From 535ae26afdc582d5d3a357c2e3ec89e00fa8e643 Mon Sep 17 00:00:00 2001
From: Scott Taylor <wonderboymusic@git.wordpress.org>
Date: Sat, 14 Sep 2013 18:35:43 +0000
Subject: [PATCH] Fix several esoteric errors related to AJAX unit tests for
 comments:

* `wp_ajax_get_comments()` relies on the `$post_id` global - even though `$_POST['p']` is passed to every action in the test methods. If `$post_id` is still lingering in between tests and doesn't match `p` in the request, the cap check might pass while the queries for comments will blow up. I added `unset( $GLOBALS['post_id'] )` to `Tests_Ajax_GetComments::setUp()`.
* If the global `$post_id` is empty, but `$_REQUEST['p']` is not, `$post_id` is now set to `absint( $_REQUEST['p'] )` and sanity-checked in `wp_ajax_get_comments()`.
* `map_meta_cap()` always assumes that `get_comment()` succeeds when checking for the `edit_comment` cap. It doesn't. I added sanity checks in a few places where it will break early if `get_post()` or `get_comment()` are empty.
* `wp_update_comment()` always assumes `get_comment()` succeeds. It doesn't. I added a check for empty.

All AJAX unit tests run and pass in debug mode. All general unit tests pass against these changes.

Fixes #25282.



git-svn-id: https://develop.svn.wordpress.org/trunk@25438 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-admin/includes/ajax-actions.php   | 13 ++++++++++++-
 src/wp-includes/capabilities.php         |  4 ++++
 src/wp-includes/comment.php              |  2 ++
 tests/phpunit/includes/testcase-ajax.php |  2 +-
 tests/phpunit/tests/ajax/GetComments.php |  2 ++
 5 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/src/wp-admin/includes/ajax-actions.php b/src/wp-admin/includes/ajax-actions.php
index 7fe4741c44..6799c4409c 100644
--- a/src/wp-admin/includes/ajax-actions.php
+++ b/src/wp-admin/includes/ajax-actions.php
@@ -695,9 +695,18 @@ function wp_ajax_get_comments( $action ) {
 
 	check_ajax_referer( $action );
 
+	if ( empty( $post_id ) && ! empty( $_REQUEST['p'] ) ) {
+		$id = absint( $_REQUEST['p'] );
+		if ( ! empty( $id ) )
+			$post_id = $id;
+	}
+
+	if ( empty( $post_id ) )
+		wp_die( -1 );
+
 	$wp_list_table = _get_list_table( 'WP_Post_Comments_List_Table', array( 'screen' => 'edit-comments' ) );
 
-	if ( !current_user_can( 'edit_post', $post_id ) )
+	if ( ! current_user_can( 'edit_post', $post_id ) )
 		wp_die( -1 );
 
 	$wp_list_table->prepare_items();
@@ -840,6 +849,8 @@ function wp_ajax_edit_comment() {
 	$wp_list_table = _get_list_table( $checkbox ? 'WP_Comments_List_Table' : 'WP_Post_Comments_List_Table', array( 'screen' => 'edit-comments' ) );
 
 	$comment = get_comment( $comment_id );
+	if ( empty( $comment->comment_ID ) )
+		wp_die( -1 );
 
 	ob_start();
 	$wp_list_table->single_row( $comment );
diff --git a/src/wp-includes/capabilities.php b/src/wp-includes/capabilities.php
index e67618022e..b6eff17fa2 100644
--- a/src/wp-includes/capabilities.php
+++ b/src/wp-includes/capabilities.php
@@ -1066,6 +1066,8 @@ function map_meta_cap( $cap, $user_id ) {
 	case 'edit_post':
 	case 'edit_page':
 		$post = get_post( $args[0] );
+		if ( empty( $post ) )
+			break;
 
 		if ( 'revision' == $post->post_type ) {
 			$post = get_post( $post->post_parent );
@@ -1170,6 +1172,8 @@ function map_meta_cap( $cap, $user_id ) {
 		break;
 	case 'edit_comment':
 		$comment = get_comment( $args[0] );
+		if ( empty( $comment ) )
+			break;
 		$post = get_post( $comment->comment_post_ID );
 		$caps = map_meta_cap( 'edit_post', $user_id, $post->ID );
 		break;
diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php
index cc772ea719..9692768d3c 100644
--- a/src/wp-includes/comment.php
+++ b/src/wp-includes/comment.php
@@ -1505,6 +1505,8 @@ function wp_update_comment($commentarr) {
 
 	// First, get all of the original fields
 	$comment = get_comment($commentarr['comment_ID'], ARRAY_A);
+	if ( empty( $comment ) )
+		return 0;
 
 	// Escape data pulled from DB.
 	$comment = wp_slash($comment);
diff --git a/tests/phpunit/includes/testcase-ajax.php b/tests/phpunit/includes/testcase-ajax.php
index acd0c4ae5d..6b14b66bd9 100644
--- a/tests/phpunit/includes/testcase-ajax.php
+++ b/tests/phpunit/includes/testcase-ajax.php
@@ -131,7 +131,7 @@ abstract class WP_Ajax_UnitTestCase extends WP_UnitTestCase {
 		$this->_last_response .= ob_get_clean();
 
 		if ( '' === $this->_last_response ) {
-			if ( is_scalar( $message) ) {
+			if ( is_scalar( $message ) ) {
 				throw new WPAjaxDieStopException( (string) $message );
 			} else {
 				throw new WPAjaxDieStopException( '0' );
diff --git a/tests/phpunit/tests/ajax/GetComments.php b/tests/phpunit/tests/ajax/GetComments.php
index b9dec083fc..3e3a3896e3 100644
--- a/tests/phpunit/tests/ajax/GetComments.php
+++ b/tests/phpunit/tests/ajax/GetComments.php
@@ -38,6 +38,8 @@ class Tests_Ajax_GetComments extends WP_Ajax_UnitTestCase {
 
 		$post_id = $this->factory->post->create();
 		$this->_no_comment_post = get_post( $post_id );
+
+		unset( $GLOBALS['post_id'] );
 	}
 
 	/**