<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[52340] trunk: REST API: Ensure that the export template endpoint returns a valid WP_Error object.</title>
</head>
<body>

<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { white-space: pre-line; overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta" style="font-size: 105%">
<dt style="float: left; width: 6em; font-weight: bold">Revision</dt> <dd><a style="font-weight: bold" href="https://core.trac.wordpress.org/changeset/52340">52340</a><script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"Review this Commit","action":{"@type":"ViewAction","url":"https://core.trac.wordpress.org/changeset/52340","name":"Review Commit"}}</script></dd>
<dt style="float: left; width: 6em; font-weight: bold">Author</dt> <dd>spacedmonkey</dd>
<dt style="float: left; width: 6em; font-weight: bold">Date</dt> <dd>2021-12-07 18:36:29 +0000 (Tue, 07 Dec 2021)</dd>
</dl>

<pre style='padding-left: 1em; margin: 2em 0; border-left: 2px solid #ccc; line-height: 1.25; font-size: 105%; font-family: sans-serif'>REST API: Ensure that the export template endpoint returns a valid WP_Error object.

Ensure that the export template endpoint returns a WP_Error object, including code and message, so that the site editor can display an error message. 
Add some basic unit tests to ensure that permission checks are working as expected. 

Follow-up to <a href="https://core.trac.wordpress.org/changeset/52286">[52286]</a>.

Props Spacedmonkey, dlh, hellofromTonya , Mamaduka, TimothyBlynJacobs.
Fixes <a href="https://core.trac.wordpress.org/ticket/54448">#54448</a>.</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunksrcwpincludesblocktemplateutilsphp">trunk/src/wp-includes/block-template-utils.php</a></li>
<li><a href="#trunksrcwpincludesrestapiendpointsclasswpresteditsiteexportcontrollerphp">trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-edit-site-export-controller.php</a></li>
</ul>

