WordPress.org

Make WordPress Core

Ticket #17981: patch-core-17981-2.diff

File patch-core-17981-2.diff, 1.9 KB (added by koke, 7 years ago)

Second patch closer to dashboard behavior

  • wp-includes/class-wp-xmlrpc-server.php

    diff --git a/wp-includes/class-wp-xmlrpc-server.php b/wp-includes/class-wp-xmlrpc-server.php
    index 9d92cec..6eaa14e 100644
    a b class wp_xmlrpc_server extends IXR_Server { 
    10631063                if ( !$user = $this->login($username, $password) )
    10641064                        return $this->error;
    10651065
    1066                 if ( !current_user_can( 'moderate_comments' ) )
     1066                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) )
    10671067                        return new IXR_Error( 401, __( 'Sorry, you cannot edit comments.' ) );
    10681068
    10691069                do_action('xmlrpc_call', 'wp.getComments');
    class wp_xmlrpc_server extends IXR_Server { 
    11311131                if ( !$user = $this->login($username, $password) )
    11321132                        return $this->error;
    11331133
    1134                 if ( !current_user_can( 'moderate_comments' ) )
     1134                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) )
    11351135                        return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
    11361136
    11371137                if ( !current_user_can( 'edit_comment', $comment_ID ) )
    1138                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
     1138                        return new IXR_Error( 403, __( 'You are not allowed to delete this comment.' ) );
    11391139
    11401140                do_action('xmlrpc_call', 'wp.deleteComment');
    11411141
    class wp_xmlrpc_server extends IXR_Server { 
    11811181                if ( !$user = $this->login($username, $password) )
    11821182                        return $this->error;
    11831183
    1184                 if ( !current_user_can( 'moderate_comments' ) )
     1184                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) )
    11851185                        return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
    11861186
    11871187                if ( !current_user_can( 'edit_comment', $comment_ID ) )
    1188                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
     1188                        return new IXR_Error( 403, __( 'You are not allowed to moderate or edit this comment.' ) );
    11891189
    11901190                do_action('xmlrpc_call', 'wp.editComment');
    11911191