Ticket #17981: patch-core-17981-3.diff
| File patch-core-17981-3.diff, 3.1 KB (added by koke, 3 months ago) |
|---|
-
wp-includes/class-wp-xmlrpc-server.php
1633 1633 if ( !$user = $this->login($username, $password) ) 1634 1634 return $this->error; 1635 1635 1636 if ( !current_user_can( ' moderate_comments' ) )1636 if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) ) 1637 1637 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 1638 1638 1639 1639 do_action('xmlrpc_call', 'wp.getComment'); … … 1671 1671 'author_email' => $comment->comment_author_email, 1672 1672 'author_ip' => $comment->comment_author_IP, 1673 1673 'type' => $comment->comment_type, 1674 'can_edit' => current_user_can( 'edit_comment', $comment_id ), 1674 1675 ); 1675 1676 1676 1677 return $comment_struct; … … 1707 1708 if ( !$user = $this->login($username, $password) ) 1708 1709 return $this->error; 1709 1710 1710 if ( !current_user_can( ' moderate_comments' ) )1711 if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) ) 1711 1712 return new IXR_Error( 401, __( 'Sorry, you cannot edit comments.' ) ); 1712 1713 1713 1714 do_action('xmlrpc_call', 'wp.getComments'); … … 1775 1776 if ( !$user = $this->login($username, $password) ) 1776 1777 return $this->error; 1777 1778 1778 if ( !current_user_can( ' moderate_comments' ) )1779 if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) ) 1779 1780 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 1780 1781 1781 1782 if ( ! get_comment($comment_ID) ) 1782 1783 return new IXR_Error( 404, __( 'Invalid comment ID.' ) ); 1783 1784 1784 1785 if ( !current_user_can( 'edit_comment', $comment_ID ) ) 1785 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );1786 return new IXR_Error( 403, __( 'You are not allowed to moderate this comment.' ) ); 1786 1787 1787 1788 do_action('xmlrpc_call', 'wp.deleteComment'); 1788 1789 … … 1825 1826 if ( !$user = $this->login($username, $password) ) 1826 1827 return $this->error; 1827 1828 1828 if ( !current_user_can( ' moderate_comments' ) )1829 if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) ) 1829 1830 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 1830 1831 1831 1832 if ( ! get_comment($comment_ID) ) 1832 1833 return new IXR_Error( 404, __( 'Invalid comment ID.' ) ); 1833 1834 1834 1835 if ( !current_user_can( 'edit_comment', $comment_ID ) ) 1835 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );1836 return new IXR_Error( 403, __( 'You are not allowed to moderate this comment.' ) ); 1836 1837 1837 1838 do_action('xmlrpc_call', 'wp.editComment'); 1838 1839 … … 1978 1979 if ( !$user = $this->login($username, $password) ) 1979 1980 return $this->error; 1980 1981 1981 if ( !current_user_can( ' moderate_comments' ) )1982 if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) ) 1982 1983 return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) ); 1983 1984 1984 1985 do_action('xmlrpc_call', 'wp.getCommentStatusList');
