@wordpress/core-data 7.3.0 → 7.5.0

package/src/test/resolvers.js

@@ -19,6 +19,7 @@ import {
 
 describe( 'getEntityRecord', () => {
 	const POST_TYPE = { slug: 'post' };
+	const POST_TYPE_RESPONSE = { json: () => Promise.resolve( POST_TYPE ) };
 	const ENTITIES = [
 		{
 			name: 'postType',
@@ -27,28 +28,37 @@ describe( 'getEntityRecord', () => {
 			baseURLParams: { context: 'edit' },
 		},
 	];
+	const registry = { batch: ( callback ) => callback() };
 
+	let dispatch;
 	beforeEach( async () => {
-		triggerFetch.mockReset();
-	} );
-
-	it( 'yields with requested post type', async () => {
-		const dispatch = Object.assign( jest.fn(), {
+		dispatch = Object.assign( jest.fn(), {
 			receiveEntityRecords: jest.fn(),
 			__unstableAcquireStoreLock: jest.fn(),
 			__unstableReleaseStoreLock: jest.fn(),
+			receiveUserPermission: jest.fn(),
+			finishResolution: jest.fn(),
 		} );
+		triggerFetch.mockReset();
+	} );
+
+	it( 'yields with requested post type', async () => {
 		// Provide entities
 		dispatch.mockReturnValueOnce( ENTITIES );
 
 		// Provide response
-		triggerFetch.mockImplementation( () => POST_TYPE );
+		triggerFetch.mockImplementation( () => POST_TYPE_RESPONSE );
 
-		await getEntityRecord( 'root', 'postType', 'post' )( { dispatch } );
+		await getEntityRecord(
+			'root',
+			'postType',
+			'post'
+		)( { dispatch, registry } );
 
 		// Fetch request should have been issued.
 		expect( triggerFetch ).toHaveBeenCalledWith( {
 			path: '/wp/v2/types/post?context=edit',
+			parse: false,
 		} );
 
 		// The record should have been received.
@@ -75,24 +85,18 @@ describe( 'getEntityRecord', () => {
 		const select = {
 			hasEntityRecords: jest.fn( () => {} ),
 		};
-
-		const dispatch = Object.assign( jest.fn(), {
-			receiveEntityRecords: jest.fn(),
-			__unstableAcquireStoreLock: jest.fn(),
-			__unstableReleaseStoreLock: jest.fn(),
-		} );
 		// Provide entities
 		dispatch.mockReturnValueOnce( ENTITIES );
 
 		// Provide response
-		triggerFetch.mockImplementation( () => POST_TYPE );
+		triggerFetch.mockImplementation( () => POST_TYPE_RESPONSE );
 
 		await getEntityRecord(
 			'root',
 			'postType',
 			'post',
 			query
-		)( { dispatch, select } );
+		)( { dispatch, select, registry } );
 
 		// Check resolution cache for an existing entity that fulfills the request with query.
 		expect( select.hasEntityRecords ).toHaveBeenCalledWith(
@@ -104,6 +108,7 @@ describe( 'getEntityRecord', () => {
 		// Trigger apiFetch, test that the query is present in the url.
 		expect( triggerFetch ).toHaveBeenCalledWith( {
 			path: '/wp/v2/types/post?context=view&_envelope=1',
+			parse: false,
 		} );
 
 		// The record should have been received.
@@ -211,10 +216,12 @@ describe( 'getEntityRecords', () => {
 	} );
 
 	it( 'marks specific entity records as resolved', async () => {
+		const finishResolutions = jest.fn();
 		const dispatch = Object.assign( jest.fn(), {
 			receiveEntityRecords: jest.fn(),
 			__unstableAcquireStoreLock: jest.fn(),
 			__unstableReleaseStoreLock: jest.fn(),
+			finishResolutions,
 		} );
 		// Provide entities
 		dispatch.mockReturnValueOnce( ENTITIES );
@@ -230,16 +237,9 @@ describe( 'getEntityRecords', () => {
 		} );
 
