Font face permissions

[peterwilsoncc]

What?

Modifies the font face permissions to ensure the file system is writable for the installation and deletion of fonts.

The font library's JavaScript is modified to use these permission to determine whether to allow:

• installation of google fonts
• upload of font files
• deletion of fonts

See #55280

Why?

Currently the DISALLOW_FILE_MODS constant is not checked as part of the font faces API allowing users to upload fonts when the fonts should not be disabled.

As this constant is used to indicate an immutable file system, the constant needs to be considered to allow for a good user experience uploading fonts. See WordPress/wporg-main-2022#388, #55063

How?

• Induces the meta capabilities: install_font_faces, delete_font_faces.
• Checks [core data store].canUser( 'create', 'font-families' ); to determine if a user can upload, removes the UI if not
• Checks [core data store].canUser( 'delete', 'font-families' ); to determine if a user can delete, removes the UI if not

Note

Please test running this branch on WordPress 6.4.

The file the changes have been made in are not loaded on the current version of WordPress trunk.

Testing Instructions

1. Install a font either via file upload or Google Fonts.
2. Add define( 'DISALLOW_FILE_MODS', true ); to your wp-config file.
3. Open Site Editor ... Styles > Typography > Manage Fonts
4. Ensure the upload and Install fonts tabs are not shown
5. Click the font you installed earlier
6. Check the box next to the font
7. Ensure the delete button is not available
8. Remove the constant added earlier
9. Ensure it's possible to delete your font.

Testing Instructions for Keyboard

Screenshots or screencast

[github-actions]

This pull request has changed or added PHP files. Please confirm whether these changes need to be synced to WordPress Core, and therefore featured in the next release of WordPress.

If so, it is recommended to create a new Trac ticket and submit a pull request to the WordPress Core Github repository soon after this pull request is merged.

If you're unsure, you can always ask for help in the #core-editor channel in WordPress Slack.

Thank you! ❤️

View changed files

❔ lib/compat/wordpress-6.5/fonts/fonts.php

[github-actions]

Size Change: +110 B (0%)

Total Size: 1.7 MB

Filename	Size	Change
build/edit-site/index.min.js	211 kB	+110 B (0%)

