Changeset 53408

Timestamp:

05/17/2022 06:59:24 PM (2 years ago)

Author:

SergeyBiryukov

Message:

Users: Fail gracefully when checking mapped capabilities without providing the required object ID.

This avoids an Undefined array key 0 PHP warning for current_user_can() capability checks that require a specific object to check against but an object ID was not passed.

A _doing_it_wrong() notice is also added, so that developers and site administrators are aware that the capability mapping is failing in the absence of the required object ID.

The list of mapped capabilities that require an object ID:

• delete_post / delete_page
• edit_post / edit_page
• read_post / read_page
• publish_post
• edit_(post|comment|term|user)_meta / delete_*_meta / add_*_meta
• edit_comment
• edit_term / delete_term / assign_term

Follow-up to [34091], [34113], [47178].

Props jeherve, peterwilsoncc, henry.wright, johnbillion, mattheweppelsheimer, hellofromTonya, JeffPaul, azouamauriac, Ninos Ego, TobiasBg, wpsmith, GaryJ, nacin, johnstonphilip, azaozz, SergeyBiryukov.
Fixes #44591.

Location:

trunk

Files:

• src/wp-includes/capabilities.php (modified) (12 diffs)
• tests/phpunit/tests/user.php (modified) (1 diff)
• tests/phpunit/tests/user/capabilities.php (modified) (1 diff)
• tests/phpunit/tests/user/mapMetaCap.php (modified) (2 diffs)

