Make WordPress Core

Ticket #25219: 25219.3.diff

File 25219.3.diff, 22.0 KB (added by iandunn, 11 years ago)
  • src/wp-admin/includes/theme.php

     
    111111function theme_update_available( $theme ) {
    112112        static $themes_update;
    113113
    114         if ( !current_user_can('update_themes' ) )
     114        if ( ! current_user_can( 'view_theme_updates' ) )
    115115                return;
    116116
    117117        if ( !isset($themes_update) )
  • src/wp-admin/includes/update.php

     
    158158}
    159159
    160160function core_update_footer( $msg = '' ) {
    161         if ( !current_user_can('update_core') )
     161        if ( ! current_user_can( 'view_core_updates' ) )
    162162                return sprintf( __( 'Version %s' ), get_bloginfo( 'version', 'display' ) );
    163163
    164164        $cur = get_preferred_from_update_core();
     
    180180        break;
    181181
    182182        case 'upgrade' :
    183                 return sprintf( '<strong>'.__( '<a href="%1$s">Get Version %2$s</a>' ).'</strong>', network_admin_url( 'update-core.php' ), $cur->current);
     183                if ( current_user_can( 'update_core' ) ) {
     184                        return sprintf( '<strong>'.__( '<a href="%1$s">Get Version %2$s</a>' ).'</strong>', network_admin_url( 'update-core.php' ), $cur->current);
     185                } else {
     186                        return sprintf( __('<a href="http://codex.wordpress.org/Version_%1$s">WordPress %1$s</a> is available! Please update now.'), $cur->current );
     187                }
    184188        break;
    185189
    186190        case 'latest' :
     
    207211
    208212        if ( current_user_can('update_core') ) {
    209213                $msg = sprintf( __('<a href="http://codex.wordpress.org/Version_%1$s">WordPress %1$s</a> is available! <a href="%2$s">Please update now</a>.'), $cur->current, network_admin_url( 'update-core.php' ) );
     214        } elseif ( current_user_can( 'view_core_updates' ) ) {
     215                $msg = sprintf( __('<a href="http://codex.wordpress.org/Version_%1$s">WordPress %1$s</a> is available! Please update now.'), $cur->current );
    210216        } else {
    211217                $msg = sprintf( __('<a href="http://codex.wordpress.org/Version_%1$s">WordPress %1$s</a> is available! Please notify the site administrator.'), $cur->current );
    212218        }
     
    219225function update_right_now_message() {
    220226        $msg = sprintf( __( 'You are using <span class="b">WordPress %s</span>.' ), get_bloginfo( 'version', 'display' ) );
    221227
    222         if ( current_user_can('update_core') ) {
     228        if ( current_user_can( 'view_core_updates' ) ) {
    223229                $cur = get_preferred_from_update_core();
    224230
    225                 if ( isset( $cur->response ) && $cur->response == 'upgrade' )
    226                         $msg .= " <a href='" . network_admin_url( 'update-core.php' ) . "' class='button'>" . sprintf( __('Update to %s'), $cur->current ? $cur->current : __( 'Latest' ) ) . '</a>';
     231                if ( isset( $cur->response ) && $cur->response == 'upgrade' ) {
     232                        if ( current_user_can( 'update_core' ) ) {
     233                                $msg .= " <a href='" . network_admin_url( 'update-core.php' ) . "' class='button'>" . sprintf( __( 'Update to %s' ), $cur->current ? $cur->current : __( 'Latest' ) ) . '</a>';
     234                        } else {
     235                                $msg .= ' ' . sprintf( __( '<a href="http://codex.wordpress.org/Version_%1$s">WordPress %1$s</a> is available! Please update now.' ), $cur->current );
     236                        }
     237                }
    227238        }
    228239
    229240        echo "<span id='wp-version-message'>$msg</span>";
     