ℹ️ View Unchanged

Filename	Size
build/a11y/index.min.js	955 B
build/annotations/index.min.js	2.69 kB
build/api-fetch/index.min.js	2.32 kB
build/autop/index.min.js	2.1 kB
build/blob/index.min.js	578 B
build/block-directory/index.min.js	7.22 kB
build/block-directory/style-rtl.css	1.02 kB
build/block-directory/style.css	1.02 kB
build/block-editor/content-rtl.css	4.35 kB
build/block-editor/content.css	4.35 kB
build/block-editor/default-editor-styles-rtl.css	381 B
build/block-editor/default-editor-styles.css	381 B
build/block-editor/index.min.js	251 kB
build/block-editor/style-rtl.css	15.3 kB
build/block-editor/style.css	15.3 kB
build/block-library/blocks/archives/editor-rtl.css	61 B
build/block-library/blocks/archives/editor.css	60 B
build/block-library/blocks/archives/style-rtl.css	90 B
build/block-library/blocks/archives/style.css	90 B
build/block-library/blocks/audio/editor-rtl.css	150 B
build/block-library/blocks/audio/editor.css	150 B
build/block-library/blocks/audio/style-rtl.css	122 B
build/block-library/blocks/audio/style.css	122 B
build/block-library/blocks/audio/theme-rtl.css	126 B
build/block-library/blocks/audio/theme.css	126 B
build/block-library/blocks/avatar/editor-rtl.css	116 B
build/block-library/blocks/avatar/editor.css	116 B
build/block-library/blocks/avatar/style-rtl.css	104 B
build/block-library/blocks/avatar/style.css	104 B
build/block-library/blocks/block/editor-rtl.css	305 B
build/block-library/blocks/block/editor.css	305 B
build/block-library/blocks/button/editor-rtl.css	415 B
build/block-library/blocks/button/editor.css	414 B
build/block-library/blocks/button/style-rtl.css	627 B
build/block-library/blocks/button/style.css	626 B
build/block-library/blocks/buttons/editor-rtl.css	337 B
build/block-library/blocks/buttons/editor.css	337 B
build/block-library/blocks/buttons/style-rtl.css	332 B
build/block-library/blocks/buttons/style.css	332 B
build/block-library/blocks/calendar/style-rtl.css	239 B
build/block-library/blocks/calendar/style.css	239 B
build/block-library/blocks/categories/editor-rtl.css	113 B
build/block-library/blocks/categories/editor.css	112 B
build/block-library/blocks/categories/style-rtl.css	124 B
build/block-library/blocks/categories/style.css	124 B
build/block-library/blocks/code/editor-rtl.css	53 B
build/block-library/blocks/code/editor.css	53 B
build/block-library/blocks/code/style-rtl.css	121 B
build/block-library/blocks/code/style.css	121 B
build/block-library/blocks/code/theme-rtl.css	124 B
build/block-library/blocks/code/theme.css	124 B
build/block-library/blocks/columns/editor-rtl.css	108 B
build/block-library/blocks/columns/editor.css	108 B
build/block-library/blocks/columns/style-rtl.css	421 B
build/block-library/blocks/columns/style.css	421 B
build/block-library/blocks/comment-author-avatar/editor-rtl.css	125 B
build/block-library/blocks/comment-author-avatar/editor.css	125 B
build/block-library/blocks/comment-content/style-rtl.css	92 B
build/block-library/blocks/comment-content/style.css	92 B
build/block-library/blocks/comment-template/style-rtl.css	199 B
build/block-library/blocks/comment-template/style.css	198 B
build/block-library/blocks/comments-pagination-numbers/editor-rtl.css	123 B
build/block-library/blocks/comments-pagination-numbers/editor.css	121 B
build/block-library/blocks/comments-pagination/editor-rtl.css	222 B
build/block-library/blocks/comments-pagination/editor.css	209 B
build/block-library/blocks/comments-pagination/style-rtl.css	235 B
build/block-library/blocks/comments-pagination/style.css	231 B
build/block-library/blocks/comments-title/editor-rtl.css	75 B
build/block-library/blocks/comments-title/editor.css	75 B
build/block-library/blocks/comments/editor-rtl.css	840 B
build/block-library/blocks/comments/editor.css	839 B
build/block-library/blocks/comments/style-rtl.css	637 B
build/block-library/blocks/comments/style.css	636 B
build/block-library/blocks/cover/editor-rtl.css	647 B
build/block-library/blocks/cover/editor.css	650 B
