Editor: Prevent possibility of a fatal error when previewing block th…

…emes. Ensures that preview callbacks attached to the `stylesheet` and `template` filters do not run before `pluggable.php` has been included. These callbacks need functionality from `pluggable.php`. Props: scruffian, johnbillion, SergeyBiryukov, okat, okat. Fixes: #59000. git-svn-id: https://develop.svn.wordpress.org/trunk@56529 602fd350-edb4-49c9-b593-d223f7449a82
dd32 · Sep 6, 2023 · e14213e · e14213e
1 parent 476db82
commit e14213e
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 6 deletions.
diff --git a/src/wp-includes/default-filters.php b/src/wp-includes/default-filters.php
@@ -532,6 +532,9 @@
 add_action( 'delete_attachment', '_delete_attachment_theme_mod' );
 add_action( 'transition_post_status', '_wp_keep_alive_customize_changeset_dependent_auto_drafts', 20, 3 );
 
+// Block Theme Previews.
+add_action( 'plugins_loaded', 'initialize_theme_preview_hooks', 1 );
+
 // Calendar widget cache.
 add_action( 'save_post', 'delete_get_calendar_cache' );
 add_action( 'delete_post', 'delete_get_calendar_cache' );

diff --git a/src/wp-includes/theme-previews.php b/src/wp-includes/theme-previews.php
@@ -75,10 +75,19 @@ function wp_block_theme_activate_nonce() {
 	<?php
 }
 
-// Attaches filters to enable theme previews in the Site Editor.
-if ( ! empty( $_GET['wp_theme_preview'] ) ) {
-	add_filter( 'stylesheet', 'wp_get_theme_preview_path' );
-	add_filter( 'template', 'wp_get_theme_preview_path' );
-	add_action( 'init', 'wp_attach_theme_preview_middleware' );
-	add_action( 'admin_head', 'wp_block_theme_activate_nonce' );
+/**
+ * Add filters and actions to enable Block Theme Previews in the Site Editor.
+ *
+ * The filters and actions should be added after `pluggable.php` is included as they may
+ * trigger code that uses `current_user_can()` which requires functionality from `pluggable.php`.
+ *
+ * @since 6.3.2
+ */
+function initialize_theme_preview_hooks() {
+	if ( ! empty( $_GET['wp_theme_preview'] ) ) {
+		add_filter( 'stylesheet', 'wp_get_theme_preview_path' );
+		add_filter( 'template', 'wp_get_theme_preview_path' );
+		add_action( 'init', 'wp_attach_theme_preview_middleware' );
+		add_action( 'admin_head', 'wp_block_theme_activate_nonce' );
+	}
 }
diff --git a/tests/phpunit/tests/theme-previews.php b/tests/phpunit/tests/theme-previews.php
@@ -0,0 +1,27 @@
+<?php
+
+/**
+ * test wp-includes/theme-previews.php
+ *
+ * @group themes
+ */
+class Tests_Theme_Previews extends WP_UnitTestCase {
+	public function set_up() {
+		parent::set_up();
+	}
+
+	public function tear_down() {
+		unset( $_GET['wp_theme_preview'] );
+		parent::tear_down();
+	}
+
+	public function test_initialize_theme_preview_hooks() {
+		$_GET['wp_theme_preview'] = 'twentytwentythree';
+		do_action( 'plugins_loaded' ); // Ensure `plugins_loaded` triggers `initialize_theme_preview_hooks`.
+
+		$this->assertEquals( has_filter( 'stylesheet', 'wp_get_theme_preview_path' ), 10 );
+		$this->assertEquals( has_filter( 'template', 'wp_get_theme_preview_path' ), 10 );
+		$this->assertEquals( has_action( 'init', 'wp_attach_theme_preview_middleware' ), 10 );
+		$this->assertEquals( has_action( 'admin_head', 'wp_block_theme_activate_nonce' ), 10 );
+	}
+}