added tests for endpoint authentication

RichCodesign · Dec 13, 2016 · d66b392 · d66b392
1 parent 340e59a
commit d66b392
Show file tree

Hide file tree

Showing 3 changed files with 51 additions and 2 deletions.
diff --git a/readme.txt b/readme.txt
@@ -4,7 +4,7 @@ Tags: rest api, rest, wp rest api
 Donate link: https://petenelson.io/
 Requires at least: 4.4
 Tested up to: 4.7
-Stable tag: 1.2.0
+Stable tag: 1.3.0
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 
@@ -40,6 +40,9 @@ Have any questions?  We can answer them here?
 
 == Changelog ==
 
+= 1.3.0 December 12th, 2016 =
+* Added option to require authentication for core endpoints.
+
 = 1.2.0 December 5th, 2016 =
 * Updated the way the REST API can be disabled due to the rest_enabled filter being deprecated.
 * Added 'settings' to the list of core endpoints that can be removed.
@@ -57,6 +60,9 @@ Have any questions?  We can answer them here?
 
 == Changelog ==
 
+= 1.3.0 December 12th, 2016 =
+* Added option to require authentication for core endpoints.
+
 = 1.2.0 December 5th, 2016 =
 * Updated the way the REST API can be disabled due to the rest_enabled filter being deprecated.
 * Added 'settings' to the list of core endpoints that can be removed.

diff --git a/rest-api-toolbox.php b/rest-api-toolbox.php
@@ -1,7 +1,7 @@
 <?php
 /**
  * Plugin Name: REST API Toolbox
- * Version: 1.2.0
+ * Version: 1.3.0
  * Description: Allows easy tweaks of several REST API settings
  * Author: Pete Nelson
  * Author URI: https://github.com/petenelson/wp-rest-api-toolbox

diff --git a/tests/test-core.php b/tests/test-core.php
@@ -101,4 +101,47 @@ function test_do_not_remove_core_endpoints() {
 
 	}
 
+	function test_require_authentication_core_endpoints() {
+
+		$namespace   = REST_API_Toolbox_Common::core_namespace();
+
+		foreach( REST_API_Toolbox_Common::core_endpoints() as $endpoint ) {
+
+			$endpoint = '/' . $namespace . '/' . $endpoint;
+			$require_auth_endpoint = 'require-authentication|' . $endpoint;
+
+			REST_API_Toolbox_Settings::change_enabled_setting( 'core', $require_auth_endpoint, true );
+
+			$this->assertEquals( true, REST_API_Toolbox_Settings::setting_is_enabled( 'core', $require_auth_endpoint ) );
+
+			// Create a REST request
+			$request = new WP_REST_Request( 'GET', $endpoint );
+
+			// Verify that the request returns a WP_Error for rest_pre_dispatch
+			$this->assertInstanceOf( 'WP_Error', apply_filters( 'rest_pre_dispatch', array(), rest_get_server(), $request ) );
+		}
+	}
+
+
+	function test_do_not_require_authentication_core_endpoints() {
+
+		$namespace   = REST_API_Toolbox_Common::core_namespace();
+
+		foreach( REST_API_Toolbox_Common::core_endpoints() as $endpoint ) {
+
+			$endpoint = '/' . $namespace . '/' . $endpoint;
+			$require_auth_endpoint = 'require-authentication|' . $endpoint;
+
+			REST_API_Toolbox_Settings::change_enabled_setting( 'core', $require_auth_endpoint, false );
+
+			$this->assertEquals( false, REST_API_Toolbox_Settings::setting_is_enabled( 'core', $require_auth_endpoint ) );
+
+			// Create a REST request
+			$request = new WP_REST_Request( 'GET', $endpoint );
+
+			// Verify that the request returns the same result.
+			$this->assertEquals( array(), apply_filters( 'rest_pre_dispatch', array(), rest_get_server(), $request ) );
+		}
+	}
+
 }