build/block-library/blocks/cover/style-rtl.css	1.69 kB
build/block-library/blocks/cover/style.css	1.68 kB
build/block-library/blocks/details/editor-rtl.css	65 B
build/block-library/blocks/details/editor.css	65 B
build/block-library/blocks/details/style-rtl.css	98 B
build/block-library/blocks/details/style.css	98 B
build/block-library/blocks/embed/editor-rtl.css	322 B
build/block-library/blocks/embed/editor.css	322 B
build/block-library/blocks/embed/style-rtl.css	410 B
build/block-library/blocks/embed/style.css	410 B
build/block-library/blocks/embed/theme-rtl.css	126 B
build/block-library/blocks/embed/theme.css	126 B
build/block-library/blocks/file/editor-rtl.css	316 B
build/block-library/blocks/file/editor.css	316 B
build/block-library/blocks/file/style-rtl.css	280 B
build/block-library/blocks/file/style.css	281 B
build/block-library/blocks/file/view.min.js	324 B
build/block-library/blocks/footnotes/style-rtl.css	201 B
build/block-library/blocks/footnotes/style.css	199 B
build/block-library/blocks/form-input/editor-rtl.css	227 B
build/block-library/blocks/form-input/editor.css	227 B
build/block-library/blocks/form-input/style-rtl.css	343 B
build/block-library/blocks/form-input/style.css	343 B
build/block-library/blocks/form-submission-notification/editor-rtl.css	340 B
build/block-library/blocks/form-submission-notification/editor.css	340 B
build/block-library/blocks/form-submit-button/style-rtl.css	69 B
build/block-library/blocks/form-submit-button/style.css	69 B
build/block-library/blocks/form/view.min.js	471 B
build/block-library/blocks/freeform/editor-rtl.css	2.61 kB
build/block-library/blocks/freeform/editor.css	2.61 kB
build/block-library/blocks/gallery/editor-rtl.css	947 B
build/block-library/blocks/gallery/editor.css	952 B
build/block-library/blocks/gallery/style-rtl.css	1.72 kB
build/block-library/blocks/gallery/style.css	1.72 kB
build/block-library/blocks/gallery/theme-rtl.css	108 B
build/block-library/blocks/gallery/theme.css	108 B
build/block-library/blocks/group/editor-rtl.css	654 B
build/block-library/blocks/group/editor.css	654 B
build/block-library/blocks/group/style-rtl.css	57 B
build/block-library/blocks/group/style.css	57 B
build/block-library/blocks/group/theme-rtl.css	78 B
build/block-library/blocks/group/theme.css	78 B
build/block-library/blocks/heading/style-rtl.css	189 B
build/block-library/blocks/heading/style.css	189 B
build/block-library/blocks/html/editor-rtl.css	336 B
build/block-library/blocks/html/editor.css	337 B
build/block-library/blocks/image/editor-rtl.css	863 B
build/block-library/blocks/image/editor.css	862 B
build/block-library/blocks/image/style-rtl.css	1.6 kB
build/block-library/blocks/image/style.css	1.59 kB
build/block-library/blocks/image/theme-rtl.css	126 B
build/block-library/blocks/image/theme.css	126 B
build/block-library/blocks/image/view.min.js	1.54 kB
build/block-library/blocks/latest-comments/style-rtl.css	357 B
build/block-library/blocks/latest-comments/style.css	357 B
build/block-library/blocks/latest-posts/editor-rtl.css	213 B
build/block-library/blocks/latest-posts/editor.css	212 B
build/block-library/blocks/latest-posts/style-rtl.css	478 B
build/block-library/blocks/latest-posts/style.css	478 B
build/block-library/blocks/list/style-rtl.css	88 B
build/block-library/blocks/list/style.css	88 B
build/block-library/blocks/media-text/editor-rtl.css	266 B
build/block-library/blocks/media-text/editor.css	263 B
build/block-library/blocks/media-text/style-rtl.css	505 B
build/block-library/blocks/media-text/style.css	503 B
build/block-library/blocks/more/editor-rtl.css	431 B
build/block-library/blocks/more/editor.css	431 B
build/block-library/blocks/navigation-link/editor-rtl.css	668 B
build/block-library/blocks/navigation-link/editor.css	669 B
build/block-library/blocks/navigation-link/style-rtl.css	259 B
build/block-library/blocks/navigation-link/style.css	257 B
build/block-library/blocks/navigation-submenu/editor-rtl.css	296 B
build/block-library/blocks/navigation-submenu/editor.css	295 B
