From defaa761959a500ffb8a37d5dbf06316787a73bf Mon Sep 17 00:00:00 2001
From: Felix Arntz <flixos90@git.wordpress.org>
Date: Fri, 9 Aug 2024 17:59:41 +0000
Subject: [PATCH] Comments: Add optional `$context` parameter to
 `get_edit_comment_link()` to get the URL without HTML entities.

This brings the function in line with the similar `get_edit_post_link()` parameter. The 'get_edit_comment_link' filter now additionally receives the `$comment_id` and `$context` as parameters.

Additionally, as a minor enhancement, the capability check is now more defensive, as it will no longer cause an error if the given comment ID is invalid.

As part of the changeset, comprehensive test coverage for the `get_edit_comment_link()` including the new behavior is added.

Props deepakrohilla.
Fixes #61727.


git-svn-id: https://develop.svn.wordpress.org/trunk@58875 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/link-template.php             |  24 +++-
 .../phpunit/tests/link/getEditCommentLink.php | 130 ++++++++++++++++++
 2 files changed, 148 insertions(+), 6 deletions(-)
 create mode 100644 tests/phpunit/tests/link/getEditCommentLink.php

diff --git a/src/wp-includes/link-template.php b/src/wp-includes/link-template.php
index 426da57c392fa..4cfc47f83ec05 100644
--- a/src/wp-includes/link-template.php
+++ b/src/wp-includes/link-template.php
@@ -1595,27 +1595,39 @@ function get_delete_post_link( $post = 0, $deprecated = '', $force_delete = fals
  * Retrieves the edit comment link.
  *
  * @since 2.3.0
+ * @since 6.7.0 The $context parameter was added.
  *
  * @param int|WP_Comment $comment_id Optional. Comment ID or WP_Comment object.
- * @return string|void The edit comment link URL for the given comment.
+ * @param string         $context    Optional. Context in which the URL should be used. Either 'display',
+ *                                   to include HTML entities, or 'url'. Default 'display'.
+ * @return string|void The edit comment link URL for the given comment, or void if the comment id does not exist or
+ *                     the current user is not allowed to edit it.
  */
-function get_edit_comment_link( $comment_id = 0 ) {
+function get_edit_comment_link( $comment_id = 0, $context = 'display' ) {
 	$comment = get_comment( $comment_id );
 
-	if ( ! current_user_can( 'edit_comment', $comment->comment_ID ) ) {
+	if ( ! is_object( $comment ) || ! current_user_can( 'edit_comment', $comment->comment_ID ) ) {
 		return;
 	}
 
-	$location = admin_url( 'comment.php?action=editcomment&amp;c=' ) . $comment->comment_ID;
+	if ( 'display' === $context ) {
+		$action = 'comment.php?action=editcomment&amp;c=';
+	} else {
+		$action = 'comment.php?action=editcomment&c=';
+	}
+
+	$location = admin_url( $action ) . $comment->comment_ID;
 
 	/**
 	 * Filters the comment edit link.
 	 *
-	 * @since 2.3.0
+	 * @since 6.7.0 The $comment_id and $context parameters are now being passed to the filter.
 	 *
 	 * @param string $location The edit link.
+	 * @param int    $comment_id Optional. Unique ID of the comment to generate an edit link.
+	 * @param int    $context    Optional. Context to include HTML entities in link. Default 'display'.
 	 */
-	return apply_filters( 'get_edit_comment_link', $location );
+	return apply_filters( 'get_edit_comment_link', $location, $comment_id, $context );
 }
 
