Taxonomy manage screen checks for manage_terms and edit_terms, instead of just manage_terms.
|Reported by:||andrewryno||Owned by:|
I'm trying to set up permissions so the Contributor role can add terms but not edit or delete terms. I setup my taxonomy so it looks like this:
register_taxonomy( 'custom_taxonomy', array( 'post' ), array( ... 'capabilities' => array ( 'manage_terms' => 'edit_posts', 'edit_terms' => 'manage_options', 'delete_terms' => 'manage_options', 'assign_terms' => 'edit_posts' ) ) );
However, when logged in as a contributor I get the error "You are not allowed to edit this item." In edit-tags.php there are two checks for caps, one is for manage_terms and one is for edit_terms. I don't believe the second one should be there, because looking at the other code it should be like this:
- User with manage_terms can access the main taxonomy page
- They can also add terms
- There are checks in WP_Terms_List_Table to restrict showing the Edit/Quick Edit/Delete links for users without those capabilities (edit_terms/delete_terms).
- There is even plenty of other checks on edit_terms in edit-tags.php to include/change the content shown to the user.. if the entire page is restricted for users without edit_terms, why are any of those necessary?
Even if I'm wrong on the fact that roles with edit_terms can't add new terms (it's not completely clear anywhere, it seems like manage_terms should be enough), I still think that this page should be viewable at the very least considering the other code in that page and the list table.
Recommended solution: move the edit_terms check back into case 'edit' (line 121 of edit-tags.php in trunk, currently) as it was before .