From 29cbc8123a519a18029282b539819f68f349a204 Mon Sep 17 00:00:00 2001
From: Daniel Bachhuber <daniel@handbuilt.co>
Date: Sun, 13 Dec 2015 15:19:30 -0800
Subject: [PATCH 1/3] Failing testcase for creating a comment without a post

---
 tests/test-rest-comments-controller.php | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/tests/test-rest-comments-controller.php b/tests/test-rest-comments-controller.php
index d5fcf99808..4ca1f67383 100644
--- a/tests/test-rest-comments-controller.php
+++ b/tests/test-rest-comments-controller.php
@@ -555,6 +555,25 @@ public function test_create_comment_with_status() {
 		$this->assertEquals( 'approved', $data['status'] );
 	}
 
+	public function test_create_comment_no_post_id() {
+		wp_set_current_user( $this->admin_id );
+
+		$params = array(
+			'author_name'  => 'Comic Book Guy',
+			'author_email' => 'cbg@androidsdungeon.com',
+			'author_url'   => 'http://androidsdungeon.com',
+			'content'      => 'Worst Comment Ever!',
+			'status'       => 'approved',
+		);
+		$request = new WP_REST_Request( 'POST', '/wp/v2/comments' );
+		$request->add_header( 'content-type', 'application/json' );
+		$request->set_body( wp_json_encode( $params ) );
+
+		$response = $this->server->dispatch( $request );
+		$response = rest_ensure_response( $response );
+		$this->assertEquals( 201, $response->get_status() );
+	}
+
 	public function test_create_item_duplicate() {
 		$this->markTestSkipped( 'Needs to be revisited after wp_die handling is added' );
 		$original_id = $this->factory->comment->create(

From dda8f7330b37e45637288973c20aaa576afc3ea0 Mon Sep 17 00:00:00 2001
From: Daniel Bachhuber <daniel@handbuilt.co>
Date: Sun, 13 Dec 2015 15:31:21 -0800
Subject: [PATCH 2/3] Permit creating comments without an assigned post

---
 .../class-wp-rest-comments-controller.php     | 25 +++++++------------
 1 file changed, 9 insertions(+), 16 deletions(-)

diff --git a/lib/endpoints/class-wp-rest-comments-controller.php b/lib/endpoints/class-wp-rest-comments-controller.php
index d8b06621e3..b49bcd5831 100755
--- a/lib/endpoints/class-wp-rest-comments-controller.php
+++ b/lib/endpoints/class-wp-rest-comments-controller.php
@@ -121,9 +121,11 @@ public function get_item( $request ) {
 			return new WP_Error( 'rest_comment_invalid_id', __( 'Invalid comment id.' ), array( 'status' => 404 ) );
 		}
 
-		$post = get_post( $comment->comment_post_ID );
-		if ( empty( $post ) ) {
-			return new WP_Error( 'rest_post_invalid_id', __( 'Invalid post id.' ), array( 'status' => 404 ) );
+		if ( ! empty( $comment->comment_post_ID ) ) {
+			$post = get_post( $comment->comment_post_ID );
+			if ( empty( $post ) ) {
+				return new WP_Error( 'rest_post_invalid_id', __( 'Invalid post id.' ), array( 'status' => 404 ) );
+			}
 		}
 
 		$data = $this->prepare_item_for_response( $comment, $request );
@@ -143,11 +145,6 @@ public function create_item( $request ) {
 			return new WP_Error( 'rest_comment_exists', __( 'Cannot create existing comment.' ), array( 'status' => 400 ) );
 		}
 
-		$post = get_post( $request['post'] );
-		if ( empty( $post ) ) {
-			return new WP_Error( 'rest_post_invalid_id', __( 'Invalid post id.' ), array( 'status' => 404 ) );
-		}
-
 		$prepared_comment = $this->prepare_item_for_database( $request );
 
 		// Setting remaining values before wp_insert_comment so we can
@@ -423,14 +420,7 @@ public function create_item_permissions_check( $request ) {
 			return new WP_Error( 'rest_comment_invalid_status', __( 'Sorry, you cannot set status for comments.' ), array( 'status' => rest_authorization_required_code() ) );
 		}
 
-		// If the post id isn't specified, presume we can create.
-		if ( ! isset( $request['post'] ) ) {
-			return true;
-		}
-
-		$post = get_post( (int) $request['post'] );
-
-		if ( $post ) {
+		if ( ! empty( $request['post'] ) && $post = get_post( (int) $request['post'] ) ) {
 
 			if ( ! $this->check_read_post_permission( $post ) ) {
 				return new WP_Error( 'rest_cannot_read_post', __( 'Sorry, you cannot read the post for this comment.' ), array( 'status' => rest_authorization_required_code() ) );
@@ -869,6 +859,9 @@ public function get_item_schema() {
 					'description'  => 'The id of the associated post object.',
 					'type'         => 'integer',
 					'context'      => array( 'view', 'edit' ),
+					'arg_options'  => array(
+						'default'           => 0,
+					),
 				),
 				'status'           => array(
 					'description'  => 'State of the object.',

From 9014bacc74ab91758009fc49deda793985dab02d Mon Sep 17 00:00:00 2001
From: Daniel Bachhuber <daniel@handbuilt.co>
Date: Sun, 13 Dec 2015 15:44:41 -0800
Subject: [PATCH 3/3] Remove unneeded call to `rest_ensure_response()`

---
 tests/test-rest-comments-controller.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/test-rest-comments-controller.php b/tests/test-rest-comments-controller.php
index 4ca1f67383..27e29df339 100644
--- a/tests/test-rest-comments-controller.php
+++ b/tests/test-rest-comments-controller.php
@@ -570,7 +570,6 @@ public function test_create_comment_no_post_id() {
 		$request->set_body( wp_json_encode( $params ) );
 
 		$response = $this->server->dispatch( $request );
-		$response = rest_ensure_response( $response );
 		$this->assertEquals( 201, $response->get_status() );
 	}