build/block-library/blocks/navigation/editor-rtl.css	2.25 kB
build/block-library/blocks/navigation/editor.css	2.26 kB
build/block-library/blocks/navigation/style-rtl.css	2.24 kB
build/block-library/blocks/navigation/style.css	2.23 kB
build/block-library/blocks/navigation/view.min.js	1.1 kB
build/block-library/blocks/nextpage/editor-rtl.css	395 B
build/block-library/blocks/nextpage/editor.css	395 B
build/block-library/blocks/page-list/editor-rtl.css	377 B
build/block-library/blocks/page-list/editor.css	377 B
build/block-library/blocks/page-list/style-rtl.css	175 B
build/block-library/blocks/page-list/style.css	175 B
build/block-library/blocks/paragraph/editor-rtl.css	235 B
build/block-library/blocks/paragraph/editor.css	235 B
build/block-library/blocks/paragraph/style-rtl.css	335 B
build/block-library/blocks/paragraph/style.css	335 B
build/block-library/blocks/post-author/style-rtl.css	175 B
build/block-library/blocks/post-author/style.css	176 B
build/block-library/blocks/post-comments-form/editor-rtl.css	96 B
build/block-library/blocks/post-comments-form/editor.css	96 B
build/block-library/blocks/post-comments-form/style-rtl.css	508 B
build/block-library/blocks/post-comments-form/style.css	508 B
build/block-library/blocks/post-content/editor-rtl.css	74 B
build/block-library/blocks/post-content/editor.css	74 B
build/block-library/blocks/post-date/style-rtl.css	61 B
build/block-library/blocks/post-date/style.css	61 B
build/block-library/blocks/post-excerpt/editor-rtl.css	71 B
build/block-library/blocks/post-excerpt/editor.css	71 B
build/block-library/blocks/post-excerpt/style-rtl.css	141 B
build/block-library/blocks/post-excerpt/style.css	141 B
build/block-library/blocks/post-featured-image/editor-rtl.css	666 B
build/block-library/blocks/post-featured-image/editor.css	662 B
build/block-library/blocks/post-featured-image/style-rtl.css	342 B
build/block-library/blocks/post-featured-image/style.css	342 B
build/block-library/blocks/post-navigation-link/style-rtl.css	215 B
build/block-library/blocks/post-navigation-link/style.css	214 B
build/block-library/blocks/post-template/editor-rtl.css	99 B
build/block-library/blocks/post-template/editor.css	98 B
build/block-library/blocks/post-template/style-rtl.css	409 B
build/block-library/blocks/post-template/style.css	408 B
build/block-library/blocks/post-terms/style-rtl.css	96 B
build/block-library/blocks/post-terms/style.css	96 B
build/block-library/blocks/post-time-to-read/style-rtl.css	69 B
build/block-library/blocks/post-time-to-read/style.css	69 B
build/block-library/blocks/post-title/style-rtl.css	100 B
build/block-library/blocks/post-title/style.css	100 B
build/block-library/blocks/preformatted/style-rtl.css	125 B
build/block-library/blocks/preformatted/style.css	125 B
build/block-library/blocks/pullquote/editor-rtl.css	135 B
build/block-library/blocks/pullquote/editor.css	135 B
build/block-library/blocks/pullquote/style-rtl.css	354 B
build/block-library/blocks/pullquote/style.css	354 B
build/block-library/blocks/pullquote/theme-rtl.css	168 B
build/block-library/blocks/pullquote/theme.css	168 B
build/block-library/blocks/query-pagination-numbers/editor-rtl.css	122 B
build/block-library/blocks/query-pagination-numbers/editor.css	121 B
build/block-library/blocks/query-pagination/editor-rtl.css	221 B
build/block-library/blocks/query-pagination/editor.css	211 B
build/block-library/blocks/query-pagination/style-rtl.css	288 B
build/block-library/blocks/query-pagination/style.css	284 B
build/block-library/blocks/query-title/style-rtl.css	63 B
build/block-library/blocks/query-title/style.css	63 B
build/block-library/blocks/query/editor-rtl.css	486 B
build/block-library/blocks/query/editor.css	486 B
build/block-library/blocks/query/view.min.js	958 B
build/block-library/blocks/quote/style-rtl.css	237 B
build/block-library/blocks/quote/style.css	237 B
build/block-library/blocks/quote/theme-rtl.css	223 B
build/block-library/blocks/quote/theme.css	226 B
