( - 'name' => 'teste' + 'name' => 'teste', + 'description' => 'No description', ), true ); @@ -185,7 +188,8 @@ class Item_Metadata extends TAINACAN_UnitTestCase { $collection = $this->tainacan_entity_factory->create_entity( 'collection', array( - 'name' => 'teste' + 'name' => 'teste', + 'description' => 'No description', ), true );