    244255}
    245256
    246257function wp_plugin_update_rows() {
    247         if ( !current_user_can('update_plugins' ) )
     258        if ( ! current_user_can( 'view_plugin_updates' ) )
    248259                return;
    249260
    250261        $plugins = get_site_transient( 'update_plugins' );
  • src/wp-admin/menu.php

     
    3434        $update_data = wp_get_update_data();
    3535
    3636if ( ! is_multisite() ) {
    37         if ( current_user_can( 'update_core' ) )
    38                 $cap = 'update_core';
    39         elseif ( current_user_can( 'update_plugins' ) )
    40                 $cap = 'update_plugins';
     37        if ( current_user_can( 'view_core_updates' ) )
     38                $cap = 'view_core_updates';
     39        elseif ( current_user_can( 'view_plugin_updates' ) )
     40                $cap = 'view_plugin_updates';
    4141        else
    42                 $cap = 'update_themes';
     42                $cap = 'view_theme_updates';
    4343        $submenu[ 'index.php' ][10] = array( sprintf( __('Updates %s'), "<span class='update-plugins count-{$update_data['counts']['total']}' title='{$update_data['title']}'><span class='update-count'>" . number_format_i18n($update_data['counts']['total']) . "</span></span>" ), $cap, 'update-core.php');
    4444        unset( $cap );
    4545}
     
    155155}
    156156
    157157$count = '';
    158 if ( ! is_multisite() && current_user_can( 'update_plugins' ) ) {
     158if ( ! is_multisite() && current_user_can( 'view_plugin_updates' ) ) {
    159159        if ( ! isset( $update_data ) )
    160160                $update_data = wp_get_update_data();
    161161        $count = "<span class='update-plugins count-{$update_data['counts']['plugins']}'><span class='plugin-count'>" . number_format_i18n($update_data['counts']['plugins']) . "</span></span>";
     
    167167
    168168        if ( ! is_multisite() ) {
    169169                /* translators: add new plugin */
    170                 $submenu['plugins.php'][10] = array( _x('Add New', 'plugin'), 'install_plugins', 'plugin-install.php' );
     170                $submenu['plugins.php'][10] = array( _x('Add New', 'plugin'), 'view_plugin_updates', 'plugin-install.php' );
    171171                $submenu['plugins.php'][15] = array( _x('Editor', 'plugin editor'), 'edit_plugins', 'plugin-editor.php' );
    172172        }
    173173
  • src/wp-admin/plugin-install.php

     
    1414 */
    1515require_once( dirname( __FILE__ ) . '/admin.php' );
    1616
    17 if ( ! current_user_can('install_plugins') )
    18         wp_die(__('You do not have sufficient permissions to install plugins on this site.'));
     17if ( ! current_user_can( 'view_plugin_updates' ) )
     18        wp_die( __( 'You do not have sufficient permissions to view plugin updates for this site.' ) );
    1919
    2020if ( is_multisite() && ! is_network_admin() ) {
    2121        wp_redirect( network_admin_url( 'plugin-install.php' ) );
  • src/wp-admin/update-core.php

     
    1818        exit();
    1919}
    2020
    21 if ( ! current_user_can( 'update_core' ) && ! current_user_can( 'update_themes' ) && ! current_user_can( 'update_plugins' ) )
    22         wp_die( __( 'You do not have sufficient permissions to update this site.' ) );
     21if ( ! current_user_can( 'view_core_updates' ) && ! current_user_can( 'view_theme_updates' ) && ! current_user_can( 'view_plugin_updates' ) )
     22        wp_die( __( 'You do not have sufficient permissions to view updates for this site.' ) );
    2323
    2424function list_core_update( $update ) {
    2525        global $wp_local_package, $wpdb, $wp_version;
     
