From 1dcad8f5bbc47b6854da5e793a1678d06d831a99 Mon Sep 17 00:00:00 2001
From: desrosj <desrosj@git.wordpress.org>
Date: Tue, 6 Jul 2021 15:43:00 +0000
Subject: [PATCH] REST API: Add the `$request` parameter to methods checking
 permissions.

This adds the `$request` parameter to the `permissions_check()` methods within `WP_REST_Widgets_Controller` and adds `$request` as an allowed parameter to the `permissions_check()` method within `WP_REST_Templates_Controller`.

Even when this parameter is not used by default, it should be implemented to support the class being extended and the method overidden.

Props johnbillion, timothyblynjacobs.
Fixes #53593.
Built from https://develop.svn.wordpress.org/trunk@51349


git-svn-id: http://core.svn.wordpress.org/trunk@50958 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 .../class-wp-rest-templates-controller.php          |  3 ++-
 .../endpoints/class-wp-rest-widgets-controller.php  | 13 +++++++------
 wp-includes/version.php                             |  2 +-
 3 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php
index 8c16da97eb..48b6d71be0 100644
--- a/wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php
+++ b/wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php
@@ -109,9 +109,10 @@ class WP_REST_Templates_Controller extends WP_REST_Controller {
 	 *
 	 * @since 5.8.0
 	 *
+	 * @param WP_REST_Request $request Full details about the request.
 	 * @return true|WP_Error True if the request has read access, WP_Error object otherwise.
 	 */
-	protected function permissions_check() {
+	protected function permissions_check( $request ) {
 		// Verify if the current user has edit_theme_options capability.
 		// This capability is required to edit/view/delete templates.
 		if ( ! current_user_can( 'edit_theme_options' ) ) {
diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-widgets-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-widgets-controller.php
index 7c2a5ff929..dced990fcd 100644
--- a/wp-includes/rest-api/endpoints/class-wp-rest-widgets-controller.php
+++ b/wp-includes/rest-api/endpoints/class-wp-rest-widgets-controller.php
@@ -97,7 +97,7 @@ class WP_REST_Widgets_Controller extends WP_REST_Controller {
 	 * @return true|WP_Error True if the request has read access, WP_Error object otherwise.
 	 */
 	public function get_items_permissions_check( $request ) {
-		return $this->permissions_check();
+		return $this->permissions_check( $request );
 	}
 
 	/**
@@ -139,7 +139,7 @@ class WP_REST_Widgets_Controller extends WP_REST_Controller {
 	 * @return true|WP_Error True if the request has read access, WP_Error object otherwise.
 	 */
 	public function get_item_permissions_check( $request ) {
-		return $this->permissions_check();
+		return $this->permissions_check( $request );
 	}
 
 	/**
@@ -176,7 +176,7 @@ class WP_REST_Widgets_Controller extends WP_REST_Controller {
 	 * @return true|WP_Error True if the request has read access, WP_Error object otherwise.
 	 */
 	public function create_item_permissions_check( $request ) {
-		return $this->permissions_check();
+		return $this->permissions_check( $request );
 	}
 
 	/**
@@ -220,7 +220,7 @@ class WP_REST_Widgets_Controller extends WP_REST_Controller {
 	 * @return true|WP_Error True if the request has read access, WP_Error object otherwise.
 	 */
 	public function update_item_permissions_check( $request ) {
-		return $this->permissions_check();
+		return $this->permissions_check( $request );
 	}
 
 	/**
@@ -283,7 +283,7 @@ class WP_REST_Widgets_Controller extends WP_REST_Controller {
 	 * @return true|WP_Error True if the request has read access, WP_Error object otherwise.
 	 */
 	public function delete_item_permissions_check( $request ) {
-		return $this->permissions_check();
+		return $this->permissions_check( $request );
 	}
 
 	/**
@@ -398,9 +398,10 @@ class WP_REST_Widgets_Controller extends WP_REST_Controller {
 	 *
 	 * @since 5.8.0
 	 *
+	 * @param WP_REST_Request $request Full details about the request.
 	 * @return true|WP_Error
 	 */
-	protected function permissions_check() {
+	protected function permissions_check( $request ) {
 		if ( ! current_user_can( 'edit_theme_options' ) ) {
 			return new WP_Error(
 				'rest_cannot_manage_widgets',
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 566441fa1c..4d306ed6cc 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.9-alpha-51348';
+$wp_version = '5.9-alpha-51349';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.