bugfix(ajax): permission check

aba70097 · Grzegorz Rola · c9ce0174 · aba70097 · aba70097 · aba70097
Commit aba70097 authored 1 year ago by Grzegorz Rola
--- a/.env.testing
+++ b/.env.testing
@@ -12,7 +12,7 @@ TEST_DB_PASSWORD="mysql"
 TEST_TABLE_PREFIX="wp_"
 TEST_SITE_WP_URL="http://${WOOTESTS_IP}"
 TEST_SITE_WP_DOMAIN="${WOOTESTS_IP}"
-TEST_SITE_ADMIN_EMAIL="grola@seostudio.pl"
+TEST_SITE_ADMIN_EMAIL="grola@octolize.dev"
 TEST_SITE_ADMIN_USERNAME="admin"
 TEST_SITE_ADMIN_PASSWORD="admin"
 SELENIUM_HOST="chrome"

--- a/src/WPDesk/Notice/AjaxHandler.php
+++ b/src/WPDesk/Notice/AjaxHandler.php
@@ -79,7 +79,7 @@ class AjaxHandler implements HookablePluginDependant {
            $noticeName = sanitize_text_field( $_POST[ self::POST_FIELD_NOTICE_NAME ] );

            $option_name = PermanentDismissibleNotice::OPTION_NAME_PREFIX . $noticeName;
-            ajax_check_referer( $option_name, self::POST_FIELD_SECURITY );
+            check_ajax_referer( $option_name, self::POST_FIELD_SECURITY );

            if ( ! current_user_can( 'edit_posts' ) ) {
                wp_send_json_error();

--- a/tests/codeception/tests/integration.suite.yml
+++ b/tests/codeception/tests/integration.suite.yml
@@ -32,7 +32,6 @@ modules:
            dbPassword: "%TEST_SITE_DB_PASSWORD%"
            isolatedInstall: false
            loadOnly: false
-            skipPluggables: false
            tablePrefix: "%TEST_SITE_TABLE_PREFIX%"
            plugins: []
            activatePlugins: []
--- a/tests/codeception/tests/integration/AjaxHandlerTest.php
+++ b/tests/codeception/tests/integration/AjaxHandlerTest.php
@@ -91,7 +91,6 @@ class AjaxHandlerTest extends WPTestCase {
 	}

    public function testShoulfNotProcessAjaxNoticeDismissWhenInvalidNonce() {
-        defince( 'DOING_AJAX', true );
        $_POST[ AjaxHandler::POST_FIELD_NOTICE_NAME ] = self::NOTICE_NAME;
        $_POST[ AjaxHandler::POST_FIELD_SECURITY ] = wp_create_nonce();


--- a/tests/codeception/wpdesk.yml
+++ b/tests/codeception/wpdesk.yml
@@ -3,6 +3,7 @@ plugin-file: none
 plugin-title: none
 plugins:
  repository:
+    - woocommerce
  local:
  activate:
 prepare-database: