[wp-trac] [WordPress Trac] #47443: REST-API prevents users with edit_published_posts capability updating published posts
WordPress Trac
noreply at wordpress.org
Fri Jan 24 21:31:17 UTC 2020
#47443: REST-API prevents users with edit_published_posts capability updating
published posts
----------------------------------------+-----------------------
Reporter: derweili | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 5.4
Component: REST API | Version: 5.2.1
Severity: normal | Resolution:
Keywords: has-patch needs-unit-tests | Focuses: rest-api
----------------------------------------+-----------------------
Comment (by apieschel):
Uploaded a patch with a slight modification to the switch statement in
''wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php''. I
found that it was necessary to distinguish between the "publish" and
"future" cases in order for all previous unit tests to pass. Otherwise,
test_create_post_publish_without_permission() (line 2303 in
''tests/phpunit/tests/rest-api/rest-posts-controller.php'') fails, due to
the "publish_posts" capability being removed from the "author" role, which
would still retain the "edit_publish_posts" capability. Also added a new
unit test.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47443#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list