Merge branch '2.x' into 2.x-cs-imports

timber · Jan 12, 2023 · 8d2534c · 8d2534c
2 parents 0dc88ec + ee4395f
commit 8d2534c
Show file tree

Hide file tree

Showing 13 changed files with 364 additions and 15 deletions.
diff --git a/docs/v2/upgrade-guides/2.0.md b/docs/v2/upgrade-guides/2.0.md
@@ -1061,11 +1061,13 @@ The whole `Timber\Integration\Command` class was removed. Its methods were moved
 
 - `raw_meta()` – Gets a user meta value directly from the database.
 - `wp_object()` - Gets the underlying WordPress Core object.
+- `edit_link()` – Gets the edit link for a user if the current user has the correct rights.
 
 **Timber\Comment**
 
 - `raw_meta()` – Gets a comment meta value directly from the database.
 - `wp_object()` - Gets the underlying WordPress Core object.
+- `edit_link()` - Gets the edit link for a comment if the current user has the correct rights.
 
 **Timber\Menu**
 

diff --git a/src/Comment.php b/src/Comment.php
@@ -484,6 +484,46 @@ public function reply_link($reply_text = 'Reply')
         return get_comment_reply_link($args, $this->ID, $this->post_id);
     }
 
+    /**
+     * Checks whether the current user can edit the comment.
+     *
+     * @api
+     * @example
+     * ```twig
+     * {% if comment.can_edit %}
+     *     <a href="{{ comment.edit_link }}">Edit</a>
+     * {% endif %}
+     * ```
+     * @return bool
+     */
+    public function can_edit(): bool
+    {
+        return current_user_can('edit_comment', $this->ID);
+    }
+
+    /**
+     * Gets the edit link for a comment if the current user has the correct rights.
+     *
+     * @api
+     * @since 2.0.0
+     * @example
+     * ```twig
+     * {% if comment.can_edit %}
+     *     <a href="{{ comment.edit_link }}">Edit</a>
+     * {% endif %}
+     * ```
+     * @return string|null The edit URL of a comment in the WordPress admin or null if the current user can’t edit the
+     *                     comment.
+     */
+    public function edit_link(): ?string
+    {
+        if (!$this->can_edit()) {
+            return null;
+        }
+
+        return get_edit_comment_link($this->ID);
+    }
+
     /* AVATAR Stuff
     ======================= */
 

diff --git a/src/CoreEntityInterface.php b/src/CoreEntityInterface.php
@@ -15,4 +15,11 @@ interface CoreEntityInterface
      * @return object|null
      */
     public function wp_object();
+
+    /**
+     * Checks whether the current user can edit the object.
+     *
+     * @return bool
+     */
+    public function can_edit(): bool;
 }
diff --git a/src/Menu.php b/src/Menu.php
@@ -574,4 +574,16 @@ public function __toString()
 
         return $nav_menu;
     }
+
+    /**
+     * Checks whether the current user can edit the menu.
+     *
+     * @api
+     * @since 2.0.0
+     * @return bool
+     */
+    public function can_edit(): bool
+    {
+        return current_user_can('edit_theme_options');
+    }
 }
diff --git a/src/MenuItem.php b/src/MenuItem.php
@@ -583,4 +583,16 @@ public function title()
         $title = apply_filters('nav_menu_item_title', $this->title, $this->wp_object, $this->menu->args ? $this->menu->args : new stdClass(), $this->level);
         return $title;
     }
+
+    /**
+     * Checks whether the current user can edit the menu item.
+     *
+     * @api
+     * @since 2.0.0
+     * @return bool
+     */
+    public function can_edit(): bool
+    {
+        return current_user_can('edit_theme_options');
+    }
 }
diff --git a/src/Post.php b/src/Post.php
@@ -1502,16 +1502,42 @@ public function type()
     }
 