 		// The record should have been received.
-		expect( dispatch ).toHaveBeenCalledWith( {
-			type: 'START_RESOLUTIONS',
-			selectorName: 'getEntityRecord',
-			args: [ [ ENTITIES[ 1 ].kind, ENTITIES[ 1 ].name, 2 ] ],
-		} );
-		expect( dispatch ).toHaveBeenCalledWith( {
-			type: 'FINISH_RESOLUTIONS',
-			selectorName: 'getEntityRecord',
-			args: [ [ ENTITIES[ 1 ].kind, ENTITIES[ 1 ].name, 2 ] ],
-		} );
+		expect( finishResolutions ).toHaveBeenCalledWith( 'getEntityRecord', [
+			[ ENTITIES[ 1 ].kind, ENTITIES[ 1 ].name, 2 ],
+		] );
 	} );
 } );
 
@@ -283,7 +283,22 @@ describe( 'getEmbedPreview', () => {
 } );
 
 describe( 'canUser', () => {
-	let registry;
+	const ENTITIES = [
+		{
+			name: 'media',
+			kind: 'root',
+			baseURL: '/wp/v2/media',
+			baseURLParams: { context: 'edit' },
+		},
+		{
+			name: 'wp_block',
+			kind: 'postType',
+			baseURL: '/wp/v2/blocks',
+			baseURLParams: { context: 'edit' },
+		},
+	];
+
+	let dispatch, registry;
 	beforeEach( async () => {
 		registry = {
 			select: jest.fn( () => ( {
@@ -291,19 +306,24 @@ describe( 'canUser', () => {
 			} ) ),
 			batch: ( callback ) => callback(),
 		};
+		dispatch = Object.assign( jest.fn(), {
+			receiveUserPermission: jest.fn(),
+			finishResolution: jest.fn(),
+		} );
+		dispatch.mockReturnValue( ENTITIES );
 		triggerFetch.mockReset();
 	} );
 
 	it( 'does nothing when there is an API error', async () => {
-		const dispatch = Object.assign( jest.fn(), {
-			receiveUserPermission: jest.fn(),
-		} );
-
 		triggerFetch.mockImplementation( () =>
 			Promise.reject( { status: 404 } )
 		);
 
 		await canUser( 'create', 'media' )( { dispatch, registry } );
+		await canUser( 'create', { kind: 'root', name: 'media' } )( {
+			dispatch,
+			registry,
+		} );
 
 		expect( triggerFetch ).toHaveBeenCalledWith( {
 			path: '/wp/v2/media',
@@ -314,11 +334,16 @@ describe( 'canUser', () => {
 		expect( dispatch.receiveUserPermission ).not.toHaveBeenCalled();
 	} );
 
-	it( 'receives false when the user is not allowed to perform an action', async () => {
-		const dispatch = Object.assign( jest.fn(), {
-			receiveUserPermission: jest.fn(),
-		} );
+	it( 'throws an error when an entity resource object is malformed', async () => {
+		await expect(
+			canUser( 'create', { name: 'wp_block' } )( {
+				dispatch,
+				registry,
+			} )
+		).rejects.toThrow( 'The entity resource object is not valid.' );
+	} );
 
+	it( 'receives false when the user is not allowed to perform an action', async () => {
 		triggerFetch.mockImplementation( () => ( {
 			headers: new Map( [ [ 'allow', 'GET' ] ] ),
 		} ) );
@@ -337,11 +362,29 @@ describe( 'canUser', () => {
 		);
 	} );
 
-	it( 'receives true when the user is allowed to perform an action', async () => {
-		const dispatch = Object.assign( jest.fn(), {
-			receiveUserPermission: jest.fn(),
+	it( 'receives false when the user is not allowed to perform an action on entities', async () => {
+		triggerFetch.mockImplementation( () => ( {
+			headers: new Map( [ [ 'allow', 'GET' ] ] ),
+		} ) );
+
+		await canUser( 'create', { kind: 'root', name: 'media' } )( {
+			dispatch,
+			registry,
+		} );
+
+		expect( triggerFetch ).toHaveBeenCalledWith( {
+			path: '/wp/v2/media',
+			method: 'OPTIONS',
+			parse: false,
 		} );
 
