Skip to content

Add unit tests for wp_refresh_post_nonces() in wp-admin/includes/misc… #11757

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
pbearne wants to merge 2 commits into
base: trunk
Choose a base branch
from
+145 −0
Open

Add unit tests for wp_refresh_post_nonces() in wp-admin/includes/misc… #11757

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
94756dc
Add unit tests for wp_refresh_post_nonces() in wp-admin/includes/misc…
May 7, 2026
af52771
Merge branch 'trunk' into 65197-misc-wp_refresh_post_nonces
pbearne May 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
145 changes: 145 additions & 0 deletions tests/phpunit/tests/admin/includes/misc/wpRefreshPostNonces.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,145 @@
<?php
/**
* Test wp_refresh_post_nonces().
*
* @group admin
* @group misc
*
* @covers ::wp_refresh_post_nonces
*/
class Tests_Admin_Includes_Misc_WpRefreshPostNonces extends WP_UnitTestCase {

/**
* Post ID.
*
* @var int
*/
protected static $post_id;

/**
* User ID.
*
* @var int
*/
protected static $user_id;

/**
* Set up before class.
*/
public static function wpSetUpBeforeClass( WP_UnitTest_Factory $factory ) {
self::$user_id = $factory->user->create( array( 'role' => 'editor' ) );
self::$post_id = $factory->post->create( array( 'post_author' => self::$user_id ) );
}

/**
* Tests wp_refresh_post_nonces() with missing data.
*
* @ticket 65197
*/
public function test_wp_refresh_post_nonces_missing_data() {
$response = array( 'existing' => 'data' );
$data = array();

$result = wp_refresh_post_nonces( $response, $data, 'edit-post' );

$this->assertSame( $response, $result, 'Response should remain unchanged if wp-refresh-post-nonces is missing.' );
}

/**
* Tests wp_refresh_post_nonces() with invalid post ID.
*
* @ticket 65197
*
* @dataProvider data_wp_refresh_post_nonces_invalid_post_id
*
* @param mixed $post_id Invalid post ID.
* @return void
*/
public function test_wp_refresh_post_nonces_invalid_post_id( $post_id ) {
$response = array();
$data = array(
'wp-refresh-post-nonces' => array(
'post_id' => $post_id,
),
);

$result = wp_refresh_post_nonces( $response, $data, 'edit-post' );

$this->assertArrayHasKey( 'wp-refresh-post-nonces', $result );
$this->assertSame( array( 'check' => 1 ), $result['wp-refresh-post-nonces'], 'Should return check key for invalid post ID.' );
}

/**
* Data provider for test_wp_refresh_post_nonces_invalid_post_id.
*
* @return array<string, array{
* post_id: mixed,
* }>
*/
public function data_wp_refresh_post_nonces_invalid_post_id(): array {
return array(
'zero' => array( 'post_id' => 0 ),
'string zero' => array( 'post_id' => '0' ),
'non-numeric' => array( 'post_id' => 'abc' ),
'negative' => array( 'post_id' => -1 ),
'missing post_id' => array( 'post_id' => null ),
);
}

/**
* Tests wp_refresh_post_nonces() when the user cannot edit the post.
*
* @ticket 65197
*/
public function test_wp_refresh_post_nonces_user_cannot_edit() {
$other_user_id = self::factory()->user->create( array( 'role' => 'subscriber' ) );
wp_set_current_user( $other_user_id );

$response = array();
$data = array(
'wp-refresh-post-nonces' => array(
'post_id' => self::$post_id,
),
);

$result = wp_refresh_post_nonces( $response, $data, 'edit-post' );

$this->assertArrayHasKey( 'wp-refresh-post-nonces', $result );
$this->assertSame( array( 'check' => 1 ), $result['wp-refresh-post-nonces'], 'Should return check key if user cannot edit post.' );
}

/**
* Tests wp_refresh_post_nonces() with successful refresh.
*
* @ticket 65197
*/
public function test_wp_refresh_post_nonces_success() {
wp_set_current_user( self::$user_id );

$response = array();
$data = array(
'wp-refresh-post-nonces' => array(
'post_id' => self::$post_id,
),
);

$result = wp_refresh_post_nonces( $response, $data, 'edit-post' );

$this->assertArrayHasKey( 'wp-refresh-post-nonces', $result );
$this->assertArrayHasKey( 'replace', $result['wp-refresh-post-nonces'] );

$replace = $result['wp-refresh-post-nonces']['replace'];

$this->assertArrayHasKey( 'getpermalinknonce', $replace );
$this->assertArrayHasKey( 'samplepermalinknonce', $replace );
$this->assertArrayHasKey( 'closedpostboxesnonce', $replace );
$this->assertArrayHasKey( '_ajax_linking_nonce', $replace );
$this->assertArrayHasKey( '_wpnonce', $replace );

$this->assertSame( 1, wp_verify_nonce( $replace['getpermalinknonce'], 'getpermalink' ), 'getpermalink nonce should be valid.' );
$this->assertSame( 1, wp_verify_nonce( $replace['samplepermalinknonce'], 'samplepermalink' ), 'samplepermalink nonce should be valid.' );
$this->assertSame( 1, wp_verify_nonce( $replace['closedpostboxesnonce'], 'closedpostboxes' ), 'closedpostboxes nonce should be valid.' );
$this->assertSame( 1, wp_verify_nonce( $replace['_ajax_linking_nonce'], 'internal-linking' ), 'internal-linking nonce should be valid.' );
$this->assertSame( 1, wp_verify_nonce( $replace['_wpnonce'], 'update-post_' . self::$post_id ), 'update-post nonce should be valid.' );
}
}
Loading