<h3>Added Paths</h3>
<ul>
<li><a href="#trunktestsphpunittestsrestapiwpRestEditSiteExportControllerphp">trunk/tests/phpunit/tests/rest-api/wpRestEditSiteExportController.php</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunksrcwpincludesblocktemplateutilsphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/block-template-utils.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/block-template-utils.php    2021-12-07 17:47:28 UTC (rev 52339)
+++ trunk/src/wp-includes/block-template-utils.php      2021-12-07 18:36:29 UTC (rev 52340)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -913,7 +913,7 @@
</span><span class="cx" style="display: block; padding: 0 10px">  */
</span><span class="cx" style="display: block; padding: 0 10px"> function wp_generate_block_templates_export_file() {
</span><span class="cx" style="display: block; padding: 0 10px">        if ( ! class_exists( 'ZipArchive' ) ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-                return new WP_Error( __( 'Zip Export not supported.' ) );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+         return new WP_Error( 'missing_zip_package', __( 'Zip Export not supported.' ) );
</ins><span class="cx" style="display: block; padding: 0 10px">         }
</span><span class="cx" style="display: block; padding: 0 10px"> 
</span><span class="cx" style="display: block; padding: 0 10px">        $obscura  = wp_generate_password( 12, false, false );
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -921,7 +921,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> 
</span><span class="cx" style="display: block; padding: 0 10px">        $zip = new ZipArchive();
</span><span class="cx" style="display: block; padding: 0 10px">        if ( true !== $zip->open( $filename, ZipArchive::CREATE ) ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-                return new WP_Error( __( 'Unable to open export file (archive) for writing.' ) );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+         return new WP_Error( 'unable_to_create_zip', __( 'Unable to open export file (archive) for writing.' ) );
</ins><span class="cx" style="display: block; padding: 0 10px">         }
</span><span class="cx" style="display: block; padding: 0 10px"> 
</span><span class="cx" style="display: block; padding: 0 10px">        $zip->addEmptyDir( 'theme' );
</span></span></pre></div>
<a id="trunksrcwpincludesrestapiendpointsclasswpresteditsiteexportcontrollerphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-edit-site-export-controller.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-edit-site-export-controller.php    2021-12-07 17:47:28 UTC (rev 52339)
+++ trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-edit-site-export-controller.php      2021-12-07 18:36:29 UTC (rev 52340)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -54,8 +54,8 @@
</span><span class="cx" style="display: block; padding: 0 10px">         */
</span><span class="cx" style="display: block; padding: 0 10px">        public function permissions_check() {
</span><span class="cx" style="display: block; padding: 0 10px">                if ( ! current_user_can( 'edit_theme_options' ) ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-                        new WP_Error(
-                               'rest_cannot_view_url_details',
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+                 return new WP_Error(
+                               'rest_cannot_export_templates',
</ins><span class="cx" style="display: block; padding: 0 10px">                                 __( 'Sorry, you are not allowed to export templates and template parts.' ),
</span><span class="cx" style="display: block; padding: 0 10px">                                array( 'status' => rest_authorization_required_code() )
</span><span class="cx" style="display: block; padding: 0 10px">                        );
</span></span></pre></div>
<a id="trunktestsphpunittestsrestapiwpRestEditSiteExportControllerphp"></a>
<div class="addfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Added: trunk/tests/phpunit/tests/rest-api/wpRestEditSiteExportController.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/tests/phpunit/tests/rest-api/wpRestEditSiteExportController.php                             (rev 0)
+++ trunk/tests/phpunit/tests/rest-api/wpRestEditSiteExportController.php       2021-12-07 18:36:29 UTC (rev 52340)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -0,0 +1,156 @@
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<?php
+/**
+ * WP_REST_Edit_Site_Export_Controller tests.
+ *
+ * @package WordPress
+ * @subpackage REST_API
+ * @since 5.9.0
+ */
+
+/**
+ * Tests for WP_REST_Edit_Site_Export_Controller.
+ *
+ * @since 5.9.0
+ *
+ * @covers WP_REST_Edit_Site_Export_Controller
+ *
+ * @group restapi
+ */
+class Tests_REST_WpRestEditSiteExportController extends WP_Test_REST_Controller_Testcase {
+
+       /**
+        * The REST API route for the edit site export.
+        *
+        * @since 5.9.0
+        *
+        * @var string
+        */
+       const REQUEST_ROUTE = '/wp-block-editor/v1/export';
+
+       /**
+        * Subscriber user ID.
+        *
+        * @since 5.9.0
+        *
+        * @var int
+        */
+       protected static $subscriber_id;
+
+       /**
+        * Set up class test fixtures.
+        *
+        * @since 5.9.0
+        *
+        * @param WP_UnitTest_Factory $factory WordPress unit test factory.
+        */
+       public static function wpSetUpBeforeClass( WP_UnitTest_Factory $factory ) {
+               self::$subscriber_id = $factory->user->create(
+                       array(
+                               'role' => 'subscriber',
+                       )
+               );
+       }
+
+       /**
+        * Delete test data after our tests run.
+        *
+        * @since 5.9.0
+        */
+       public static function wpTearDownAfterClass() {
+               self::delete_user( self::$subscriber_id );
+       }
+
+       /**
+        * @covers WP_REST_Edit_Site_Export_Controller::register_routes
+        * @ticket 54448
+        */
+       public function test_register_routes() {
+               $routes = rest_get_server()->get_routes();
+               $this->assertArrayHasKey( static::REQUEST_ROUTE, $routes );
+               $this->assertCount( 1, $routes[ static::REQUEST_ROUTE ] );
+       }
+
+       /**
+        * @covers WP_REST_Edit_Site_Export_Controller::permissions_check
+        *
+        * @ticket 54448
+        */
+       public function test_export_for_no_user_permissions() {
+               wp_set_current_user( 0 );
+
+               $request  = new WP_REST_Request( 'GET', static::REQUEST_ROUTE );
+               $response = rest_get_server()->dispatch( $request );
+
+               $this->assertErrorResponse( 'rest_cannot_export_templates', $response, 401 );
+       }
+
+       /**
+        * @covers WP_REST_Edit_Site_Export_Controller::permissions_check
+        *
+        * @ticket 54448
+        */
+       public function test_export_for_user_with_insufficient_permissions() {
+               wp_set_current_user( self::$subscriber_id );
+
+               $request  = new WP_REST_Request( 'GET', static::REQUEST_ROUTE );
+               $response = rest_get_server()->dispatch( $request );
+
+               $this->assertErrorResponse( 'rest_cannot_export_templates', $response, 403 );
+       }
+
+       /**
+        * @ticket 54448
+        */
+       public function test_context_param() {
+               $this->markTestSkipped( 'Controller does not implement context_param().' );
+       }
+
+       /**
+        * @ticket 54448
+        */
+       public function test_get_item() {
+               $this->markTestSkipped( 'Controller does not implement get_item().' );
+       }
+
+       /**
+        * @ticket 54448
+        */
+       public function test_get_items() {
+               $this->markTestSkipped( 'Controller does not implement get_items().' );
+       }
+
+       /**
+        * @ticket 54448
+        */
+       public function test_create_item() {
+               $this->markTestSkipped( 'Controller does not implement create_item().' );
+       }
+
+       /**
+        * @ticket 54448
+        */
+       public function test_update_item() {
+               $this->markTestSkipped( 'Controller does not implement update_item().' );
+       }
+
+       /**
+        * @ticket 54448
+        */
+       public function test_delete_item() {
+               $this->markTestSkipped( 'Controller does not implement delete_item().' );
+       }
+
+       /**
+        * @ticket 54448
+        */
+       public function test_prepare_item() {
+               $this->markTestSkipped( 'Controller does not implement prepare_item().' );
+       }
+
+       /**
+        * @ticket 54448
+        */
+       public function test_get_item_schema() {
+               $this->markTestSkipped( 'Controller does not implement get_item_schema().' );
+       }
+}
</ins><span class="cx" style="display: block; padding: 0 10px">Property changes on: trunk/tests/phpunit/tests/rest-api/wpRestEditSiteExportController.php
</span><span class="cx" style="display: block; padding: 0 10px">___________________________________________________________________
</span></span></pre></div>
<a id="svneolstyle"></a>
<div class="addfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Added: svn:eol-style</h4></div>
<ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+native
</ins><span class="cx" style="display: block; padding: 0 10px">\ No newline at end of property
</span></div>

</body>
</html>