    6262                                $message = sprintf( __('You cannot update because <a href="http://codex.wordpress.org/Version_%1$s">WordPress %1$s</a> requires PHP version %2$s or higher. You are running version %3$s.'), $update->current, $update->php_version, $php_version );
    6363                        elseif ( !$mysql_compat )
    6464                                $message = sprintf( __('You cannot update because <a href="http://codex.wordpress.org/Version_%1$s">WordPress %1$s</a> requires MySQL version %2$s or higher. You are running version %3$s.'), $update->current, $update->mysql_version, $mysql_version );
    65                         else
    66                                 $message =      sprintf(__('You can update to <a href="http://codex.wordpress.org/Version_%1$s">WordPress %2$s</a> automatically or download the package and install it manually:'), $update->current, $version_string);
     65                        else {
     66                                if ( current_user_can( 'update_core' ) ) {
     67                                        $message =      sprintf(__('You can update to <a href="http://codex.wordpress.org/Version_%1$s">WordPress %2$s</a> automatically or download the package and install it manually:'), $update->current, $version_string);
     68                                } else {
     69                                        $message =      sprintf(__('<a href="http://codex.wordpress.org/Version_%1$s">WordPress %2$s</a> is available. Please download the package and install it manually.'), $update->current, $version_string);
     70                                }
     71                        }
    6772                        if ( !$mysql_compat || !$php_compat )
    6873                                $show_buttons = false;
    6974                }
     
    7984        echo '<input name="version" value="'. esc_attr($update->current) .'" type="hidden"/>';
    8085        echo '<input name="locale" value="'. esc_attr($update->locale) .'" type="hidden"/>';
    8186        if ( $show_buttons ) {
    82                 if ( $first_pass ) {
    83                         submit_button( $submit, $current ? 'button' : 'primary regular', 'upgrade', false );
    84                         $first_pass = false;
    85                 } else {
    86                         submit_button( $submit, 'button', 'upgrade', false );
     87                if ( current_user_can( 'update_core' ) ) {
     88                        if ( $first_pass ) {
     89                                submit_button( $submit, $current ? 'button' : 'primary regular', 'upgrade', false );
     90                                $first_pass = false;
     91                        } else {
     92                                submit_button( $submit, 'button', 'upgrade', false );
     93                        }
     94                        echo '&nbsp;';
    8795                }
    88                 echo '&nbsp;<a href="' . esc_url( $update->download ) . '" class="button">' . $download . '</a>&nbsp;';
     96                echo '<a href="' . esc_url( $update->download ) . '" class="button">' . $download . '</a>&nbsp;';
    8997        }
    9098        if ( 'en_US' != $update->locale )
    9199                if ( !isset( $update->dismissed ) || !$update->dismissed )
     
    186194        }
    187195        echo '</ul>';
    188196        // Don't show the maintenance mode notice when we are only showing a single re-install option.
    189         if ( $updates && ( count( $updates ) > 1 || $updates[0]->response != 'latest' ) ) {
     197        if ( $updates && ( count( $updates ) > 1 || $updates[0]->response != 'latest' ) && current_user_can( 'update_core' ) ) {
    190198                echo '<p>' . __( 'While your site is being updated, it will be in maintenance mode. As soon as your updates are complete, your site will return to normal.' ) . '</p>';
    191199        } elseif ( ! $updates ) {
    192200                list( $normalized_version ) = explode( '-', $wp_version );
     
