Capabilities: Fall back to the edit_posts
capability for orphaned comments.
Also avoid PHP notices because of orphaned comments in the comments list table. Includes unit test. props pento, dd32. fixes #33154. git-svn-id: https://develop.svn.wordpress.org/trunk@33614 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
ce531d8723
commit
23eaa36145
@ -472,8 +472,6 @@ class WP_Comments_List_Table extends WP_List_Table {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$post = get_post();
|
|
||||||
|
|
||||||
$the_comment_status = wp_get_comment_status( $comment->comment_ID );
|
$the_comment_status = wp_get_comment_status( $comment->comment_ID );
|
||||||
|
|
||||||
$out = '';
|
$out = '';
|
||||||
@ -534,9 +532,9 @@ class WP_Comments_List_Table extends WP_List_Table {
|
|||||||
|
|
||||||
$format = '<a data-comment-id="%d" data-post-id="%d" data-action="%s" class="%s" title="%s" href="#">%s</a>';
|
$format = '<a data-comment-id="%d" data-post-id="%d" data-action="%s" class="%s" title="%s" href="#">%s</a>';
|
||||||
|
|
||||||
$actions['quickedit'] = sprintf( $format, $comment->comment_ID, $post->ID, 'edit', 'vim-q comment-inline',esc_attr__( 'Edit this item inline' ), __( 'Quick Edit' ) );
|
$actions['quickedit'] = sprintf( $format, $comment->comment_ID, $comment->comment_post_ID, 'edit', 'vim-q comment-inline',esc_attr__( 'Edit this item inline' ), __( 'Quick Edit' ) );
|
||||||
|
|
||||||
$actions['reply'] = sprintf( $format, $comment->comment_ID, $post->ID, 'replyto', 'vim-r comment-inline', esc_attr__( 'Reply to this comment' ), __( 'Reply' ) );
|
$actions['reply'] = sprintf( $format, $comment->comment_ID, $comment->comment_post_ID, 'replyto', 'vim-r comment-inline', esc_attr__( 'Reply to this comment' ), __( 'Reply' ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
/** This filter is documented in wp-admin/includes/dashboard.php */
|
/** This filter is documented in wp-admin/includes/dashboard.php */
|
||||||
@ -672,6 +670,10 @@ class WP_Comments_List_Table extends WP_List_Table {
|
|||||||
public function column_response() {
|
public function column_response() {
|
||||||
$post = get_post();
|
$post = get_post();
|
||||||
|
|
||||||
|
if ( ! $post ) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if ( isset( $this->pending_count[$post->ID] ) ) {
|
if ( isset( $this->pending_count[$post->ID] ) ) {
|
||||||
$pending_comments = $this->pending_count[$post->ID];
|
$pending_comments = $this->pending_count[$post->ID];
|
||||||
} else {
|
} else {
|
||||||
|
@ -1305,7 +1305,16 @@ function map_meta_cap( $cap, $user_id ) {
|
|||||||
if ( empty( $comment ) )
|
if ( empty( $comment ) )
|
||||||
break;
|
break;
|
||||||
$post = get_post( $comment->comment_post_ID );
|
$post = get_post( $comment->comment_post_ID );
|
||||||
$caps = map_meta_cap( 'edit_post', $user_id, $post->ID );
|
|
||||||
|
/*
|
||||||
|
* If the post doesn't exist, we have an orphaned comment.
|
||||||
|
* Fall back to the edit_posts capability, instead.
|
||||||
|
*/
|
||||||
|
if ( $post ) {
|
||||||
|
$caps = map_meta_cap( 'edit_post', $user_id, $post->ID );
|
||||||
|
} else {
|
||||||
|
$caps = map_meta_cap( 'edit_posts', $user_id );
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case 'unfiltered_upload':
|
case 'unfiltered_upload':
|
||||||
if ( defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS && ( !is_multisite() || is_super_admin( $user_id ) ) )
|
if ( defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS && ( !is_multisite() || is_super_admin( $user_id ) ) )
|
||||||
|
@ -74,6 +74,52 @@ class Tests_Ajax_EditComment extends WP_Ajax_UnitTestCase {
|
|||||||
$this->assertEmpty( (string) $xml->response[0]->edit_comment[0]->supplemental );
|
$this->assertEmpty( (string) $xml->response[0]->edit_comment[0]->supplemental );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @ticket 33154
|
||||||
|
*/
|
||||||
|
function test_editor_can_edit_orphan_comments() {
|
||||||
|
global $wpdb;
|
||||||
|
|
||||||
|
// Become an editor
|
||||||
|
$this->_setRole( 'editor' );
|
||||||
|
|
||||||
|
// Get a comment
|
||||||
|
$comments = get_comments( array(
|
||||||
|
'post_id' => $this->_comment_post->ID
|
||||||
|
) );
|
||||||
|
$comment = array_pop( $comments );
|
||||||
|
|
||||||
|
// Manually update the comment_post_ID, because wp_update_comment() will prevent it.
|
||||||
|
$wpdb->query( "UPDATE {$wpdb->comments} SET comment_post_ID=0 WHERE comment_ID={$comment->comment_ID}" );
|
||||||
|
clean_comment_cache( $comment->comment_ID );
|
||||||
|
|
||||||
|
// Set up a default request
|
||||||
|
$_POST['_ajax_nonce-replyto-comment'] = wp_create_nonce( 'replyto-comment' );
|
||||||
|
$_POST['comment_ID'] = $comment->comment_ID;
|
||||||
|
$_POST['content'] = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit.';
|
||||||
|
|
||||||
|
// Make the request
|
||||||
|
try {
|
||||||
|
$this->_handleAjax( 'edit-comment' );
|
||||||
|
} catch ( WPAjaxDieContinueException $e ) {
|
||||||
|
unset( $e );
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the response
|
||||||
|
$xml = simplexml_load_string( $this->_last_response, 'SimpleXMLElement', LIBXML_NOCDATA );
|
||||||
|
|
||||||
|
// Check the meta data
|
||||||
|
$this->assertEquals( -1, (string) $xml->response[0]->edit_comment['position'] );
|
||||||
|
$this->assertEquals( $comment->comment_ID, (string) $xml->response[0]->edit_comment['id'] );
|
||||||
|
$this->assertEquals( 'edit-comment_' . $comment->comment_ID, (string) $xml->response['action'] );
|
||||||
|
|
||||||
|
// Check the payload
|
||||||
|
$this->assertNotEmpty( (string) $xml->response[0]->edit_comment[0]->response_data );
|
||||||
|
|
||||||
|
// And supplemental is empty
|
||||||
|
$this->assertEmpty( (string) $xml->response[0]->edit_comment[0]->supplemental );
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get comments as a non-privileged user (subscriber)
|
* Get comments as a non-privileged user (subscriber)
|
||||||
* Expects test to fail
|
* Expects test to fail
|
||||||
|
Loading…
Reference in New Issue
Block a user