build/block-library/blocks/read-more/style-rtl.css	140 B
build/block-library/blocks/read-more/style.css	140 B
build/block-library/blocks/rss/editor-rtl.css	149 B
build/block-library/blocks/rss/editor.css	149 B
build/block-library/blocks/rss/style-rtl.css	289 B
build/block-library/blocks/rss/style.css	288 B
build/block-library/blocks/search/editor-rtl.css	184 B
build/block-library/blocks/search/editor.css	184 B
build/block-library/blocks/search/style-rtl.css	614 B
build/block-library/blocks/search/style.css	614 B
build/block-library/blocks/search/theme-rtl.css	114 B
build/block-library/blocks/search/theme.css	114 B
build/block-library/blocks/search/view.min.js	478 B
build/block-library/blocks/separator/editor-rtl.css	146 B
build/block-library/blocks/separator/editor.css	146 B
build/block-library/blocks/separator/style-rtl.css	229 B
build/block-library/blocks/separator/style.css	229 B
build/block-library/blocks/separator/theme-rtl.css	194 B
build/block-library/blocks/separator/theme.css	194 B
build/block-library/blocks/shortcode/editor-rtl.css	323 B
build/block-library/blocks/shortcode/editor.css	323 B
build/block-library/blocks/site-logo/editor-rtl.css	754 B
build/block-library/blocks/site-logo/editor.css	754 B
build/block-library/blocks/site-logo/style-rtl.css	204 B
build/block-library/blocks/site-logo/style.css	204 B
build/block-library/blocks/site-tagline/editor-rtl.css	86 B
build/block-library/blocks/site-tagline/editor.css	86 B
build/block-library/blocks/site-title/editor-rtl.css	116 B
build/block-library/blocks/site-title/editor.css	116 B
build/block-library/blocks/site-title/style-rtl.css	57 B
build/block-library/blocks/site-title/style.css	57 B
build/block-library/blocks/social-link/editor-rtl.css	184 B
build/block-library/blocks/social-link/editor.css	184 B
build/block-library/blocks/social-links/editor-rtl.css	682 B
build/block-library/blocks/social-links/editor.css	681 B
build/block-library/blocks/social-links/style-rtl.css	1.49 kB
build/block-library/blocks/social-links/style.css	1.48 kB
build/block-library/blocks/spacer/editor-rtl.css	350 B
build/block-library/blocks/spacer/editor.css	350 B
build/block-library/blocks/spacer/style-rtl.css	48 B
build/block-library/blocks/spacer/style.css	48 B
build/block-library/blocks/table/editor-rtl.css	395 B
build/block-library/blocks/table/editor.css	395 B
build/block-library/blocks/table/style-rtl.css	639 B
build/block-library/blocks/table/style.css	639 B
build/block-library/blocks/table/theme-rtl.css	146 B
build/block-library/blocks/table/theme.css	146 B
build/block-library/blocks/tag-cloud/style-rtl.css	251 B
build/block-library/blocks/tag-cloud/style.css	253 B
build/block-library/blocks/template-part/editor-rtl.css	403 B
build/block-library/blocks/template-part/editor.css	403 B
build/block-library/blocks/template-part/theme-rtl.css	101 B
build/block-library/blocks/template-part/theme.css	101 B
build/block-library/blocks/term-description/style-rtl.css	111 B
build/block-library/blocks/term-description/style.css	111 B
build/block-library/blocks/text-columns/editor-rtl.css	95 B
build/block-library/blocks/text-columns/editor.css	95 B
build/block-library/blocks/text-columns/style-rtl.css	166 B
build/block-library/blocks/text-columns/style.css	166 B
build/block-library/blocks/verse/style-rtl.css	99 B
build/block-library/blocks/verse/style.css	99 B
build/block-library/blocks/video/editor-rtl.css	552 B
build/block-library/blocks/video/editor.css	555 B
build/block-library/blocks/video/style-rtl.css	185 B
build/block-library/blocks/video/style.css	185 B
build/block-library/blocks/video/theme-rtl.css	126 B
build/block-library/blocks/video/theme.css	126 B
build/block-library/classic-rtl.css	179 B
build/block-library/classic.css	179 B
build/block-library/common-rtl.css	1.1 kB
build/block-library/common.css	1.1 kB
build/block-library/editor-elements-rtl.css	75 B
build/block-library/editor-elements.css	75 B
build/block-library/editor-rtl.css	12.3 kB
build/block-library/editor.css	12.3 kB
