Fix private posts check for non-permitted user (#39)

* Test case proves an error.

* Fix

* Additional test case for privileged user to see drafts

Author: athlan

includes/class-wp-request-processor.php

@@ -87,6 +87,9 @@ public function pre_handle_404( $preempt, $wp_query ) {
 		}
 
 		$post = $wp_query->post;
+		if ( null === $post ) {
+			return false;
+		}
 
 		// Analyse only if custom field used in query.
 		if ( ! array_key_exists( self::PARAM_CUSTOMFIELD_PARAMS, $wp_query->query_vars )

test/integration/bootstrap.php

@@ -33,6 +33,7 @@ function _manually_load_plugin() {
 require 'class-basetestcase.php';
 require 'class-permalinksteps.php';
 require 'class-customposttypesteps.php';
+require 'class-authsteps.php';
 require 'class-permalinkasserter.php';
 require 'class-navigationasserter.php';
 

test/integration/class-authsteps.php

@@ -0,0 +1,41 @@
+<?php
+/**
+ * Tests util file.
+ *
+ * @package WordPress_Custom_Fields_Permalink
+ */
+
+/**
+ * Class AuthSteps contains utility methods for authentication.
+ */
+class AuthSteps {
+
+	/**
+	 * AuthSteps constructor.
+	 */
+	public function __construct() {
+	}
+
+	/**
+	 * Logged as given user and password.
+	 *
+	 * @param string $username User name.
+	 * @throws Exception When authentication fails.
+	 */
+	public function given_logged_as( $username ) {
+		$result = get_user_by( 'login', $username );
+
+		if ( ! ( $result instanceof WP_User ) ) {
+			throw new Exception( "Couldn't login user" );
+		}
+
+		wp_set_current_user( $result->ID, $result->user_login );
+	}
+
+	/**
+	 * Logged as admin.
+	 */
+	public function given_logged_as_admin() {
+		$this->given_logged_as( 'admin', 'password' );
+	}
+}

test/integration/class-basetestcase.php

@@ -24,6 +24,13 @@ class BaseTestCase extends WP_UnitTestCase {
 	 */
 	protected $custom_post_type_steps;
 
+	/**
+	 * The AuthSteps.
+	 *
+	 * @var AuthSteps
+	 */
+	protected $auth_steps;
+
 	/**
 	 * The PermalinkAsserter.
 	 *
@@ -46,6 +53,7 @@ public function setUp() {
 
 		$this->permalink_steps        = new PermalinkSteps( $this );
 		$this->custom_post_type_steps = new CustomPostTypeSteps( $this );
+		$this->auth_steps             = new AuthSteps( $this );
 		$this->permalink_asserter     = new PermalinkAsserter( $this );
 		$this->navigation_asserter    = new NavigationAsserter( $this );
 	}

test/integration/suites/MetaKeyPermalinkStructure/PrivatePostWithMetaKey.php

@@ -0,0 +1,88 @@
+<?php
+/**
+ * Tests case.
+ *
+ * @package WordPress_Custom_Fields_Permalink
+ */
+
+namespace CustomFieldsPermalink\Tests\Integration\MetaKeyPermalinkStructure;
+
+use BaseTestCase;
+
+/**
+ * Class PrivatePostWithMetaKey
+ */
+class PrivatePostWithMetaKey extends BaseTestCase {
+
+	/**
+	 * Test case.
+	 */
+	function test_generates_permalink_to_private_post() {
+		// given.
+		$this->permalink_steps->given_permalink_structure( '/%field_some_meta_key%/%postname%/' );
+
+		$post_params     = array(
+			'post_title'  => 'Some post title',
+			'post_status' => 'private',
+			'meta_input'  => array(
+				'some_meta_key'       => 'Some meta value',
+				'some_other_meta_key' => 'Some other meta value',
+			),
+		);
+		$created_post_id = $this->factory()->post->create( $post_params );
+
+		// when & then.
+		$this->permalink_asserter->has_permalink( $created_post_id, '/some-meta-value/some-post-title/' );
+	}
+
+	/**
+	 * Test case.
+	 */
+	function test_not_go_to_private_post_using_meta_key_permalink_structure_as_anonymous_user() {
+		// given.
+		$this->permalink_steps->given_permalink_structure( '/%field_some_meta_key%/%postname%/' );
+
+		$post_params     = array(
+			'post_title'  => 'Some post title',
+			'post_status' => 'private',
+			'meta_input'  => array(
+				'some_meta_key'       => 'Some meta value',
+				'some_other_meta_key' => 'Some other meta value',
+			),
+		);
+		$created_post_id = $this->factory()->post->create( $post_params );
+
+		// when.
+		$this->go_to( '/some-meta-value/some-post-title/' );
+
+		// then.
+		$this->navigation_asserter->then_not_displayed_post( $created_post_id )
+			->and_also()
+			->then_is_404();
+	}
+
+	/**
+	 * Test case.
+	 */
+	function test_go_to_private_post_using_meta_key_permalink_structure_as_admin_user() {
+		// given.
+		$this->auth_steps->given_logged_as_admin();
+		$this->permalink_steps->given_permalink_structure( '/%field_some_meta_key%/%postname%/' );
+
+		$post_params     = array(
+			'post_title'  => 'Some post title',
+			'post_status' => 'private',
+			'meta_input'  => array(
+				'some_meta_key'       => 'Some meta value',
+				'some_other_meta_key' => 'Some other meta value',
+			),
+		);
+		$created_post_id = $this->factory()->post->create( $post_params );
+
+		// when.
+		$this->go_to( '/some-meta-value/some-post-title/' );
+
+		// then.
+		$this->navigation_asserter->then_displayed_post( $created_post_id );
+	}
+}

test/integration/suites/PermalinkWithAttributesStructure/PostWithMetaKey.php

@@ -72,7 +72,8 @@ function test_generates_permalink_to_post_using_meta_key() {
 		$this->permalink_asserter->has_permalink( $created_post_id, '/some-meta-value/some-post-title/' );
 
 		$this->assertThatHookWasCalledWith(
-			'some_meta_key', 'Some meta value',
+			'some_meta_key',
+			'Some meta value',
 			array( 'some_attribute' => true ),
 			$created_post_id
 		);
@@ -103,7 +104,8 @@ function test_go_to_post_using_meta_key_permalink_structure() {
 		$this->navigation_asserter->then_displayed_post( $created_post_id );
 
 		$this->assertThatHookWasCalledWith(
-			'some_meta_key', 'Some meta value',
+			'some_meta_key',
+			'Some meta value',
 			array( 'some_attribute' => true ),
 			$created_post_id
 		);
@@ -134,7 +136,8 @@ function test_go_to_post_using_meta_key_permalink_structure_multiple_attributes(
 		$this->navigation_asserter->then_displayed_post( $created_post_id );
 
 		$this->assertThatHookWasCalledWith(
-			'some_meta_key', 'Some meta value',
+			'some_meta_key',
+			'Some meta value',
 			array(
 				'some_attribute'        => true,
 				'some_second_attribute' => 'some value',