WordPress.org

Make WordPress Core

Ticket #17981: patch-core-17981-3.diff

File patch-core-17981-3.diff, 3.1 KB (added by koke, 6 years ago)
  • wp-includes/class-wp-xmlrpc-server.php

     
    16331633                if ( !$user = $this->login($username, $password) )
    16341634                        return $this->error;
    16351635
    1636                 if ( !current_user_can( 'moderate_comments' ) )
     1636                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) )
    16371637                        return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
    16381638
    16391639                do_action('xmlrpc_call', 'wp.getComment');
     
    16711671                        'author_email'                  => $comment->comment_author_email,
    16721672                        'author_ip'                             => $comment->comment_author_IP,
    16731673                        'type'                                  => $comment->comment_type,
     1674      'can_edit'      => current_user_can( 'edit_comment', $comment_id ),
    16741675                );
    16751676
    16761677                return $comment_struct;
     
    17071708                if ( !$user = $this->login($username, $password) )
    17081709                        return $this->error;
    17091710
    1710                 if ( !current_user_can( 'moderate_comments' ) )
     1711                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) )
    17111712                        return new IXR_Error( 401, __( 'Sorry, you cannot edit comments.' ) );
    17121713
    17131714                do_action('xmlrpc_call', 'wp.getComments');
     
    17751776                if ( !$user = $this->login($username, $password) )
    17761777                        return $this->error;
    17771778
    1778                 if ( !current_user_can( 'moderate_comments' ) )
     1779                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) )
    17791780                        return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
    17801781
    17811782                if ( ! get_comment($comment_ID) )
    17821783                        return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
    17831784
    17841785                if ( !current_user_can( 'edit_comment', $comment_ID ) )
    1785                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
     1786                        return new IXR_Error( 403, __( 'You are not allowed to moderate this comment.' ) );
    17861787
    17871788                do_action('xmlrpc_call', 'wp.deleteComment');
    17881789
     
    18251826                if ( !$user = $this->login($username, $password) )
    18261827                        return $this->error;
    18271828
    1828                 if ( !current_user_can( 'moderate_comments' ) )
     1829                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) )
    18291830                        return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
    18301831
    18311832                if ( ! get_comment($comment_ID) )
    18321833                        return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
    18331834
    18341835                if ( !current_user_can( 'edit_comment', $comment_ID ) )
    1835                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
     1836                        return new IXR_Error( 403, __( 'You are not allowed to moderate this comment.' ) );
    18361837
    18371838                do_action('xmlrpc_call', 'wp.editComment');
    18381839
     
    19781979                if ( !$user = $this->login($username, $password) )
    19791980                        return $this->error;
    19801981
    1981                 if ( !current_user_can( 'moderate_comments' ) )
     1982                if ( !current_user_can( 'edit_posts' ) && !current_user_can( 'moderate_comments' ) )
    19821983                        return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) );
    19831984
    19841985                do_action('xmlrpc_call', 'wp.getCommentStatusList');