Editor freezes when current user role doesn't have 'edit_posts' capability

[mateusmeyer]

Describe the bug
When using a user with a role that has 'edit_posts' capability disabled, Gutenberg freezes. It's a Javascript infinite loop somewhere in Gutenberg, as page freezes completely.

To reproduce
Steps to reproduce the behavior:

1. Make sure test copy have a custom post type for testing the bug. Example:

$labels = array(
    'name'                  => _x( 'Books', 'Post type general name', 'textdomain' ),
    'singular_name'         => _x( 'Book', 'Post type singular name', 'textdomain' ),
    'menu_name'             => _x( 'Books', 'Admin Menu text', 'textdomain' ),
    'name_admin_bar'        => _x( 'Book', 'Add New on Toolbar', 'textdomain' ),
    'add_new'               => __( 'Add New', 'textdomain' ),
    'add_new_item'          => __( 'Add New Book', 'textdomain' ),
    'new_item'              => __( 'New Book', 'textdomain' ),
    'edit_item'             => __( 'Edit Book', 'textdomain' ),
    'view_item'             => __( 'View Book', 'textdomain' ),
    'all_items'             => __( 'All Books', 'textdomain' ),
    'search_items'          => __( 'Search Books', 'textdomain' ),
    'parent_item_colon'     => __( 'Parent Books:', 'textdomain' ),
    'not_found'             => __( 'No books found.', 'textdomain' ),
    'not_found_in_trash'    => __( 'No books found in Trash.', 'textdomain' ),
    'featured_image'        => _x( 'Book Cover Image', 'Overrides the “Featured Image” phrase for this post type. Added in 4.3', 'textdomain' ),
    'set_featured_image'    => _x( 'Set cover image', 'Overrides the “Set featured image” phrase for this post type. Added in 4.3', 'textdomain' ),
    'remove_featured_image' => _x( 'Remove cover image', 'Overrides the “Remove featured image” phrase for this post type. Added in 4.3', 'textdomain' ),
    'use_featured_image'    => _x( 'Use as cover image', 'Overrides the “Use as featured image” phrase for this post type. Added in 4.3', 'textdomain' ),
    'archives'              => _x( 'Book archives', 'The post type archive label used in nav menus. Default “Post Archives”. Added in 4.4', 'textdomain' ),
    'insert_into_item'      => _x( 'Insert into book', 'Overrides the “Insert into post”/”Insert into page” phrase (used when inserting media into a post). Added in 4.4', 'textdomain' ),
    'uploaded_to_this_item' => _x( 'Uploaded to this book', 'Overrides the “Uploaded to this post”/”Uploaded to this page” phrase (used when viewing media attached to a post). Added in 4.4', 'textdomain' ),
    'filter_items_list'     => _x( 'Filter books list', 'Screen reader text for the filter links heading on the post type listing screen. Default “Filter posts list”/”Filter pages list”. Added in 4.4', 'textdomain' ),
    'items_list_navigation' => _x( 'Books list navigation', 'Screen reader text for the pagination heading on the post type listing screen. Default “Posts list navigation”/”Pages list navigation”. Added in 4.4', 'textdomain' ),
    'items_list'            => _x( 'Books list', 'Screen reader text for the items list heading on the post type listing screen. Default “Posts list”/”Pages list”. Added in 4.4', 'textdomain' ),
);

$args = array(
    'labels'             => $labels,
    'public'             => true,
    'publicly_queryable' => true,
    'show_ui'            => true,
    'show_in_menu'       => true,
    'show_in_rest'       => true,
    'query_var'          => true,
    'rewrite'            => array( 'slug' => 'book' ),
    'capability_type'    => 'book',
    'has_archive'        => true,
    'hierarchical'       => false,
    'menu_position'      => 60,
    'supports'           => array( 'title', 'editor', 'author', 'thumbnail', 'excerpt', 'comments' ),
);

2. Create a role without edit_posts capability` and assign a user on it. Example of role:

global $wp_roles;
add_role(
    'buggy2_role',
    'Buggy2 Role',
    array_merge(
        $wp_roles->get_role('administrator')->capabilities,
        [
            'edit_posts' => false,
            'edit_book' => true,
            'read_book' => true,
            'delete_book' => true,
            'edit_books' => true,
            'edit_others_books' => true,
            'publish_books' => true,
            'read_private_books' => true,
            'delete_books' => true,
            'delete_private_books' => true,
            'delete_published_books' => true,
            'delete_others_posts' => true,
            'edit_private_books' => true,
            'edit_published_posts' => true
        ]
    )
);

3. Create or edit a post of any custom post type

Expected behavior
Gutenberg editor should work flawlessly, without freezes.

Screenshots
https://user-images.githubusercontent.com/18129145/102828786-52fe9880-43c4-11eb-826f-ac5c339918b3.mp4 (indeed a JS freeze)

Editor version:

• WordPress version: 5.6
• Does the website has Gutenberg plugin installed, or is it using the block editor that comes by default? default
• If the Gutenberg plugin is installed, which version is it? n/a

Desktop:

• OS: Linux
• Browser: Firefox, Chromium
• Version: 85.0a1, 87

Smartphone:

• Device: not tested
• OS: not tested
• Browser not tested
• Version not tested

[sbossarte]

Discovered this issue while trying to set up a new site, glad someone else noticed this, too.

