id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
10763	Abstract function for authorization check in admin pages	johnjosephbachir	ryan	"This patch provides an abstract function to reduce code repetition in cases of authorization check, with accompanying user feedback throughout the codebase, such as this:

{{{
#!php
if ( ! current_user_can('manage_options') )
    wp_die(__('You do not have sufficient permissions to manage options for this blog.'));
}}}

I tried testing it, but actually couldn't think of a case that these checks accomodate for the menu.php/admin.php whitelist system takes care of all the unauthorized access cases that I tried.

I made the `$full_message` parameter in order to accomodate for messages with non-standard structure, but it turned out that they were all standard. The only slight exceptions were the couple of instances that were wrapped in `<p>` tags, which I deemed unnecessary in the rare case of simply telling a user that they aren't allowed to do something -- I figured these must have been formatted differently only for historical reasons and not because the behavior is actually different in that cast -- but correct me if I'm wrong.

So-- feel free to remove the `$full_message` logic (since it's not currently being used in any of the cases) -- or, maybe it will come in handy for plugin developers?

Let me know what you think!"	enhancement	closed	normal		Security	2.8.4	normal	worksforme