Merge pull request #1866 from WP-API/fix-comment-edit-context-cap

Fix invalid capability for comments get items permissions callback

lib/endpoints/class-wp-rest-comments-controller.php

@@ -358,7 +358,7 @@ public function get_items_permissions_check( $request ) {
 			}
 		}
 
-		if ( ! empty( $request['context'] ) && 'edit' === $request['context'] && ! current_user_can( 'manage_comments' ) ) {
+		if ( ! empty( $request['context'] ) && 'edit' === $request['context'] && ! current_user_can( 'moderate_comments' ) ) {
 			return new WP_Error( 'rest_forbidden_context', __( 'Sorry, you cannot view comments with edit context.' ), array( 'status' => rest_authorization_required_code() ) );
 		}
 

tests/test-rest-comments-controller.php

@@ -96,6 +96,14 @@ public function test_get_items_no_permission() {
 		$this->assertErrorResponse( 'rest_forbidden_context', $response, 401 );
 	}
 
+	public function test_get_items_edit_context() {
+		wp_set_current_user( $this->admin_id );
+		$request = new WP_REST_Request( 'GET', '/wp/v2/comments' );
+		$request->set_param( 'context', 'edit' );
+		$response = $this->server->dispatch( $request );
+		$this->assertEquals( 200, $response->get_status() );
+	}
+
 	public function test_get_items_for_post() {
 		$second_post_id = $this->factory->post->create();
 		$this->factory->comment->create_post_comments( $second_post_id, 2 );