build/block-library/elements-rtl.css	54 B
build/block-library/elements.css	54 B
build/block-library/index.min.js	216 kB
build/block-library/reset-rtl.css	472 B
build/block-library/reset.css	472 B
build/block-library/style-rtl.css	14.8 kB
build/block-library/style.css	14.7 kB
build/block-library/theme-rtl.css	688 B
build/block-library/theme.css	693 B
build/block-serialization-default-parser/index.min.js	1.12 kB
build/block-serialization-spec-parser/index.min.js	2.87 kB
build/blocks/index.min.js	51.6 kB
build/commands/index.min.js	15.6 kB
build/commands/style-rtl.css	921 B
build/commands/style.css	918 B
build/components/index.min.js	226 kB
build/components/style-rtl.css	11.8 kB
build/components/style.css	11.8 kB
build/compose/index.min.js	12.6 kB
build/core-commands/index.min.js	2.77 kB
build/core-data/index.min.js	72.8 kB
build/customize-widgets/index.min.js	12.1 kB
build/customize-widgets/style-rtl.css	1.32 kB
build/customize-widgets/style.css	1.32 kB
build/data-controls/index.min.js	640 B
build/data/index.min.js	8.93 kB
build/date/index.min.js	17.9 kB
build/deprecated/index.min.js	451 B
build/dom-ready/index.min.js	324 B
build/dom/index.min.js	4.65 kB
build/edit-post/classic-rtl.css	544 B
build/edit-post/classic.css	545 B
build/edit-post/index.min.js	23.8 kB
build/edit-post/style-rtl.css	5.64 kB
build/edit-post/style.css	5.63 kB
build/edit-site/style-rtl.css	15.3 kB
build/edit-site/style.css	15.3 kB
build/edit-widgets/index.min.js	17.3 kB
build/edit-widgets/style-rtl.css	4.22 kB
build/edit-widgets/style.css	4.22 kB
build/editor/index.min.js	63.6 kB
build/editor/style-rtl.css	5.43 kB
build/editor/style.css	5.43 kB
build/element/index.min.js	4.83 kB
build/escape-html/index.min.js	537 B
build/format-library/index.min.js	7.89 kB
build/format-library/style-rtl.css	478 B
build/format-library/style.css	477 B
build/hooks/index.min.js	1.55 kB
build/html-entities/index.min.js	448 B
build/i18n/index.min.js	3.58 kB
build/interactivity/file.min.js	447 B
build/interactivity/image.min.js	1.67 kB
build/interactivity/index.min.js	12.7 kB
build/interactivity/navigation.min.js	1.24 kB
build/interactivity/query.min.js	740 B
build/interactivity/router.min.js	1.29 kB
build/interactivity/search.min.js	618 B
build/is-shallow-equal/index.min.js	527 B
build/keyboard-shortcuts/index.min.js	1.74 kB
build/keycodes/index.min.js	1.46 kB
build/list-reusable-blocks/index.min.js	2.11 kB
build/list-reusable-blocks/style-rtl.css	836 B
build/list-reusable-blocks/style.css	836 B
build/media-utils/index.min.js	2.9 kB
build/modules/importmap-polyfill.min.js	12.2 kB
build/notices/index.min.js	948 B
build/nux/index.min.js	2 kB
build/nux/style-rtl.css	735 B
build/nux/style.css	732 B
build/patterns/index.min.js	5.79 kB
build/patterns/style-rtl.css	540 B
build/patterns/style.css	539 B
build/plugins/index.min.js	1.8 kB
build/preferences-persistence/index.min.js	2.05 kB
build/preferences/index.min.js	2.82 kB
build/preferences/style-rtl.css	698 B
build/preferences/style.css	700 B
build/primitives/index.min.js	975 B
build/priority-queue/index.min.js	1.52 kB
build/private-apis/index.min.js	1 kB
build/react-i18n/index.min.js	623 B
build/react-refresh-entry/index.min.js	9.47 kB
build/react-refresh-runtime/index.min.js	6.78 kB
build/redux-routine/index.min.js	2.7 kB
build/reusable-blocks/index.min.js	2.72 kB
build/reusable-blocks/style-rtl.css	243 B
build/reusable-blocks/style.css	243 B
build/rich-text/index.min.js	10.4 kB
build/router/index.min.js	1.79 kB
build/server-side-render/index.min.js	1.95 kB
build/shortcode/index.min.js	1.39 kB
build/style-engine/index.min.js	2.08 kB
build/token-list/index.min.js	582 B
build/url/index.min.js	3.72 kB
build/vendors/inert-polyfill.min.js	2.48 kB
build/vendors/react-dom.min.js	41.8 kB
build/vendors/react.min.js	4.02 kB
build/viewport/index.min.js	957 B
build/warning/index.min.js	249 B
build/widgets/index.min.js	7.21 kB
build/widgets/style-rtl.css	1.15 kB
build/widgets/style.css	1.16 kB
build/wordcount/index.min.js	1.02 kB

