Users: Initialize the WP_User::$roles property as a sequential array.

Previously, if any roles were filtered out via `array_filter()` when assigning the `WP_User::$roles` property in `WP_User::get_role_caps()`, the resulting array could contain non-sequential numeric keys, which would then cause it to be treated as an object when JSON-encoded, e.g. in `wp_localize_script()`, instead of a proper array, breaking client-side expectations.

This commit ensures that the `WP_User::$roles` property is always treated as an array.

Follow-up to [2703], [2793], [22118].

Props haruncpi, peterwilsoncc, SirLouen, getsyash, wildworks, johnjamesjacoby, SergeyBiryukov.
Fixes #63427.

git-svn-id: https://develop.svn.wordpress.org/trunk@61210 602fd350-edb4-49c9-b593-d223f7449a82

Author: SergeyBiryukov

src/wp-includes/class-wp-user.php

@@ -515,9 +515,15 @@ public function get_role_caps() {
 
 		$wp_roles = wp_roles();
 
-		// Filter out caps that are not role names and assign to $this->roles.
+		// Select caps that are role names and assign to $this->roles.
 		if ( is_array( $this->caps ) ) {
-			$this->roles = array_filter( array_keys( $this->caps ), array( $wp_roles, 'is_role' ) );
+			$this->roles = array();
+
+			foreach ( $this->caps as $key => $value ) {
+				if ( $wp_roles->is_role( $key ) ) {
+					$this->roles[] = $key;
+				}
+			}
 		}
 
 		// Build $allcaps from role caps, overlay user's $caps.

tests/phpunit/tests/user.php

@@ -2157,6 +2157,37 @@ public function test_send_confirmation_on_profile_email_html_entities_decoded()
 		$this->assertStringNotContainsString( ''Test' blog's "name" has <html entities> &', $email->subject, 'Email subject does contains HTML entities' );
 	}
 
+	/**
+	 * Tests that the `WP_User::$roles` property is a sequential array.
+	 *
+	 * @ticket 63427
+	 *
+	 * @covers WP_User::get_role_caps
+	 */
+	public function test_wp_user_roles_property_is_sequential_array() {
+		$user = new WP_User( self::$author_id );
+		$this->assertTrue( $this->is_sequential( $user->roles ), 'Initial roles array should be sequential.' );
+
+		$user->remove_role( 'author' );
+		$this->assertIsArray( $user->roles, 'After removing all roles, $user->roles should still be an array.' );
+		$this->assertSame( array(), $user->roles, 'After removing all roles, $user->roles should be an empty array.' );
+
+		$user->add_role( 'author' );
+		$user->add_role( 'subscriber' );
+		$this->assertSame( array( 'author', 'subscriber' ), $user->roles, 'After adding multiple roles, $user->roles should contain added roles.' );
+		$this->assertTrue( $this->is_sequential( $user->roles ), 'After adding multiple roles, $user->roles should still be sequential.' );
+	}
+
+	/**
+	 * Determines whether an array has sequential numeric keys.
+	 *
+	 * @param array $arr The array to check.
+	 * @return bool True if the array has sequential numeric keys, false otherwise.
+	 */
+	private function is_sequential( array $arr ) {
+		return array_keys( $arr ) === range( 0, count( $arr ) - 1 );
+	}
+
 	/**
 	 * @ticket 42564
 	 */