-
Notifications
You must be signed in to change notification settings - Fork 131
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix bug preventing previewing posts authored by other users #597
Conversation
I don't think However one test is failing:
I've been seeing the same errors on my own company's tests that use |
I haven't been able to recreate this behavior with WP 5.4 using the block editor or the classic editor. What version of WP are you using? And is it possible to add a screencapture of the behavior you're seeing? Thanks! |
Using WordPress 5.4, and Edit-Flow at I follow the above steps. I get the "actual behaviour" described above. Here's the screenshot with User B logged in, before and after clicking on the "Preview" button. |
@mallorydxw Ah I was able to recreate it now, thanks for sending along those screen captures! I think based on your findings it seems like it'd be better to just rely on the latest autosave and not pass a user id at all, what do you think? |
@mallorydxw let me know what you think about removing the user id, and feel free to merge whenever you're ready |
I wonder what would happen if user A makes a change and it autosaves, then user B takes over editing and clicks "preview" without making any changes. It feels safer to include the current user's ID.
Thanks! Since you trust me to decide I'll go with what seems safer. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah yea, makes sense. LGTM!
Thanks for approving @cojennin!
GitHub says I don't have the right permissions: "You’re not authorized to merge this pull request." |
@mallorydxw Ah yea, think it's a protected branch. Try now? Just updated the settings. |
@cojennin It's still showing the the same message for me. Do you want to go ahead and merge it? |
Bug description: The author of a post can preview changes to their own published posts, but other users see the content of the published post when previewing. This is due to checking for the autosaves of `$query_args->post_author` instead of the autosaves of `get_current_user_id()`. Steps to reproduce: 1. Log in as user A 2. Create a new post, press "Publish" 3. Log in as user B 4. Visit the edit page for the post that was just created 5. Add to the post's content (without pressing "Update") 6. Click "Preview" Expected behaviour: The content added by user B appears in the preview. Actual behaviour: The content added by user B doesn't appear in the preview of the post.
5b4a3a8
to
233750f
Compare
@mallorydxw Just merged! I'll try and figure out what's going on with the repository permissions |
Bug description:
The author of a post can preview changes to their own published posts,
but other users see the content of the published post when previewing.
This is due to checking for the autosaves of
$query_args->post_author
instead of the autosaves of
get_current_user_id()
.Steps to reproduce:
Expected behaviour:
The content added by user B appears in the preview.
Actual behaviour:
The content added by user B doesn't appear in the preview of the post.