Opened 4 years ago
Last modified 3 years ago
#9378 new enhancement
Deprecate manage_category cap in favor of its object type's cap
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Priority: | normal | Milestone: | Future Release |
| Component: | Taxonomy | Version: | 2.7.1 |
| Severity: | normal | Keywords: | needs-patch |
| Cc: | kevinB |
Description
I encountered a problem in WordPress 2.7.1 $wp_roles->remove_cap('editor', 'manage_links'); doesn't remove that capability for the Editor role entirely, but it still displays the page "link categories", and you can perform actions on that page. This is because that page needs "manage_categories" instead of "manage_links".
I would propose to either require the manage_links capability for this page, or introduce a new capability (something as manage_link_categories for example).
Attachments (1)
Change History (7)
- Keywords has-patch 2nd-opinion added
- Milestone changed from Unassigned to 2.8
- Keywords dev-feedback added
- Keywords needs-patch added; has-patch tested commit 2nd-opinion dev-feedback removed
- Milestone changed from 2.8 to 2.9
Just changing it in the menu won't help here.
As if I still have the manage_categories cap then I can go to the page by url and change things there as that checks that cap.
Moving to 2.9 for now.
We need to decide if we can have per-taxonomy caps to provide better flexibility here.
- Component changed from Administration to Taxonomy
- Milestone changed from 2.9 to Future Release
- Summary changed from Removing cap 'manage_links' doesn't remove all link related capabilities to Deprecate manage_category cap in favor of its object type's cap
- Type changed from defect (bug) to enhancement
Suggesting the following instead:
We deprecate the manage_category cap. For each taxonomy, we look at the applicable object type instead.
If use can edit that object type, he can edit the taxonomy.
Patch attached, but I'm itching between suggesting that this should also be the case for post categories and tags, for the sake of consistency, or suggesting that what's really needed is a different manage_* capacity for each taxonomy...