Block: Use getUsers with capability query (#12615)

* Use getUsers ovre getAuthors. * Fix lints. * Load only on capability check. * Remove filter_user_query method. * Fix lints. Co-authored-by: Pascal Birchler <pascalb@google.com>
GoogleForCreators · Nov 10, 2022 · c3b5eec · c3b5eec
1 parent e6beed7
commit c3b5eec
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 154 deletions.
diff --git a/includes/REST_API/Stories_Users_Controller.php b/includes/REST_API/Stories_Users_Controller.php
@@ -32,7 +32,6 @@
 use Google\Web_Stories\Story_Post_Type;
 use WP_Error;
 use WP_REST_Request;
-use WP_REST_Response;
 use WP_REST_Users_Controller;
 
 /**
@@ -92,50 +91,6 @@ public static function get_registration_action(): string {
 	public static function get_registration_action_priority(): int {
 		return 100;
 	}
-	/**
-	 * Retrieves a collection of user
-	 *
-	 * @since 1.16.0
-	 *
-	 * @param WP_REST_Request $request Full details about the request.
-	 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
-	 */
-	public function get_items( $request ) {
-		add_filter( 'rest_user_query', [ $this, 'filter_user_query' ], 10 );
-		$response = parent::get_items( $request );
-		remove_filter( 'rest_user_query', [ $this, 'filter_user_query' ], 10 );
-
-		return $response;
-	}
-
-	/**
-	 * Filter the WP_User_Query args.
-	 *
-	 * Removes the 'who' param in favor of the 'capabilities' param.
-	 *
-	 * @since 1.16.0
-	 *
-	 * @param array{who?: string, capabilities?: string[]} $prepared_args Array of arguments for WP_User_Query.
-	 * @return array<string,mixed> Filtered args.
-	 */
-	public function filter_user_query( $prepared_args ): array {
-		$registered = $this->get_collection_params();
-
-		// Capability queries were added in 5.9, and the 'who' param was deprecated.
-		if ( isset( $prepared_args['who'], $registered['capabilities'] ) && 'authors' === $prepared_args['who'] ) {
-			$capabilities   = $prepared_args['capabilities'] ?? [];
-			$capabilities[] = $this->story_post_type->get_cap_name( 'edit_posts' );
-
-			$prepared_args['capabilities'] = $capabilities;
-
-			unset( $prepared_args['who'] );
-		}
-
-		// Fix core issue, where user meta is not primed in WP_User_Query. See https://core.trac.wordpress.org/ticket/55594.
-		$prepared_args['fields'] = 'all_with_meta';
-
-		return $prepared_args;
-	}
 
 	/**
 	 * Checks if a given request has access to read a user.
@@ -174,7 +129,7 @@ public function get_item_permissions_check( $request ) {
 			);
 		}
 
-		if ( ! $this->user_posts_count_public( $user->ID, Story_Post_Type::POST_TYPE_SLUG ) && ! current_user_can( 'edit_user', $user->ID ) && ! current_user_can( 'list_users' ) ) {
+		if ( ! $this->user_posts_count_public( $user->ID, $this->story_post_type->get_slug() ) && ! current_user_can( 'edit_user', $user->ID ) && ! current_user_can( 'list_users' ) ) {
 			return new \WP_Error(
 				'rest_user_cannot_view',
 				__( 'Sorry, you are not allowed to list users.', 'web-stories' ),

diff --git a/packages/stories-block/src/block/components/storyPicker/selectStories.js b/packages/stories-block/src/block/components/storyPicker/selectStories.js
@@ -136,15 +136,17 @@ function SelectStories({
 
   const { authors } = useSelect(
     (select) => {
+      const { getUsers, getPostType } = select(coreStore);
+
+      const capabilities = getPostType('web-story')?.capabilities['edit_posts'];
+
       const query = {
         search: authorKeyword,
+        capabilities,
       };
-
-      const { getAuthors } = select(coreStore);
-
       return {
-        // Not using `getUsers()` because it requires `list_users` capability.
-        authors: getAuthors(query),
+        // Only load users when capability has been fetched already.
+        authors: capabilities ? getUsers(query) : [],
       };
     },
     [authorKeyword]
@@ -206,7 +208,7 @@ function SelectStories({
   );
 