Perhaps worth noting even without any custom post types, even if you simply try to edit the built-in page type and you do not have the edit_posts capability, it will still freeze in this scenario.

[TheFerrettDeveloper]

We cannot reproduce this specifically on our end, but we run a site with about 150 writers, and several of them have reported issues similar to this. We use custom post types, and none of our authors have edit_posts capabilities. It's difficult to say because we cannot repro even when logged in as them, but if there's any data we can provide (as filtered through technically proficient but not developer-quality users), please let me know and we'll ask them for data when it freezes.

[hanopcan]

I have noticed the same problem as well, and I seem able to reliably replicate the behaviour on a clean WordPress install using customisations in a child theme of TwentyTwenty theme. I've also noticed if I install the classic editor plugin and disable Gutenberg the editing page loads as it should, so it does appear to be Gutenberg causing the problem.

I'm creating a custom post type and a custom role, then assigning the CPT custom capabilities to the new role.

Custom post type registration code

$args = array(
		'labels'             => $labels,
		'public'             => true,
		'publicly_queryable' => true,
		'show_ui'            => true,
		'show_in_menu'       => true,
		'show_in_rest'       => true,
		'query_var'          => true,
		'rewrite'            => array(
			'slug' => 'volunteer-opportunity',
			'with_front' => false,
		),
		'capability_type'    => array( 'opportunity', 'opportunities' ),
		'map_meta_cap'       => true,
		'has_archive'        => true,
		'menu_position'      => null,
		'supports'           => array( 'title', 'editor', 'author', 'thumbnail', 'excerpt' ),
		'taxonomies'         => array( 'opportunity-type', 'opportunity-location' ),
	);

	register_post_type( 'vol-opportunity', $args );

Custom role creation and addition of capabilities

function xx__update_custom_roles() {
	$capabilities  = get_role( 'subscriber' )->capabilities; 
	$capabilities['edit_opportunities'] = true;

	add_role(
		'organisation',
		'Organisation admin',
		$capabilities
	);
}
add_action( 'init', 'xx__update_custom_roles' );

[noisysocks]

I haven't confirmed this but adding to 5.7 board as it sounds potentially impactful.

[skorasaurus]

This was also reported at #28071 and I was able to reproduce the bug using the test case that's provided at that issue but I can only reproduce when using the version of gutenberg that is included with 5.6..;

I cannot reproduce with the gutenberg plugin (9.7.0) activated.

@metalandcoffee and @mateusmeyer : Are you still experiencing this issue when you install and activate the gutenberg plugin at https://wordpress.org/plugins/gutenberg/
That plugin continues the latest version of the block editor and includes newer code not found in WordPress 5.6

[mateusmeyer]

@skorasaurus It's working without freezing after activating Gutenberg plugin.

[metalandcoffee]

Hi @skorasaurus 👋🏾 I have also confirmed that the issue is resolved when activating the Gutenberg plugin. I wonder what specific code update resolved this issue.

[skorasaurus]

I did some troubleshooting; the fix was introduced into Gutenberg sometime between Gutenberg 9.3.0 and 9.4.0. ; if someone else wants to find the specific commit so it could get backported into a 5.6.x release, they can go ahead.

[kraftner]

I can also confirm this.

Since switching to Gutenberg isn't any easy path to take due to multiple other changes that this would introduce I think this urgently needs to go into 5.6.1.

[wpf500]

Hi, I've also seen this and have done a bit of digging based on the hint in #27854 (comment). I'm not familiar with the Gutenberg codebase at all so I just used git bisect to find the commit where it stopped freezing and it looks like it's 259751d (#26447).

As a test I've hacked the EMPTY_ARRAY changes into my WP 5.6.1 wp-includes/js/dist/core-data.min.js and it works!

Hopefully the commit can just be cherry picked but I don't know how all the various versions of Gutenberg fit with WP releases. So in terms of getting this into a release I'm not sure what the next steps are but hopefully someone else does :)

[skorasaurus]

Thanks @wpf500

This will definitely be a part of WordPress 5.7 (to be released on March 9th) which will have everything from Gutenberg through 9.9. I don't know if there will be another WordPress 5.6.* release.

[talldan]

I've labelled #26447 with the 'Backport to Minor Release' label, so that if there is a 5.6.2 it'll be included.

[paaljoachim]

There are plans for a 5.6.2 release.
@audrasjb JB will likely create a P2 post Monday/Tuesday.

[talldan]

Removing this from the 5.7 project board, as the fix (#26447) is already included in 5.7.

[kraftner]

I can confirm that 5.6.2 fixed this 🥳
I think the issue can hence be closed.

[skorasaurus]

Thanks, please reopen if you're still experiencing this in 5.6.2 or a newer version :)