+		expect( dispatch.receiveUserPermission ).toHaveBeenCalledWith(
+			'create/root/media',
+			false
+		);
+	} );
+
+	it( 'receives true when the user is allowed to perform an action', async () => {
 		triggerFetch.mockImplementation( () => ( {
 			headers: new Map( [ [ 'allow', 'POST, GET, PUT, DELETE' ] ] ),
 		} ) );
@@ -360,11 +403,29 @@ describe( 'canUser', () => {
 		);
 	} );
 
-	it( 'receives true when the user is allowed to perform an action on a specific resource', async () => {
-		const dispatch = Object.assign( jest.fn(), {
-			receiveUserPermission: jest.fn(),
+	it( 'receives true when the user is allowed to perform an action on entities', async () => {
+		triggerFetch.mockImplementation( () => ( {
+			headers: new Map( [ [ 'allow', 'POST, GET, PUT, DELETE' ] ] ),
+		} ) );
+
+		await canUser( 'create', { kind: 'root', name: 'media' } )( {
+			dispatch,
+			registry,
+		} );
+
+		expect( triggerFetch ).toHaveBeenCalledWith( {
+			path: '/wp/v2/media',
+			method: 'OPTIONS',
+			parse: false,
 		} );
 
+		expect( dispatch.receiveUserPermission ).toHaveBeenCalledWith(
+			'create/root/media',
+			true
+		);
+	} );
+
+	it( 'receives true when the user is allowed to perform an action on a specific resource', async () => {
 		triggerFetch.mockImplementation( () => ( {
 			headers: new Map( [ [ 'allow', 'POST, GET, PUT, DELETE' ] ] ),
 		} ) );
@@ -383,11 +444,33 @@ describe( 'canUser', () => {
 		);
 	} );
 
-	it( 'runs apiFetch only once per resource', async () => {
-		const dispatch = Object.assign( jest.fn(), {
-			receiveUserPermission: jest.fn(),
+	it( 'receives true when the user is allowed to perform an action on a specific entity', async () => {
+		triggerFetch.mockImplementation( () => ( {
+			headers: new Map( [ [ 'allow', 'POST, GET, PUT, DELETE' ] ] ),
+		} ) );
+
+		await canUser( 'create', {
+			kind: 'postType',
+			name: 'wp_block',
+			id: 123,
+		} )( {
+			dispatch,
+			registry,
 		} );
 
+		expect( triggerFetch ).toHaveBeenCalledWith( {
+			path: '/wp/v2/blocks/123',
+			method: 'OPTIONS',
+			parse: false,
+		} );
+
+		expect( dispatch.receiveUserPermission ).toHaveBeenCalledWith(
+			'create/postType/wp_block/123',
+			true
+		);
+	} );
+
+	it( 'runs apiFetch only once per resource', async () => {
 		registry = {
 			...registry,
 			select: () => ( {
@@ -414,11 +497,46 @@ describe( 'canUser', () => {
 		);
 	} );
 
-	it( 'retrieves all permissions even when ID is not given', async () => {
-		const dispatch = Object.assign( jest.fn(), {
-			receiveUserPermission: jest.fn(),
+	it( 'runs apiFetch only once per entity', async () => {
+		registry = {
+			...registry,
+			select: () => ( {
+				hasStartedResolution: ( _, [ action ] ) => action === 'read',
+			} ),
+		};
+
+		triggerFetch.mockImplementation( () => ( {
+			headers: new Map( [ [ 'allow', 'POST, GET' ] ] ),
+		} ) );
+
+		await canUser( 'create', {
+			kind: 'postType',
+			name: 'wp_block',
+		} )( {
+			dispatch,
+			registry,
+		} );
+		await canUser( 'read', {
+			kind: 'postType',
+			name: 'wp_block',
+		} )( {
+			dispatch,
+			registry,
 		} );
 
