WP_Customize_Manager::setup_theme PHP Method

    public function setup_theme()
    {
        global $pagenow;
        // Check permissions for customize.php access since this method is called before customize.php can run any code,
        if ('customize.php' === $pagenow && !current_user_can('customize')) {
            if (!is_user_logged_in()) {
                auth_redirect();
            } else {
                wp_die('<h1>' . __('Cheatin&#8217; uh?') . '</h1>' . '<p>' . __('Sorry, you are not allowed to customize this site.') . '</p>', 403);
            }
            return;
        }
        if (!preg_match('/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/', $this->_changeset_uuid)) {
            $this->wp_die(-1, __('Invalid changeset UUID'));
        }
        /*
         * If unauthenticated then require a valid changeset UUID to load the preview.
         * In this way, the UUID serves as a secret key. If the messenger channel is present,
         * then send unauthenticated code to prompt re-auth.
         */
        if (!current_user_can('customize') && !$this->changeset_post_id()) {
            $this->wp_die($this->messenger_channel ? 0 : -1, __('Non-existent changeset UUID.'));
        }
        if (!headers_sent()) {
            send_origin_headers();
        }
        // Hide the admin bar if we're embedded in the customizer iframe.
        if ($this->messenger_channel) {
            show_admin_bar(false);
        }
        if ($this->is_theme_active()) {
            // Once the theme is loaded, we'll validate it.
            add_action('after_setup_theme', array($this, 'after_setup_theme'));
        } else {
            // If the requested theme is not the active theme and the user doesn't have the
            // switch_themes cap, bail.
            if (!current_user_can('switch_themes')) {
                $this->wp_die(-1, __('Sorry, you are not allowed to edit theme options on this site.'));
            }
            // If the theme has errors while loading, bail.
            if ($this->theme()->errors()) {
                $this->wp_die(-1, $this->theme()->errors()->get_error_message());
            }
            // If the theme isn't allowed per multisite settings, bail.
            if (!$this->theme()->is_allowed()) {
                $this->wp_die(-1, __('The requested theme does not exist.'));
            }
        }
        /*
         * Import theme starter content for fresh installs when landing in the customizer.
         * Import starter content at after_setup_theme:100 so that any
         * add_theme_support( 'starter-content' ) calls will have been made.
         */
        if (get_option('fresh_site') && 'customize.php' === $pagenow) {
            add_action('after_setup_theme', array($this, 'import_theme_starter_content'), 100);
        }
        $this->start_previewing_theme();
    }

 /**
  * Test WP_Customize_Manager::setup_theme() for frontend.
  *
  * @covers WP_Customize_Manager::setup_theme()
  */
 function test_setup_theme_in_frontend()
 {
     global $wp_customize, $pagenow, $show_admin_bar;
     $pagenow = 'front';
     set_current_screen('front');
     wp_set_current_user(0);
     $exception = null;
     $wp_customize = new WP_Customize_Manager();
     wp_set_current_user(self::$subscriber_user_id);
     try {
         $wp_customize->setup_theme();
     } catch (Exception $e) {
         $exception = $e;
     }
     $this->assertInstanceOf('WPDieException', $exception);
     $this->assertContains('Non-existent changeset UUID', $exception->getMessage());
     wp_set_current_user(self::$admin_user_id);
     $wp_customize = new WP_Customize_Manager(array('messenger_channel' => 'preview-1'));
     $wp_customize->setup_theme();
     $this->assertFalse($show_admin_bar);
     show_admin_bar(true);
     wp_set_current_user(self::$admin_user_id);
     $wp_customize = new WP_Customize_Manager(array('messenger_channel' => null));
     $wp_customize->setup_theme();
     $this->assertTrue($show_admin_bar);
 }