Ticket #2301: 2301.diff
| File 2301.diff, 4.0 KB (added by , 19 years ago) |
|---|
-
wp-admin/inline-uploading.php
120 120 $current_3 = ' class="current"'; 121 121 } 122 122 123 if (! current_user_can('edit_others_posts') ) 124 $and_user = "AND post_author = " . $user_ID; 123 if ( !current_user_can('edit_others_posts') && !current_user_can('edit_others_pages') ) 124 $and_user = "AND post_author = $user_ID"; 125 elseif (! current_user_can('edit_others_posts') ) 126 $and_user = "AND (post_author = $user_ID OR post_status != 'static')"; 127 elseif (! current_user_can('edit_others_pages') ) 128 $and_user = "AND (post_author = $user_ID OR post_status = 'static')"; 125 129 126 130 if ( $last ) 127 131 $start = $wpdb->get_var("SELECT count(ID) FROM $wpdb->posts WHERE post_status = 'attachment' $and_user $and_post") - $num; -
wp-admin/admin-functions.php
22 22 $_POST['post_author'] = (int) $_POST['user_ID']; 23 23 } 24 24 25 if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts'))26 die(__('You cannot post as this user.'));27 28 25 // What to do based on which button they pressed 29 26 if ('' != $_POST['saveasdraft']) 30 27 $_POST['post_status'] = 'draft'; … … 39 36 40 37 if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts')) 41 38 $_POST['post_status'] = 'draft'; 39 40 if (($_POST['post_author'] != $_POST['user_ID'])) { //its not their post/page 41 if (($_POST['post_status'] != 'static' && !current_user_can('edit_others_posts')) || 42 ($_POST['post_status'] == 'static' && !current_user_can('edit_others_pages'))) 43 die(__('You cannot post as this user.')); 44 } 42 45 43 46 if ('static' == $_POST['post_status'] && !current_user_can('edit_pages')) 44 47 die(__('This user cannot edit pages.')); … … 142 145 $_POST['post_author'] = (int) $_POST['user_ID']; 143 146 } 144 147 145 if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts'))146 die(__('You cannot post as this user.'));147 148 148 // What to do based on which button they pressed 149 149 if ('' != $_POST['saveasdraft']) 150 150 $_POST['post_status'] = 'draft'; … … 159 159 160 160 if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts')) 161 161 $_POST['post_status'] = 'draft'; 162 163 if (($_POST['post_author'] != $_POST['user_ID'])) { //its not their post/page 164 if (($_POST['post_status'] != 'static' && !current_user_can('edit_others_posts')) || 165 ($_POST['post_status'] == 'static' && !current_user_can('edit_others_pages'))) 166 die(__('You cannot post as this user.')); 167 } 162 168 163 169 if ('static' == $_POST['post_status'] && !current_user_can('edit_pages')) 164 170 die(__('This user cannot edit pages.')); -
wp-admin/admin-db.php
45 45 46 46 $user = new WP_User( $user_id ); 47 47 48 if ( ! $user->has_cap('edit_others_posts') ) {48 if ( ! $user->has_cap('edit_others_posts') && !$user->has_cap('edit_others_pages') ) { 49 49 if ( $user->has_cap('edit_posts') || $exclude_zeros == false ) 50 50 return array($user->id); 51 51 else -
wp-admin/upgrade-schema.php
274 274 $role->add_cap('unfiltered_html'); 275 275 $role->add_cap('edit_posts'); 276 276 $role->add_cap('edit_others_posts'); 277 $role->add_cap('edit_others_pages'); 277 278 $role->add_cap('edit_published_posts'); 278 279 $role->add_cap('publish_posts'); 279 280 $role->add_cap('edit_pages'); … … 299 300 $role->add_cap('unfiltered_html'); 300 301 $role->add_cap('edit_posts'); 301 302 $role->add_cap('edit_others_posts'); 303 $role->add_cap('edit_others_pages'); 302 304 $role->add_cap('edit_published_posts'); 303 305 $role->add_cap('publish_posts'); 304 306 $role->add_cap('edit_pages');