+		expect( triggerFetch ).toHaveBeenCalledTimes( 1 );
+
+		expect( dispatch.receiveUserPermission ).toHaveBeenCalledWith(
+			'create/postType/wp_block',
+			true
+		);
+		expect( dispatch.receiveUserPermission ).toHaveBeenCalledWith(
+			'read/postType/wp_block',
+			true
+		);
+	} );
+
+	it( 'retrieves all permissions even when ID is not given', async () => {
 		registry = {
 			...registry,
 			select: () => ( {
@@ -454,10 +572,6 @@ describe( 'canUser', () => {
 	} );
 
 	it( 'runs apiFetch only once per resource ID', async () => {
-		const dispatch = Object.assign( jest.fn(), {
-			receiveUserPermission: jest.fn(),
-		} );
-
 		registry = {
 			...registry,
 			select: () => ( {
@@ -493,6 +607,59 @@ describe( 'canUser', () => {
 			true
 		);
 	} );
+
+	it( 'runs apiFetch only once per entity ID', async () => {
+		registry = {
+			...registry,
+			select: () => ( {
+				hasStartedResolution: ( _, [ action ] ) => action === 'create',
+			} ),
+		};
+
+		triggerFetch.mockImplementation( () => ( {
+			headers: new Map( [ [ 'allow', 'POST, GET, PUT, DELETE' ] ] ),
+		} ) );
+
+		await canUser( 'create', {
+			kind: 'postType',
+			name: 'wp_block',
+			id: 123,
+		} )( { dispatch, registry } );
+		await canUser( 'read', {
+			kind: 'postType',
+			name: 'wp_block',
+			id: 123,
+		} )( { dispatch, registry } );
+		await canUser( 'update', {
+			kind: 'postType',
+			name: 'wp_block',
+			id: 123,
+		} )( { dispatch, registry } );
+		await canUser( 'delete', {
+			kind: 'postType',
+			name: 'wp_block',
+			id: 123,
+		} )( { dispatch, registry } );
+
+		expect( triggerFetch ).toHaveBeenCalledTimes( 1 );
+
+		expect( dispatch.receiveUserPermission ).toHaveBeenCalledWith(
+			'create/postType/wp_block/123',
+			true
+		);
+		expect( dispatch.receiveUserPermission ).toHaveBeenCalledWith(
+			'read/postType/wp_block/123',
+			true
+		);
+		expect( dispatch.receiveUserPermission ).toHaveBeenCalledWith(
+			'update/postType/wp_block/123',
+			true
+		);
+		expect( dispatch.receiveUserPermission ).toHaveBeenCalledWith(
+			'delete/postType/wp_block/123',
+			true
+		);
+	} );
 } );
 
 describe( 'getAutosaves', () => {

package/src/test/selectors.js

@@ -18,7 +18,6 @@ import {
 	getEmbedPreview,
 	isPreviewEmbedFallback,
 	canUser,
-	canUserEditEntityRecord,
 	getAutosave,
 	getAutosaves,
 	getCurrentUser,
@@ -690,79 +689,43 @@ describe( 'canUser', () => {
 			userPermissions: {},
 		} );
 		expect( canUser( state, 'create', 'media' ) ).toBe( undefined );
+		expect(
+			canUser( state, 'create', { kind: 'root', name: 'media' } )
+		).toBe( undefined );
+	} );
+
+	it( 'returns null when entity kind or name is missing', () => {
+		const state = deepFreeze( {
+			userPermissions: {},
+		} );
+		expect( canUser( state, 'create', { name: 'media' } ) ).toBe( false );
+		expect( canUser( state, 'create', { kind: 'root' } ) ).toBe( false );
 	} );
 
 	it( 'returns whether an action can be performed', () => {
 		const state = deepFreeze( {
 			userPermissions: {
 				'create/media': false,
+				'create/root/media': false,
 			},
 		} );
 		expect( canUser( state, 'create', 'media' ) ).toBe( false );
+		expect(
+			canUser( state, 'create', { kind: 'root', name: 'media' } )
+		).toBe( false );
 	} );
 
 	it( 'returns whether an action can be performed for a given resource', () => {
 		const state = deepFreeze( {
 			userPermissions: {
 				'create/media/123': false,
+				'create/root/media/123': false,
 			},
 		} );
 		expect( canUser( state, 'create', 'media', 123 ) ).toBe( false );
-	} );
-} );
-
-describe( 'canUserEditEntityRecord', () => {
-	it( 'returns false by default', () => {
-		const state = deepFreeze( {
-			userPermissions: {},
-			entities: { records: {} },
-		} );
-		expect( canUserEditEntityRecord( state, 'postType', 'post' ) ).toBe(
-			false
-		);
-	} );
-
-	it( 'returns whether the user can edit', () => {
-		const state = deepFreeze( {
-			userPermissions: {
-				'create/posts': false,
-				'update/posts/1': true,
-			},
-			entities: {
-				config: [
-					{
-						kind: 'postType',
-						name: 'post',
-						__unstable_rest_base: 'posts',
-					},
-				],
-				records: {
-					root: {
-						postType: {
-							queriedData: {
-								items: {
-									default: {
-										post: {
-											slug: 'post',
-											__unstable: 'posts',
-										},
-									},
-								},
-								itemIsComplete: {
-									default: {
-										post: true,
-									},
-								},
-								queries: {},
-							},
-						},
-					},
-				},
-			},
-		} );
 		expect(
-			canUserEditEntityRecord( state, 'postType', 'post', '1' )
-		).toBe( true );
+			canUser( state, 'create', { kind: 'root', name: 'media', id: 123 } )
+		).toBe( false );
 	} );
 } );
 

package/src/utils/index.js

@@ -9,3 +9,8 @@ export { default as isRawAttribute } from './is-raw-attribute';
 export { default as setNestedValue } from './set-nested-value';
 export { default as getNestedValue } from './get-nested-value';
 export { default as isNumericID } from './is-numeric-id';
+export {
+	getUserPermissionCacheKey,
+	getUserPermissionsFromResponse,
+	ALLOWED_RESOURCE_ACTIONS,
+} from './user-permissions';

package/src/utils/user-permissions.js

@@ -0,0 +1,39 @@
+export const ALLOWED_RESOURCE_ACTIONS = [
+	'create',
+	'read',
+	'update',
+	'delete',
+];
+
+export function getUserPermissionsFromResponse( response ) {
+	const permissions = {};
+
+	// Optional chaining operator is used here because the API requests don't
+	// return the expected result in the React native version. Instead, API requests
+	// only return the result, without including response properties like the headers.
+	const allowedMethods = response.headers?.get( 'allow' ) || '';
+
+	const methods = {
+		create: 'POST',
+		read: 'GET',
+		update: 'PUT',
+		delete: 'DELETE',
+	};
+	for ( const [ actionName, methodName ] of Object.entries( methods ) ) {
+		permissions[ actionName ] = allowedMethods.includes( methodName );
+	}
+
+	return permissions;
+}
+
+export function getUserPermissionCacheKey( action, resource, id ) {
+	const key = (
+		typeof resource === 'object'
+			? [ action, resource.kind, resource.name, resource.id ]
+			: [ action, resource, id ]
+	)
+		.filter( Boolean )
+		.join( '/' );
+
+	return key;
+}

package/tsconfig.json

@@ -21,7 +21,8 @@
 		{ "path": "../rich-text" },
 		{ "path": "../sync" },
 		{ "path": "../undo-manager" },
-		{ "path": "../url" }
+		{ "path": "../url" },
+		{ "path": "../warning" }
 	],
 	"include": [ "src/**/*" ]
 }