Abstract function for authorization check in admin pages
|Reported by:||johnjosephbachir||Owned by:||ryan|
This patch provides an abstract function to reduce code repetition in cases of authorization check, with accompanying user feedback throughout the codebase, such as this:
if ( ! current_user_can('manage_options') ) wp_die(__('You do not have sufficient permissions to manage options for this blog.'));
I tried testing it, but actually couldn't think of a case that these checks accomodate for the menu.php/admin.php whitelist system takes care of all the unauthorized access cases that I tried.
I made the $full_message parameter in order to accomodate for messages with non-standard structure, but it turned out that they were all standard. The only slight exceptions were the couple of instances that were wrapped in <p> tags, which I deemed unnecessary in the rare case of simply telling a user that they aren't allowed to do something -- I figured these must have been formatted differently only for historical reasons and not because the behavior is actually different in that cast -- but correct me if I'm wrong.
So-- feel free to remove the $full_message logic (since it's not currently being used in any of the cases) -- or, maybe it will come in handy for plugin developers?
Let me know what you think!
Change History (10)
- Keywords needs-patch dev-feedback added
- Milestone changed from 2.8.5 to Future Release
- Keywords needs-patch dev-feedback removed
- Resolution set to worksforme
- Status changed from new to closed