    216224                $core_update_version = $core_updates[0]->current;
    217225        ?>
    218226<h3><?php _e( 'Plugins' ); ?></h3>
    219 <p><?php _e( 'The following plugins have new versions available. Check the ones you want to update and then click &#8220;Update Plugins&#8221;.' ); ?></p>
    220 <form method="post" action="<?php echo esc_url( $form_action ); ?>" name="upgrade-plugins" class="upgrade">
    221 <?php wp_nonce_field('upgrade-core'); ?>
    222 <p><input id="upgrade-plugins" class="button" type="submit" value="<?php esc_attr_e('Update Plugins'); ?>" name="upgrade" /></p>
     227<p>
     228        <?php _e( 'The following plugins have new versions available.' ); ?>
     229        <?php if ( current_user_can( 'update_plugins' ) ) : ?>
     230                <?php _e( 'Check the ones you want to update and then click &#8220;Update Plugins&#8221;.' ); ?>
     231        <?php endif; ?>
     232</p>
     233       
     234<?php if ( current_user_can( 'update_plugins' ) ) : ?>
     235        <form method="post" action="<?php echo esc_url( $form_action ); ?>" name="upgrade-plugins" class="upgrade">
     236        <?php wp_nonce_field('upgrade-core'); ?>
     237        <p><input id="upgrade-plugins" class="button" type="submit" value="<?php esc_attr_e('Update Plugins'); ?>" name="upgrade" /></p>
     238<?php endif; ?>
     239
    223240<table class="widefat" cellspacing="0" id="update-plugins-table">
    224         <thead>
    225         <tr>
    226                 <th scope="col" class="manage-column check-column"><input type="checkbox" id="plugins-select-all" /></th>
    227                 <th scope="col" class="manage-column"><label for="plugins-select-all"><?php _e('Select All'); ?></label></th>
    228         </tr>
    229         </thead>
     241        <?php if ( current_user_can( 'update_plugins' ) ) : ?>
     242                <thead>
     243                <tr>
     244                        <th scope="col" class="manage-column check-column"><input type="checkbox" id="plugins-select-all" /></th>
     245                        <th scope="col" class="manage-column"><label for="plugins-select-all"><?php _e('Select All'); ?></label></th>
     246                </tr>
     247                </thead>
    230248
    231         <tfoot>
    232         <tr>
    233                 <th scope="col" class="manage-column check-column"><input type="checkbox" id="plugins-select-all-2" /></th>
    234                 <th scope="col" class="manage-column"><label for="plugins-select-all-2"><?php _e('Select All'); ?></label></th>
    235         </tr>
    236         </tfoot>
     249                <tfoot>
     250                <tr>
     251                        <th scope="col" class="manage-column check-column"><input type="checkbox" id="plugins-select-all-2" /></th>
     252                        <th scope="col" class="manage-column"><label for="plugins-select-all-2"><?php _e('Select All'); ?></label></th>
     253                </tr>
     254                </tfoot>
     255        <?php endif; ?>
     256
    237257        <tbody class="plugins">
    238258<?php
    239259        foreach ( (array) $plugins as $plugin_file => $plugin_data) {
     
    267287                $details_text = sprintf(__('View version %1$s details'), $plugin_data->update->new_version);
    268288                $details = sprintf('<a href="%1$s" class="thickbox" title="%2$s">%3$s</a>.', esc_url($details_url), esc_attr($plugin_data->Name), $details_text);
    269289
    270                 echo "
    271         <tr class='active'>
    272                 <th scope='row' class='check-column'><input type='checkbox' name='checked[]' value='" . esc_attr($plugin_file) . "' /></th>
    273                 <td><p><strong>{$plugin_data->Name}</strong><br />" . sprintf(__('You have version %1$s installed. Update to %2$s.'), $plugin_data->Version, $plugin_data->update->new_version) . ' ' . $details . $compat . $upgrade_notice . "</p></td>
    274         </tr>";
     290                ?>
     291                <tr class='active'>
     292                        <?php if ( current_user_can( 'update_plugins' ) ) : ?>
     293                                <th scope='row' class='check-column'><input type='checkbox' name='checked[]' value='<?php echo esc_attr( $plugin_file ); ?>' /></th>
     294                        <?php endif; ?>
     295                        <td>
     296                                <p>
     297                                        <strong><?php echo esc_html( $plugin_data->Name ); ?></strong><br />
     298                                        <?php echo sprintf( __( 'You have version %s installed.' ), $plugin_data->Version ); ?>
     299                                        <?php if ( current_user_can( 'update_plugins' ) ) : ?>
     300                                                <?php echo sprintf( __( 'Update to %s.' ), $plugin_data->update->new_version ); ?>
     301                                        <?php else : ?>
     302                                                <?php echo sprintf( __( '%s is available.' ), $plugin_data->update->new_version ); ?>
     303                                        <?php endif; ?>
     304                                        <?php echo $details .' '. $compat .' '. $upgrade_notice; ?>
     305                                </p>
     306                        </td>
     307                </tr>
     308                <?php
    275309        }
    276310?>
    277311        </tbody>
    278312</table>
    279 <p><input id="upgrade-plugins-2" class="button" type="submit" value="<?php esc_attr_e('Update Plugins'); ?>" name="upgrade" /></p>
    280 </form>
     313
     314<?php if ( current_user_can( 'update_plugins' ) ) : ?>
     315        <p><input id="upgrade-plugins-2" class="button" type="submit" value="<?php esc_attr_e('Update Plugins'); ?>" name="upgrade" /></p>
     316        </form>
     317<?php endif; ?>
    281318<?php
    282319}
    283320
     
