Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Forms: fix permission check in Responses endpoint #29223

Merged
merged 2 commits into from
Mar 2, 2023

Conversation

jeherve
Copy link
Member

@jeherve jeherve commented Mar 1, 2023

Proposed changes:

Other information:

  • Have you written new tests for your changes, if applicable?
  • Have you checked the E2E test CI results, and verified that your changes do not break them?
  • Have you tested your changes on WordPress.com, if applicable (if so, you'll see a generated comment below with a script to run)?

Jetpack product discussion

  • N/A

Does this pull request change what data or activity we track or use?

  • No

Testing instructions:

Start by enabling the new Forms interface, by adding the following to a functionality plugin:

add_filter( 'jetpack_contact_form_use_package', '__return_true' );
add_filter( 'jetpack_forms_dashboard_enable', '__return_true' );

Then, before you check out this branch:

  1. Go to https://yoursite.com/wp-json/wpcom/v2/forms/responses
  2. View responses, even though you are not authenticated.
  3. Check out this branch, and reload the page above.
  4. Get a permission error.
  5. In wp-admin, go to the Feedback menu.
  6. In your browser console, fetch responses and check that they are all returned: wp.apiFetch({path: '/wpcom/v2/forms/responses'}).then(r=>console.log(r))

This is a follow-up to #29043. When registering the endpoint, we used the wrong parameter to define permissions.
@jeherve jeherve added [Type] Bug When a feature is broken and / or not performing as intended [Feature] Contact Form [Status] Needs Review To request a review from fellow Jetpack developers. Label will be renamed soon. [Pri] High [Status] Needs Team Review [Package] Forms labels Mar 1, 2023
@jeherve jeherve requested a review from CGastrell March 1, 2023 10:46
@jeherve jeherve self-assigned this Mar 1, 2023
@jeherve jeherve enabled auto-merge (squash) March 1, 2023 10:46
@github-actions
Copy link
Contributor

github-actions bot commented Mar 1, 2023

Are you an Automattician? You can now test your Pull Request on WordPress.com. On your sandbox, run

bin/jetpack-downloader test jetpack fix/forms-endpoint-permissions

to get started. More details: p9dueE-5Nn-p2

@github-actions
Copy link
Contributor

github-actions bot commented Mar 1, 2023

Thank you for your PR!

When contributing to Jetpack, we have a few suggestions that can help us test and review your patch:

  • ✅ Include a description of your PR changes.
  • ✅ All commits were linted before commit.
  • ✅ Add a "[Status]" label (In Progress, Needs Team Review, ...).
  • ✅ Add testing instructions.
  • ✅ Specify whether this PR includes any changes to data or privacy.
  • ✅ Add changelog entries to affected projects

This comment will be updated as you work on your PR and make changes. If you think that some of those checks are not needed for your PR, please explain why you think so. Thanks for cooperation 🤖


The e2e test report can be found here. Please note that it can take a few minutes after the e2e tests checks are complete for the report to be available.


Once your PR is ready for review, check one last time that all required checks (other than "Required review") appearing at the bottom of this PR are passing or skipped.
Then, add the "[Status] Needs Team review" label and ask someone from your team review the code.
Once you’ve done so, switch to the "[Status] Needs Review" label; someone from Jetpack Crew will then review this PR and merge it to be included in the next Jetpack release.

Copy link
Contributor

@CGastrell CGastrell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oopsie!

LGTM! :shipit:

@CGastrell CGastrell added [Status] Ready to Merge Go ahead, you can push that green button! and removed [Status] Needs Team Review [Status] Needs Review To request a review from fellow Jetpack developers. Label will be renamed soon. labels Mar 1, 2023
@jeherve jeherve added [Status] Needs Review To request a review from fellow Jetpack developers. Label will be renamed soon. and removed [Status] Ready to Merge Go ahead, you can push that green button! labels Mar 2, 2023
@kraftbj kraftbj added [Status] Ready to Merge Go ahead, you can push that green button! and removed [Status] Needs Review To request a review from fellow Jetpack developers. Label will be renamed soon. labels Mar 2, 2023
@jeherve jeherve merged commit 9883a26 into trunk Mar 2, 2023
@jeherve jeherve deleted the fix/forms-endpoint-permissions branch March 2, 2023 14:10
@github-actions github-actions bot removed the [Status] Ready to Merge Go ahead, you can push that green button! label Mar 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
[Feature] Contact Form [Package] Forms [Pri] High [Type] Bug When a feature is broken and / or not performing as intended
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants