From 839a99af36b078e488659513096b16f190f2ca05 Mon Sep 17 00:00:00 2001
From: ramon <ramonjd@gmail.com>
Date: Wed, 3 May 2023 12:05:17 +1000
Subject: [PATCH 1/4] Ensuring that the revisions endpoint for global styles
 revisions matches the permissions for the global styles custom post type
 controller

---
 ...est-global-styles-revisions-controller.php | 13 ++++++++----
 ...lobal-styles-revisions-controller-test.php | 21 +++++++++++++++++++
 2 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php b/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
index eb82053052aec..ebc4e290f4f02 100644
--- a/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
+++ b/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
@@ -265,11 +265,16 @@ public function get_item_permissions_check( $request ) {
 			return $post;
 		}
 
-		if ( ! current_user_can( 'read_post', $post->ID ) ) {
+		/*
+		 * The same check as WP_REST_Global_Styles_Controller->get_theme_items_permissions_check.
+		 */
+		if ( ! current_user_can( 'edit_theme_options' ) ) {
 			return new WP_Error(
-				'rest_cannot_view',
-				__( 'Sorry, you are not allowed to view revisions for this global style.', 'gutenberg' ),
-				array( 'status' => rest_authorization_required_code() )
+				'rest_cannot_manage_global_styles',
+				__( 'Sorry, you are not allowed to access the global styles on this site.', 'gutenberg' ),
+				array(
+					'status' => rest_authorization_required_code(),
+				)
 			);
 		}
 
diff --git a/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php b/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php
index 4dcf1585e9596..8817cb73d33a5 100644
--- a/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php
+++ b/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php
@@ -11,6 +11,11 @@ class Gutenberg_REST_Global_Styles_Revisions_Controller_Test extends WP_Test_RES
 	 */
 	protected static $second_admin_id;
 
+	/**
+	 * @var int
+	 */
+	protected static $author_id;
+
 	/**
 	 * @var int
 	 */
@@ -37,6 +42,11 @@ public static function wpSetupBeforeClass( $factory ) {
 				'role' => 'administrator',
 			)
 		);
+		self::$author_id       = $factory->user->create(
+			array(
+				'role' => 'author',
+			)
+		);
 		// This creates the global styles for the current theme.
 		self::$global_styles_id = wp_insert_post(
 			array(
@@ -160,6 +170,17 @@ public function test_get_item_schema() {
 		$this->assertArrayHasKey( 'modified_gmt', $properties, 'Schema properties array does not have "modified_gmt" key' );
 	}
 
+	/**
+	 * @covers Gutenberg_REST_Global_Styles_Revisions_Controller::get_item_permissions_check
+	 */
+	public function test_get_item_permissions_check() {
+		wp_set_current_user( self::$author_id );
+		$request  = new WP_REST_Request( 'GET', '/wp/v2/global-styles/' . self::$global_styles_id . '/revisions' );
+		$response = rest_get_server()->dispatch( $request );
+
+		$this->assertErrorResponse( 'rest_cannot_manage_global_styles', $response, 403 );
+	}
+
 	/**
 	 * @doesNotPerformAssertions
 	 */

From dd8fd443e343e561b601925888148a3852e8270a Mon Sep 17 00:00:00 2001
From: ramon <ramonjd@gmail.com>
Date: Wed, 3 May 2023 12:18:09 +1000
Subject: [PATCH 2/4] Replacing with the same check as
 WP_REST_Global_Styles_Controller->get_item_permissions_check, since this is
 the check against the original global style custom post

---
 ...nberg-rest-global-styles-revisions-controller.php | 12 +++++-------
 ...-rest-global-styles-revisions-controller-test.php |  2 +-
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php b/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
index ebc4e290f4f02..6f36aa7da7d75 100644
--- a/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
+++ b/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
@@ -266,15 +266,13 @@ public function get_item_permissions_check( $request ) {
 		}
 
 		/*
-		 * The same check as WP_REST_Global_Styles_Controller->get_theme_items_permissions_check.
+		 * The same check as WP_REST_Global_Styles_Controller->get_item_permissions_check.
 		 */
-		if ( ! current_user_can( 'edit_theme_options' ) ) {
+		if ( ! current_user_can( 'read_post', $post->ID ) ) {
 			return new WP_Error(
-				'rest_cannot_manage_global_styles',
-				__( 'Sorry, you are not allowed to access the global styles on this site.', 'gutenberg' ),
-				array(
-					'status' => rest_authorization_required_code(),
-				)
+				'rest_cannot_view',
+				__( 'Sorry, you are not allowed to view this global style.' ),
+				array( 'status' => rest_authorization_required_code() )
 			);
 		}
 
diff --git a/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php b/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php
index 8817cb73d33a5..6856638bf8754 100644
--- a/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php
+++ b/phpunit/class-gutenberg-rest-global-styles-revisions-controller-test.php
@@ -178,7 +178,7 @@ public function test_get_item_permissions_check() {
 		$request  = new WP_REST_Request( 'GET', '/wp/v2/global-styles/' . self::$global_styles_id . '/revisions' );
 		$response = rest_get_server()->dispatch( $request );
 
-		$this->assertErrorResponse( 'rest_cannot_manage_global_styles', $response, 403 );
+		$this->assertErrorResponse( 'rest_cannot_view', $response, 403 );
 	}
 
 	/**

From 25d28c6f5bb0fc41c1836c8f8f3a9141c9371b4d Mon Sep 17 00:00:00 2001
From: ramon <ramonjd@gmail.com>
Date: Wed, 3 May 2023 12:20:55 +1000
Subject: [PATCH 3/4] translation domain

---
 .../class-gutenberg-rest-global-styles-revisions-controller.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php b/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
index 6f36aa7da7d75..c91ced5ac3f90 100644
--- a/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
+++ b/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
@@ -271,7 +271,7 @@ public function get_item_permissions_check( $request ) {
 		if ( ! current_user_can( 'read_post', $post->ID ) ) {
 			return new WP_Error(
 				'rest_cannot_view',
-				__( 'Sorry, you are not allowed to view this global style.' ),
+				__( 'Sorry, you are not allowed to view this global style.', 'gutenberg' ),
 				array( 'status' => rest_authorization_required_code() )
 			);
 		}

From 6eae6e2c1c28eaad0ea496fff341aa926e9751f3 Mon Sep 17 00:00:00 2001
From: Ramon <ramonjd@users.noreply.github.com>
Date: Wed, 3 May 2023 13:52:43 +1000
Subject: [PATCH 4/4] Fixed copy

---
 .../class-gutenberg-rest-global-styles-revisions-controller.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php b/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
index c91ced5ac3f90..c5d5a5f0dff1a 100644
--- a/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
+++ b/lib/experimental/class-gutenberg-rest-global-styles-revisions-controller.php
@@ -271,7 +271,7 @@ public function get_item_permissions_check( $request ) {
 		if ( ! current_user_can( 'read_post', $post->ID ) ) {
 			return new WP_Error(
 				'rest_cannot_view',
-				__( 'Sorry, you are not allowed to view this global style.', 'gutenberg' ),
+				__( 'Sorry, you are not allowed to view revisions for this global style.', 'gutenberg' ),
 				array( 'status' => rest_authorization_required_code() )
 			);
 		}