    293330
    294331?>
    295332<h3><?php _e( 'Themes' ); ?></h3>
    296 <p><?php _e( 'The following themes have new versions available. Check the ones you want to update and then click &#8220;Update Themes&#8221;.' ); ?></p>
     333<p>
     334        <?php _e( 'The following themes have new versions available.' ); ?>
     335        <?php if ( current_user_can( 'update_themes' ) ) : ?>
     336                <?php _e( 'Check the ones you want to update and then click &#8220;Update Themes&#8221;.' ); ?>
     337        <?php endif; ?>
     338</p>
    297339<p><?php printf( __( '<strong>Please Note:</strong> Any customizations you have made to theme files will be lost. Please consider using <a href="%s">child themes</a> for modifications.' ), __( 'http://codex.wordpress.org/Child_Themes' ) ); ?></p>
    298 <form method="post" action="<?php echo esc_url( $form_action ); ?>" name="upgrade-themes" class="upgrade">
    299 <?php wp_nonce_field('upgrade-core'); ?>
    300 <p><input id="upgrade-themes" class="button" type="submit" value="<?php esc_attr_e('Update Themes'); ?>" name="upgrade" /></p>
     340
     341<?php if ( current_user_can( 'update_themes' ) ) : ?>
     342        <form method="post" action="<?php echo esc_url( $form_action ); ?>" name="upgrade-themes" class="upgrade">
     343        <?php wp_nonce_field('upgrade-core'); ?>
     344        <p><input id="upgrade-themes" class="button" type="submit" value="<?php esc_attr_e('Update Themes'); ?>" name="upgrade" /></p>
     345<?php endif; ?>
     346       
    301347<table class="widefat" cellspacing="0" id="update-themes-table">
    302         <thead>
    303         <tr>
    304                 <th scope="col" class="manage-column check-column"><input type="checkbox" id="themes-select-all" /></th>
    305                 <th scope="col" class="manage-column"><label for="themes-select-all"><?php _e('Select All'); ?></label></th>
    306         </tr>
    307         </thead>
     348        <?php if ( current_user_can( 'update_themes' ) ) : ?>
     349                <thead>
     350                <tr>
     351                        <th scope="col" class="manage-column check-column"><input type="checkbox" id="themes-select-all" /></th>
     352                        <th scope="col" class="manage-column"><label for="themes-select-all"><?php _e('Select All'); ?></label></th>
     353                </tr>
     354                </thead>
     355       
     356                <tfoot>
     357                <tr>
     358                        <th scope="col" class="manage-column check-column"><input type="checkbox" id="themes-select-all-2" /></th>
     359                        <th scope="col" class="manage-column"><label for="themes-select-all-2"><?php _e('Select All'); ?></label></th>
     360                </tr>
     361                </tfoot>
     362        <?php endif; ?>
    308363
    309         <tfoot>
    310         <tr>
    311                 <th scope="col" class="manage-column check-column"><input type="checkbox" id="themes-select-all-2" /></th>
    312                 <th scope="col" class="manage-column"><label for="themes-select-all-2"><?php _e('Select All'); ?></label></th>
    313         </tr>
    314         </tfoot>
    315364        <tbody class="plugins">
    316365<?php
    317366        foreach ( $themes as $stylesheet => $theme ) {
    318                 echo "
    319         <tr class='active'>
    320                 <th scope='row' class='check-column'><input type='checkbox' name='checked[]' value='" . esc_attr( $stylesheet ) . "' /></th>
