WordPress.org

Make WordPress Core

Ticket #17981: patch-core-17981-2.diff

File patch-core-17981-2.diff, 1.9 KB (added by koke, 3 years ago)

Second patch closer to dashboard behavior

  • wp-includes/class-wp-xmlrpc-server.php

    diff --git a/wp-includes/class-wp-xmlrpc-server.php b/wp-includes/class-wp-xmlrpc-server.php
    index 9d92cec..6eaa14e 100644
    a b class wp_xmlrpc_server extends IXR_Server { 
    10631063                if ( !$user = $this->login($username, $password) ) 
    10641064                        return $this->error; 
    10651065 
    1066                 if ( !current_user_can( 'moderate_comments' ) ) 
     1066                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) ) 
    10671067                        return new IXR_Error( 401, __( 'Sorry, you cannot edit comments.' ) ); 
    10681068 
    10691069                do_action('xmlrpc_call', 'wp.getComments'); 
    class wp_xmlrpc_server extends IXR_Server { 
    11311131                if ( !$user = $this->login($username, $password) ) 
    11321132                        return $this->error; 
    11331133 
    1134                 if ( !current_user_can( 'moderate_comments' ) ) 
     1134                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) ) 
    11351135                        return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 
    11361136 
    11371137                if ( !current_user_can( 'edit_comment', $comment_ID ) ) 
    1138                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 
     1138                        return new IXR_Error( 403, __( 'You are not allowed to delete this comment.' ) ); 
    11391139 
    11401140                do_action('xmlrpc_call', 'wp.deleteComment'); 
    11411141 
    class wp_xmlrpc_server extends IXR_Server { 
    11811181                if ( !$user = $this->login($username, $password) ) 
    11821182                        return $this->error; 
    11831183 
    1184                 if ( !current_user_can( 'moderate_comments' ) ) 
     1184                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) ) 
    11851185                        return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 
    11861186 
    11871187                if ( !current_user_can( 'edit_comment', $comment_ID ) ) 
    1188                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 
     1188                        return new IXR_Error( 403, __( 'You are not allowed to moderate or edit this comment.' ) ); 
    11891189 
    11901190                do_action('xmlrpc_call', 'wp.editComment'); 
    11911191