trunk/src/wp-includes/capabilities.php

@@ -74 +74 @@
         case 'delete_post':
         case 'delete_page':
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
             $post = get_post( $args[0] );
             if ( ! $post ) {
@@ -93 +112 @@
             if ( ! $post_type ) {
                 /* translators: 1: Post type, 2: Capability name. */
-                _doing_it_wrong( __FUNCTION__, sprintf( __( 'The post type %1$s is not registered, so it may not be reliable to check the capability "%2$s" against a post of that type.' ), $post->post_type, $cap ), '4.4.0' );
+                $message = __( 'The post type %1$s is not registered, so it may not be reliable to check the capability %2$s against a post of that type.' );
+
+                _doing_it_wrong(
+                    __FUNCTION__,
+                    sprintf(
+                        $message,
+                        '<code>' . $post->post_type . '</code>',
+                        '<code>' . $cap . '</code>'
+                    ),
+                    '4.4.0'
+                );
+
                 $caps[] = 'edit_others_posts';
                 break;
@@ -147 +177 @@
         case 'edit_post':
         case 'edit_page':
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
             $post = get_post( $args[0] );
             if ( ! $post ) {
@@ -164 +213 @@
             if ( ! $post_type ) {
                 /* translators: 1: Post type, 2: Capability name. */
-                _doing_it_wrong( __FUNCTION__, sprintf( __( 'The post type %1$s is not registered, so it may not be reliable to check the capability "%2$s" against a post of that type.' ), $post->post_type, $cap ), '4.4.0' );
+                $message = __( 'The post type %1$s is not registered, so it may not be reliable to check the capability %2$s against a post of that type.' );
+
+                _doing_it_wrong(
+                    __FUNCTION__,
+                    sprintf(
+                        $message,
+                        '<code>' . $post->post_type . '</code>',
+                        '<code>' . $cap . '</code>'
+                    ),
+                    '4.4.0'
+                );
+
                 $caps[] = 'edit_others_posts';
                 break;
@@ -216 +276 @@
         case 'read_post':
         case 'read_page':
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
             $post = get_post( $args[0] );
             if ( ! $post ) {
@@ -233 +312 @@
             if ( ! $post_type ) {
                 /* translators: 1: Post type, 2: Capability name. */
-                _doing_it_wrong( __FUNCTION__, sprintf( __( 'The post type %1$s is not registered, so it may not be reliable to check the capability "%2$s" against a post of that type.' ), $post->post_type, $cap ), '4.4.0' );
+                $message = __( 'The post type %1$s is not registered, so it may not be reliable to check the capability %2$s against a post of that type.' );
+
+                _doing_it_wrong(
+                    __FUNCTION__,
+                    sprintf(
+                        $message,
+                        '<code>' . $post->post_type . '</code>',
+                        '<code>' . $cap . '</code>'
+                    ),
+                    '4.4.0'
+                );
+
                 $caps[] = 'edit_others_posts';
                 break;
@@ -250 +340 @@
             if ( ! $status_obj ) {
                 /* translators: 1: Post status, 2: Capability name. */
-                _doing_it_wrong( __FUNCTION__, sprintf( __( 'The post status %1$s is not registered, so it may not be reliable to check the capability "%2$s" against a post with that status.' ), get_post_status( $post ), $cap ), '5.4.0' );
+                $message = __( 'The post status %1$s is not registered, so it may not be reliable to check the capability %2$s against a post with that status.' );
+
+                _doing_it_wrong(
+                    __FUNCTION__,
+                    sprintf(
+                        $message,
+                        '<code>' . get_post_status( $post ) . '</code>',
+                        '<code>' . $cap . '</code>'
+                    ),
+                    '5.4.0'
+                );
+
                 $caps[] = 'edit_others_posts';
                 break;
@@ -269 +370 @@
             break;
         case 'publish_post':
+
+
+
+
+
+
+
+
+
+
+
+
+
+
             $post = get_post( $args[0] );
             if ( ! $post ) {
@@ -278 +393 @@
             if ( ! $post_type ) {
                 /* translators: 1: Post type, 2: Capability name. */
-                _doing_it_wrong( __FUNCTION__, sprintf( __( 'The post type %1$s is not registered, so it may not be reliable to check the capability "%2$s" against a post of that type.' ), $post->post_type, $cap ), '4.4.0' );
+                $message = __( 'The post type %1$s is not registered, so it may not be reliable to check the capability %2$s against a post of that type.' );
+
+                _doing_it_wrong(
+                    __FUNCTION__,
+                    sprintf(
+                        $message,
+                        '<code>' . $post->post_type . '</code>',
+                        '<code>' . $cap . '</code>'
+                    ),
+                    '4.4.0'
+                );
+
                 $caps[] = 'edit_others_posts';
                 break;
@@ -298 +424 @@
         case 'add_user_meta':
             $object_type = explode( '_', $cap )[1];
-            $object_id   = (int) $args[0];
+
+            if ( ! isset( $args[0] ) ) {
+                if ( 'post' === $object_type ) {
+                    /* translators: %s: Capability name. */
+                    $message = __( 'When checking for the %s capability, you must always check it against a specific post.' );
+                } elseif ( 'comment' === $object_type ) {
+                    /* translators: %s: Capability name. */
+                    $message = __( 'When checking for the %s capability, you must always check it against a specific comment.' );
+                } elseif ( 'term' === $object_type ) {
+                    /* translators: %s: Capability name. */
+                    $message = __( 'When checking for the %s capability, you must always check it against a specific term.' );
+                } else {
+                    /* translators: %s: Capability name. */
+                    $message = __( 'When checking for the %s capability, you must always check it against a specific user.' );
+                }
+
+                _doing_it_wrong(
+                    __FUNCTION__,
+                    sprintf( $message, '<code>' . $cap . '</code>' ),
+                    '6.1.0'
+                );
+
+                $caps[] = 'do_not_allow';
+                break;
+            }
+
+            $object_id = (int) $args[0];
 
             $object_subtype = get_object_subtype( $object_type, $object_id );
@@ -393 +545 @@
             break;
         case 'edit_comment':
+
+
+
+
+
+
+
+
+
+
+
+
+
+
             $comment = get_comment( $args[0] );
             if ( ! $comment ) {
@@ -533 +699 @@
         case 'delete_term':
         case 'assign_term':
+
+
+
+
+
+
+
+
+
+
+
+
+
+
             $term_id = (int) $args[0];
             $term    = get_term( $term_id );

trunk/tests/phpunit/tests/user.php

@@ -1975 +1975 @@
         );
 
-        // _doing_wrong() should be called because the filter callback
+        // _doing_wrong() should be called because the filter callback
         // adds a item with a 'name' that is the same as one generated by core.
         $this->setExpectedIncorrectUsage( 'wp_user_personal_data_exporter' );

trunk/tests/phpunit/tests/user/capabilities.php

@@ -1596 +1596 @@
         $editor = self::$users['editor'];
 
+
         foreach ( $caps as $cap ) {
             // `null` represents a non-existent term ID.

trunk/tests/phpunit/tests/user/mapMetaCap.php

@@ -4 +4 @@
  * @group user
  * @group capabilities
+
  */
 class Tests_User_MapMetaCap extends WP_UnitTestCase {
@@ -411 +412 @@
         $this->assertSame( array( 'manage_options' ), $caps );
     }
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 }