   const authorSearchOptions = useMemo(() => {
-    return authors
+    return (authors ?? [])
       .filter(({ name }) => Boolean(name?.trim().length))
       .map(({ id, name }) => ({
         label: name,

diff --git a/tests/phpunit/integration/tests/REST_API/Stories_Users_Controller.php b/tests/phpunit/integration/tests/REST_API/Stories_Users_Controller.php
@@ -71,108 +71,6 @@ public function test_register(): void {
 		$this->assertCount( 2, $routes['/web-stories/v1/users'] );
 	}
 
-	/**
-	 * @covers ::filter_user_query
-	 */
-	public function test_filter_user_query_pre_wp_59(): void {
-		if ( is_wp_version_compatible( '5.9.0' ) ) {
-			$this->markTestSkipped( 'This test requires WordPress < 5.9.' );
-		}
-
-		$actual = $this->controller->filter_user_query( [ 'who' => 'authors' ] );
-		$this->assertEqualSets(
-			[
-				'who'    => 'authors',
-				'fields' => 'all_with_meta',
-			],
-			$actual
-		);
-	}
-
-	/**
-	 * @covers ::filter_user_query
-	 */
-	public function test_filter_user_query_wp_59(): void {
-		if ( ! is_wp_version_compatible( '5.9.0' ) ) {
-			$this->markTestSkipped( 'This test requires WordPress 5.9.' );
-		}
-
-		$actual = $this->controller->filter_user_query( [ 'who' => 'authors' ] );
-		$this->assertEqualSets(
-			[
-				'capabilities' => [ 'edit_web-stories' ],
-				'fields'       => 'all_with_meta',
-			],
-			$actual
-		);
-	}
-
-	/**
-	 * @covers ::filter_user_query
-	 */
-	public function test_filter_user_query_capabilities_query_supported(): void {
-		add_filter( 'rest_user_collection_params', [ $this, 'filter_rest_user_collection_params' ] );
-
-		$actual = $this->controller->filter_user_query( [ 'who' => 'authors' ] );
-
-		remove_filter( 'rest_user_collection_params', [ $this, 'filter_rest_user_collection_params' ] );
-
-		$this->assertEqualSets(
-			[
-				'capabilities' => [ 'edit_web-stories' ],
-				'fields'       => 'all_with_meta',
-			],
-			$actual
-		);
-	}
-
-	public function filter_rest_user_collection_params( array $query_params ): array {
-		$query_params['capabilities'] = [
-			'type'  => 'array',
-			'items' => [
-				'type' => 'string',
-			],
-		];
-
-		return $query_params;
-	}
-
-	/**
-	 * @covers ::filter_user_query
-	 */
-	public function test_filter_user_query_wp_59_existing_query(): void {
-		if ( version_compare( get_bloginfo( 'version' ), '5.9.0', '<' ) ) {
-			$this->markTestSkipped( 'This test requires WordPress 5.9.' );
-		}
-
-		$actual = $this->controller->filter_user_query(
-			[
-				'who'          => 'authors',
-				'capabilities' => [ 'edit_posts' ],
-			]
-		);
-		$this->assertEqualSets(
-			[
-				'capabilities' => [ 'edit_posts', 'edit_web-stories' ],
-				'fields'       => 'all_with_meta',
-			],
-			$actual
-		);
-	}
-
-	/**
-	 * @covers ::filter_user_query
-	 */
-	public function test_filter_user_query_no_change(): void {
-		$args    = [
-			'orderby' => 'registered',
-			'order'   => 'ASC',
-			'fields'  => 'all_with_meta',
-		];
-		$results = $this->controller->filter_user_query( $args );
-		$this->assertEqualSets( $args, $results );
-	}
-
 	/**
 	 * @covers ::user_posts_count_public
 	 * @covers \Google\Web_Stories\Story_Post_Type::clear_user_posts_count