Ticket #18426: wp.deleteUser.2.patch

wp-includes/class-wp-xmlrpc-server.php

@@ -64 +64 @@
                         'wp.getMediaItem'               => 'this:wp_getMediaItem',
                         'wp.getMediaLibrary'    => 'this:wp_getMediaLibrary',
                         'wp.getPostFormats'     => 'this:wp_getPostFormats',
+                        'wp.deleteUser'                 => 'this:wp_deleteUser',
 
                         // Blogger API
                         'blogger.getUsersBlogs' => 'this:blogger_getUsersBlogs',
@@ -1702 +1703 @@
                 return $formats;
         }
 
+        /**
+         * Delete a user
+         *
+         * @uses wp_delete_user()
+         * @param array $args Method parameters. Contains:
+         *  - int     $blog_id
+         *  - string  $username
+         *  - string  $password
+         *  - int     $user_id
+         * @return True when user is deleted.
+         */
+        function wp_deleteUser( $args ) {
+                $this->escape( $args );
+
+                $blog_id    = (int) $args[0];
+                $username   = $args[1];
+                $password   = $args[2];
+                $user_id    = (int) $args[3];
+
+                if( ! $user = $this->login( $username, $password ) )
+                        return $this->error;
+
+                do_action( 'xmlrpc_call', 'wp.deleteUser' );
+
+                if( ! current_user_can( 'delete_users' ) )
+                        return new IXR_Error( 401, __( 'You are not allowed to delete users.' ) );
+
+                if( ! get_userdata( $user_id ) )
+                        return new IXR_Error( 404, __('Invalid user ID.' ) );
+
+                if( $user->ID == $user_id )
+                        return new IXR_Error( 401, __( 'You cannot delete yourself.' ) );
+
+                return wp_delete_user( $user_id );
+        }
+
         /* Blogger API functions.
          * specs on http://plant.blogger.com/api and http://groups.yahoo.com/group/bloggerDev/
          */