_{compressed-size-action}

[github-actions]

Flaky tests detected in d1933ab.
Some tests passed with failed attempts. The failures may not be related to this commit but are still reported for visibility. See the documentation for more information.

🔍 Workflow run URL: https://github.com/WordPress/gutenberg/actions/runs/7925920273
📝 Reported issues:

• [Flaky Test] default to my only existing menu #59008 in /test/e2e/specs/editor/blocks/navigation.spec.js
• [Flaky Test] default to the only existing classic menu if there are no block menus #48033 in /test/e2e/specs/editor/blocks/navigation.spec.js
• [Flaky Test] list view should correctly reflect navigation items' structure #58980 in /test/e2e/specs/editor/blocks/navigation-list-view.spec.js
• [Flaky Test] submenu converts to link automatically #58981 in /test/e2e/specs/editor/blocks/navigation.spec.js

[github-actions]

The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the props-bot label.

If you're merging code through a pull request on GitHub, copy and paste the following into the bottom of the merge commit message.

Co-authored-by: peterwilsoncc <peterwilsoncc@git.wordpress.org>
Co-authored-by: youknowriad <youknowriad@git.wordpress.org>
Co-authored-by: swissspidy <swissspidy@git.wordpress.org>
Co-authored-by: getdave <get_dave@git.wordpress.org>
Co-authored-by: matiasbenedetto <mmaattiiaass@git.wordpress.org>
Co-authored-by: creativecoder <grantmkin@git.wordpress.org>

To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook.

[matiasbenedetto]

Hi @peterwilsoncc 👋 , thanks for working on this.

1. Install a font either via file upload or Google Fonts.
2. Add define( 'DISALLOW_FILE_MODS', true ); to your wp-config file.
3. Open Site Editor ... Styles > Typography > Manage Fonts
4. Ensure the upload and Install fonts tabs are not shown
5. Click the font you installed earlier
6. Check the box next to the font
7. Ensure the delete button is not available
8. Remove the constant added earlier
9. Ensure it's possible to delete your font.

I tested this PR following the instructions, and it works as described.

If understood correctly from your comment defining define( 'DISALLOW_FILE_MODS,' true ); disallow file writing on all the folders except the uploads ones. I have a question: What behavior would be expected if the user customized the fonts folder inside the uploads folder as this extender did? In theory, the user would allowed to write fonts because, using that config, they will be written inside the uploads folder, but, running this PR, the tabs with the UI to install the fonts are not available.

[swissspidy]

It doesn‘t matter where the fonts folder is located. The capability check prevents adding fonts if file mods are disallowed.

[creativecoder]

There's some nuance to how fonts work that seems important to consider here:

• wp_font_face posts contain a url in the src property of the font face JSON that point to the font file
• The referenced font file url can be local (font file is uploaded to the site) or remote (font is hosted on a CDN)

So I think that permission to create a wp_font_face post should stay separate from uploading a font file. If DISALLOW_FILE_MODS is true, I don't think that should prevent creating all font faces (which can reference a remotely hosted file), only the actual font file upload.

Perhaps we could hand this by

• Not showing the font upload UI in the Font Library when DISALLOW_FILE_MODS is true
• Making sure that the POST font-faces endpoint disallows font file uploads when DISALLOW_FILE_MODS is true

Additionally, there's a discussion in this issue about how to signal when to upload a font file to the site (the current behavior with the Google Fonts library) vs using the remotely hosted font file. I'll add a comment there, I think that DISALLOW_FILE_MODS needs to be considered.

[peterwilsoncc]

@creativecoder I'm going to have to thinkg about this, I only became aware of the permissions discussion a couple of days ago so still getting my head aound the workings of the controller.

[getdave]

Suggested change

	* Files must be modifiable to grant these capabilities and the user must als
	* Files must be modifiable to grant these capabilities and the user must also

[getdave]

Suggested change

	* if the delete_post meta capability.
	* of the delete_post meta capability.

[getdave]

Thanks for all the work on this PR.

We will need to merge this PR prior to Beta 3 and I'm starting to become concerned that it's now getting very close.

I think we should add some tests, including some Playwright e2e tests to validate that the Upload/Delete options are / aren't available based on certain conditions.

@creativecoder @matiasbenedetto are you able to support with this?

For my part I'm going to manually test the PR and will be around to assist wherever I can.

[creativecoder]

@getdave I'm working on a new PR today, combining the approach here with #59104, based on @peterwilsoncc 's feedback.

Here's what I'm planning:

• Add new meta cap for font upload, following the same pattern as language packs
• Gating UI install/delete actions based on font family user capabilities

[peterwilsoncc]

Closing this in favour of #59294 which includes a combination of this PR and Grant's original PR.