     /**
-     * Returns the edit URL of a post if the user has access to it
+     * Checks whether the current user can edit the post.
      *
      * @api
-     * @return bool|string the edit URL of a post in the WordPress admin
+     * @example
+     * ```twig
+     * {% if post.can_edit %}
+     *     <a href="{{ post.edit_link }}">Edit</a>
+     * {% endif %}
+     * ```
+     * @return bool
      */
-    public function edit_link()
+    public function can_edit(): bool
     {
-        if ($this->can_edit()) {
-            return get_edit_post_link($this->ID);
+        return current_user_can('edit_post', $this->ID);
+    }
+
+    /**
+     * Gets the edit link for a post if the current user has the correct rights.
+     *
+     * @api
+     * @example
+     * ```twig
+     * {% if post.can_edit %}
+     *     <a href="{{ post.edit_link }}">Edit</a>
+     * {% endif %}
+     * ```
+     * @return string|null The edit URL of a post in the WordPress admin or null if the current user can’t edit the
+     *                     post.
+     */
+    public function edit_link(): ?string
+    {
+        if (!$this->can_edit()) {
+            return null;
         }
+
+        return get_edit_post_link($this->ID);
     }
 
     /**

diff --git a/src/Term.php b/src/Term.php
@@ -301,11 +301,41 @@ public function description()
     }
 
     /**
+     * Checks whether the current user can edit the term.
+     *
      * @api
-     * @return string
+     * @example
+     * ```twig
+     * {% if term.can_edit %}
+     *     <a href="{{ term.edit_link }}">Edit</a>
+     * {% endif %}
+     * ```
+     * @return bool
      */
-    public function edit_link()
+    public function can_edit(): bool
     {
+        return current_user_can('edit_term', $this->ID);
+    }
+
+    /**
+     * Gets the edit link for a term if the current user has the correct rights.
+     *
+     * @api
+     * @example
+     * ```twig
+     * {% if term.can_edit %}
+     *    <a href="{{ term.edit_link }}">Edit</a>
+     * {% endif %}
+     * ```
+     * @return string|null The edit URL of a term in the WordPress admin or null if the current user can’t edit the
+     *                     term.
+     */
+    public function edit_link(): ?string
+    {
+        if (!$this->can_edit()) {
+            return null;
+        }
+
         return get_edit_term_link($this->ID, $this->taxonomy);
     }
 
@@ -322,7 +352,7 @@ public function edit_link()
      */
     public function link()
     {
-        $link = get_term_link($this);
+        $link = get_term_link($this->wp_object);
 
         /**
          * Filters the link to the term archive page.

diff --git a/src/User.php b/src/User.php
@@ -388,6 +388,56 @@ public function can($capability, ...$args)
         return user_can($this->wp_object, $capability, ...$args);
     }
 
+    /**
+     * Checks whether the current user can edit the post.
+     *
+     * @api
+     * @example
+     * ```twig
+     * {% if user.can_edit %}
+     *     <a href="{{ user.edit_link }}">Edit</a>
+     * {% endif %}
+     * ```
+     * @return bool
+     */
+    public function can_edit(): bool
+    {
+        return current_user_can('edit_user', $this->ID);
+    }
+
+    /**
+     * Gets the edit link for a user if the current user has the correct rights or the profile link for the current
+     * user.
+     *
+     * @api
+     * @since 2.0.0
+     * @example
+     * ```twig
+     * {% if user.can_edit %}
+     *     <a href="{{ user.edit_link }}">Edit</a>
+     * {% endif %}
+     * ```
+     *
+     * Get the profile URL for the current user:
+     *
+     * ```twig
+     * {# Assuming user is the current user. #}
+     * {% if user %}
+     *     <a href="{{ user.edit_link }}">My profile</a>
+     * {% endif %}
+     * ```
+     * @return string|null The edit URL of a user in the WordPress admin or the profile link if the user object is for
+     *                     the current user. Null if the current user can’t edit the user.
+     */
+    public function edit_link(): ?string
+    {
+        if (!$this->can_edit()) {
+            return null;
+        }
+
+        return get_edit_user_link($this->ID);
+    }
+
     /**
      * Gets a user’s avatar URL.
      *

diff --git a/tests/test-timber-comment.php b/tests/test-timber-comment.php
@@ -294,6 +294,64 @@ public function testCommentOrderBy()
         $this->assertEquals('Kramer, Elaine Benes, J. Peterman, ', $compiled);
     }
 