 /**
diff --git a/tests/phpunit/tests/link/getEditCommentLink.php b/tests/phpunit/tests/link/getEditCommentLink.php
new file mode 100644
index 0000000000000..1d574d40286d1
--- /dev/null
+++ b/tests/phpunit/tests/link/getEditCommentLink.php
@@ -0,0 +1,130 @@
+<?php
+/**
+ * @group link
+ * @group comment
+ * @covers ::get_edit_comment_link
+ */
+class Tests_Link_GetEditCommentLink extends WP_UnitTestCase {
+
+	public static $comment_id;
+	public static $user_ids;
+
+	public static function wpSetUpBeforeClass( WP_UnitTest_Factory $factory ) {
+		self::$comment_id = $factory->comment->create( array( 'comment_content' => 'Test comment' ) );
+
+		self::$user_ids = array(
+			'admin'      => $factory->user->create( array( 'role' => 'administrator' ) ),
+			'subscriber' => $factory->user->create( array( 'role' => 'subscriber' ) ),
+		);
+	}
+
+	public static function wpTearDownAfterClass() {
+		// Delete the test comment.
+		wp_delete_comment( self::$comment_id, true );
+
+		// Delete the test users.
+		foreach ( self::$user_ids as $user_id ) {
+			self::delete_user( $user_id );
+		}
+	}
+
+	public function set_up() {
+		parent::set_up();
+		wp_set_current_user( self::$user_ids['admin'] );
+	}
+
+	/**
+	 * Tests that get_edit_comment_link() returns the correct URL by default.
+	 */
+	public function test_get_edit_comment_link_default() {
+		$comment_id   = self::$comment_id;
+		$expected_url = admin_url( 'comment.php?action=editcomment&amp;c=' . $comment_id );
+		$actual_url   = get_edit_comment_link( $comment_id );
+
+		$this->assertSame( $expected_url, $actual_url );
+	}
+
+	/**
+	 * Tests that get_edit_comment_link() returns the correct URL with a context of 'display'.
+	 *
+	 * The expected result should include HTML entities.
+	 *
+	 * @ticket 61727
+	 */
+	public function test_get_edit_comment_link_display_context() {
+		$comment_id   = self::$comment_id;
+		$expected_url = admin_url( 'comment.php?action=editcomment&amp;c=' . $comment_id );
+		$actual_url   = get_edit_comment_link( $comment_id, 'display' );
+
+		$this->assertSame( $expected_url, $actual_url );
+	}
+
+	/**
+	 * Tests that get_edit_comment_link() returns the correct URL with a context of 'url'.
+	 *
+	 * The expected result should not include HTML entities.
+	 *
+	 * @ticket 61727
+	 */
+	public function test_get_edit_comment_link_url_context() {
+		$comment_id   = self::$comment_id;
+		$expected_url = admin_url( 'comment.php?action=editcomment&c=' . $comment_id );
+		$actual_url   = get_edit_comment_link( $comment_id, 'url' );
+
+		$this->assertSame( $expected_url, $actual_url );
+	}
+
+	/**
+	 * Tests that get_edit_comment_link() returns nothing if the comment ID is invalid.
+	 *
+	 * @ticket 61727
+	 */
+	public function test_get_edit_comment_link_invalid_comment() {
+		$comment_id         = 12345;
+		$actual_url_display = get_edit_comment_link( $comment_id, 'display' );
+		$actual_url         = get_edit_comment_link( $comment_id, 'url' );
+
+		$this->assertNull( $actual_url_display );
+		$this->assertNull( $actual_url );
+	}
+
+	/**
+	 * Tests that get_edit_comment_link() returns nothing if the current user cannot edit it.
+	 */
+	public function test_get_edit_comment_link_user_cannot_edit() {
+		wp_set_current_user( self::$user_ids['subscriber'] );
+		$comment_id         = self::$comment_id;
+		$actual_url_display = get_edit_comment_link( $comment_id, 'display' );
+		$actual_url         = get_edit_comment_link( $comment_id, 'url' );
+
+		$this->assertNull( $actual_url_display );
+		$this->assertNull( $actual_url );
+	}
+
+	/**
+	 * Tests that the 'get_edit_comment_link' filter works as expected, including the additional parameters.
+	 *
+	 * @ticket 61727
+	 */
+	public function test_get_edit_comment_link_filter() {
+		$comment_id           = self::$comment_id;
+		$expected_url_display = admin_url( 'comment-test.php?context=display' );
+		$expected_url         = admin_url( 'comment-test.php?context=url' );
+
+		add_filter(
+			'get_edit_comment_link',
+			function ( $location, $comment_id, $context ) {
+				return admin_url( 'comment-test.php?context=' . $context );
+			},
+			10,
+			3
+		);
+
+		$actual_url_display = get_edit_comment_link( $comment_id, 'display' );
+		$actual_url         = get_edit_comment_link( $comment_id, 'url' );
+
+		// Assert the final URLs are as expected
+		$this->assertSame( $expected_url_display, $actual_url_display );
+		$this->assertSame( $expected_url, $actual_url );
+	}
+}