Ensure the correct error message is returned when a user attempts to comment on a post to which they do not have access.

Adds more tests.

Built from https://develop.svn.wordpress.org/trunk@35745


git-svn-id: http://core.svn.wordpress.org/trunk@35709 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/comment.php

@@ -2670,6 +2670,10 @@ function wp_handle_comment_submission( $comment_data ) {
 	// get_post_status() will get the parent status for attachments.
 	$status = get_post_status( $post );
 
+	if ( ( 'private' == $status ) && ! current_user_can( 'read_post', $comment_post_ID ) ) {
+		return new WP_Error( 'comment_id_not_found' );
+	}
+
 	$status_obj = get_post_status_object( $status );
 
 	if ( ! comments_open( $comment_post_ID ) ) {
@@ -2756,7 +2760,7 @@ function wp_handle_comment_submission( $comment_data ) {
 			}
 		}
 	} else {
-		if ( get_option( 'comment_registration' ) || 'private' == $status ) {
+		if ( get_option( 'comment_registration' ) ) {
 			return new WP_Error( 'not_logged_in', __( 'Sorry, you must be logged in to post a comment.' ), 403 );
 		}
 	}

wp-includes/version.php

@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '4.4-RC1-35744';
+$wp_version = '4.4-RC1-35745';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.