diff --git a/lib/compat/wordpress-6.5/class-gutenberg-rest-global-styles-revisions-controller-6-5.php b/lib/compat/wordpress-6.5/class-gutenberg-rest-global-styles-revisions-controller-6-5.php index e7b2ac85f6e52..74fa31d53199e 100644 --- a/lib/compat/wordpress-6.5/class-gutenberg-rest-global-styles-revisions-controller-6-5.php +++ b/lib/compat/wordpress-6.5/class-gutenberg-rest-global-styles-revisions-controller-6-5.php @@ -69,6 +69,15 @@ public function get_item( $request ) { return $revision; } + if ( (int) $parent->ID !== (int) $revision->post_parent ) { + return new WP_Error( + 'rest_revision_parent_id_mismatch', + /* translators: %d: A post id. */ + sprintf( __( 'The revision does not belong to the specified parent with id of "%d"' ), $parent->ID ), + array( 'status' => 404 ) + ); + } + $response = $this->prepare_item_for_response( $revision, $request ); return rest_ensure_response( $response ); } diff --git a/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php b/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php index 2ae53f9338389..30780c50f1863 100644 --- a/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php +++ b/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php @@ -19,6 +19,11 @@ class Gutenberg_REST_Global_Styles_Revisions_Controller_Test extends WP_Test_RES */ protected static $global_styles_id; + /** + * @var int + */ + protected static $global_styles_id_2; + /** * @var array */ @@ -56,6 +61,20 @@ public static function wpSetupBeforeClass( $factory ) { ) ); + // This creates another global styles post for the current theme. + self::$global_styles_id_2 = $factory->post->create( + array( + 'post_content' => '{"version": ' . WP_Theme_JSON::LATEST_SCHEMA . ', "isGlobalStylesUserThemeJSON": true }', + 'post_status' => 'publish', + 'post_title' => __( 'Custom Styles', 'default' ), + 'post_type' => 'wp_global_styles', + 'post_name' => 'wp-global-styles-tt1-blocks-revisions-2', + 'tax_input' => array( + 'wp_theme' => 'tt1-blocks', + ), + ) + ); + // Update post to create a new revisions. $new_styles_post = array( 'ID' => self::$global_styles_id, @@ -189,6 +208,36 @@ public function test_register_routes() { ); } + /** + * @ticket 59810 + * + * @covers WP_REST_Global_Styles_Controller::get_items + */ + public function test_get_item_valid_parent_id() { + wp_set_current_user( self::$admin_id ); + $request = new WP_REST_Request( 'GET', '/wp/v2/global-styles/' . self::$global_styles_id . '/revisions/' . $this->revision_1_id ); + $response = rest_get_server()->dispatch( $request ); + $data = $response->get_data(); + + $this->assertSame( self::$global_styles_id, $data['parent'], "The returned revision's id should match the parent id." ); + $this->check_get_revision_response( $data, $this->revision_1 ); + } + + /** + * @ticket 59810 + * + * @covers WP_REST_Global_Styles_Controller::get_items + */ + public function test_get_item_invalid_parent_id() { + wp_set_current_user( self::$admin_id ); + $request = new WP_REST_Request( 'GET', '/wp/v2/global-styles/' . self::$global_styles_id_2 . '/revisions/' . $this->revision_1_id ); + $response = rest_get_server()->dispatch( $request ); + $this->assertErrorResponse( 'rest_revision_parent_id_mismatch', $response, 404 ); + + $expected_message = 'The revision does not belong to the specified parent with id of "' . self::$global_styles_id_2 . '"'; + $this->assertSame( $expected_message, $response->as_error()->get_error_messages()[0], 'The message must contain the correct parent ID.' ); + } + /** * Utility function to check the items in WP_REST_Global_Styles_Controller::get_items * against the expected values.