+    public function testCanEdit()
+    {
+        $subscriber_id = $this->factory->user->create([
+            'display_name' => 'Subscriber Sam',
+            'user_login' => 'subsam',
+            'role' => 'subscriber',
+        ]);
+
+        $post_id = $this->factory->post->create();
+        $comment_id = $this->factory->comment->create([
+            'comment_post_ID' => $post_id,
+            'comment_content' => 'What a week!',
+            'comment_date' => '2021-05-16 09:01:00',
+        ]);
+        $comment = Timber::get_comment($comment_id);
+
+        // Test admin role.
+        wp_set_current_user(1);
+        $this->assertTrue($comment->can_edit());
+
+        // Test subscriber role.
+        wp_set_current_user($subscriber_id);
+        $this->assertFalse($comment->can_edit());
+
+        wp_set_current_user(0);
+    }
+
+    public function testEditLink()
+    {
+        $subscriber_id = $this->factory->user->create([
+            'display_name' => 'Subscriber Sam',
+            'user_login' => 'subsam',
+            'role' => 'subscriber',
+        ]);
+
+        $post_id = $this->factory->post->create();
+        $comment_id = $this->factory->comment->create([
+            'comment_post_ID' => $post_id,
+            'comment_content' => 'What a week!',
+            'comment_date' => '2021-05-16 09:01:00',
+        ]);
+
+        $comment = Timber::get_comment($comment_id);
+
+        // Test admin role.
+        wp_set_current_user(1);
+        $this->assertEquals(
+            'http://example.org/wp-admin/comment.php?action=editcomment&amp;c=' . $comment_id,
+            $comment->edit_link()
+        );
+
+        // Test subscriber role.
+        wp_set_current_user($subscriber_id);
+        $this->assertNull($comment->edit_link());
+
+        wp_set_current_user(0);
+    }
+
     public function testWPObject()
     {
         $comment_id = $this->factory->comment->create();

diff --git a/tests/test-timber-menu.php b/tests/test-timber-menu.php
@@ -1078,6 +1078,53 @@ public function testMenuWalker()
         $this->assertStringContainsString('id="my-unique-container-id"', $nav_menu_timber);
     }
 
+    public function testMenuCanEdit()
+    {
+        self::_createTestMenu();
+
+        $subscriber_id = $this->factory->user->create([
+            'display_name' => 'Subscriber Sam',
+            'user_login' => 'subsam',
+            'role' => 'subscriber',
+        ]);
+
+        $menu = Timber::get_menu('Menu One');
+
+        // Test admin role.
+        wp_set_current_user(1);
+        $this->assertTrue($menu->can_edit());
+
+        // Test subscriber role.
+        wp_set_current_user($subscriber_id);
+        $this->assertFalse($menu->can_edit());
+
+        wp_set_current_user(0);
+    }
+
+    public function testMenuItemCanEdit()
+    {
+        self::_createTestMenu();
+
+        $subscriber_id = $this->factory->user->create([
+            'display_name' => 'Subscriber Sam',
+            'user_login' => 'subsam',
+            'role' => 'subscriber',
+        ]);
+
+        $menu = Timber::get_menu('Menu One');
+        $menu_items = $menu->get_items();
+
+        // Test admin role.
+        wp_set_current_user(1);
+        $this->assertTrue($menu_items[0]->can_edit());
+
+        // Test subscriber role.
+        wp_set_current_user($subscriber_id);
+        $this->assertFalse($menu_items[0]->can_edit());
+
+        wp_set_current_user(0);
+    }
+
     public function testWPObject()
     {
         $menu_id = self::_createTestMenu()['term_id'];