current_user_can_for_blog() doesn't use map_meta_cap for multisite user admins

[jamescollins]

[12796] introduced a new current_user_can_for_blog() function, which was based on how the existing current_user_can() function was implemented.

This included this check:

if( is_multisite() && is_super_admin() ) 
    return true;

Then in [13270]/#12109, the current_user_can() function was modified so that map_meta_cap is always used for multisite user admins.

However this change didn't include the necessary change to the current_user_can_for_blog() function as well.

This means that currently the current_user_can_for_blog() will always return true for multisite user admins, without map_meta_cap ever being used.

Patch attached.

Patch against trunk r15811

I realise we're close to 3.1 feature freeze, but it would be great if we could get this change committed so its included in 3.1.

Thanks.

This looks like a bug, so it would be unaffected by the freeze.

Setting to 3.0.2 actually.

(In [15812]) Use map_meta_cap for multisite super admins in current_user_can_for_blog. props jamescollins, see #15122.

nacin, if this has a 3.0.2 milestone doesn't it need to be committed to the 3.0 branch as well as trunk?

Thanks.

Wasn't sure if I wanted to apply it to 3.0.2. This isn't a function that's actually used in core, and it doesn't look like it's used in any plugins based on a quick site:plugins.svn.wordpress.org search on Google. I suppose we should apply it to 3.0, because it will return incorrect (though not truly disastrous) results.

nacin, it would be good to either set the milestone of this ticket to 3.1, or commit this fix to the 3.0 branch.

Thanks.

Sure thing.

(In [16631]) Use map_meta_cap for multisite super admins in current_user_can_for_blog. props jamescollins, fixes #15122 for 3.0.