    321                 <td class='plugin-title'><img src='" . esc_url( $theme->get_screenshot() ) . "' width='85' height='64' style='float:left; padding: 0 5px 5px' /><strong>" . $theme->display('Name') . '</strong> ' . sprintf( __( 'You have version %1$s installed. Update to %2$s.' ), $theme->display('Version'), $theme->update['new_version'] ) . "</td>
    322         </tr>";
     367                ?>
     368                <tr class='active'>
     369                        <?php if ( current_user_can( 'update_themes' ) ) : ?>
     370                                <th scope='row' class='check-column'><input type='checkbox' name='checked[]' value='<?php echo esc_attr( $stylesheet ); ?>' /></th>
     371                        <?php endif; ?>
     372                        <td class='plugin-title'>
     373                                <img src='<?php echo esc_url( $theme->get_screenshot() ); ?>' width='85' height='64' style='float:left; padding: 0 5px 5px' />
     374                                <strong><?php echo esc_html( $theme->display('Name') ); ?></strong>
     375                                <?php echo sprintf( __( 'You have version %s installed.' ), esc_html( $theme->display( 'Version' ) ) ); ?>
     376                               
     377                                <?php if ( current_user_can( 'update_themes' ) ) : ?>
     378                                        <?php echo sprintf( __( 'Update to %s.' ), esc_html( $theme->update['new_version'] ) ); ?>
     379                                <?php else : ?>
     380                                        <?php echo sprintf( __( '%s is available.' ), esc_html( $theme->update['new_version'] ) ); ?>
     381                                <?php endif; ?>
     382                        </td>
     383                </tr>
     384                <?php
    323385        }
    324386?>
    325387        </tbody>
    326388</table>
    327 <p><input id="upgrade-themes-2" class="button" type="submit" value="<?php esc_attr_e('Update Themes'); ?>" name="upgrade" /></p>
    328 </form>
     389
     390<?php if ( current_user_can( 'update_themes' ) ) : ?>
     391        <p><input id="upgrade-themes-2" class="button" type="submit" value="<?php esc_attr_e('Update Themes'); ?>" name="upgrade" /></p>
     392        </form>
     393<?php endif; ?>
    329394<?php
    330395}
    331396
     
    510575        echo ' &nbsp; <a class="button" href="' . esc_url( self_admin_url('update-core.php') ) . '">' . __( 'Check Again' ) . '</a>';
    511576        echo '</p>';
    512577
    513         if ( $core = current_user_can( 'update_core' ) )
     578        if ( $core = current_user_can( 'view_core_updates' ) )
    514579                core_upgrade_preamble();
    515         if ( $plugins = current_user_can( 'update_plugins' ) )
     580        if ( $plugins = current_user_can( 'view_plugin_updates' ) )
    516581                list_plugin_updates();
    517         if ( $themes = current_user_can( 'update_themes' ) )
     582        if ( $themes = current_user_can( 'view_theme_updates' ) )
    518583                list_theme_updates();
    519584        if ( $core || $plugins || $themes )
    520585                list_translation_updates();
     
    525590
    526591} elseif ( 'do-core-upgrade' == $action || 'do-core-reinstall' == $action ) {
    527592
    528         if ( ! current_user_can( 'update_core' ) )
    529                 wp_die( __( 'You do not have sufficient permissions to update this site.' ) );
     593        if ( ! current_user_can( 'view_core_updates' ) )
     594                wp_die( __( 'You do not have sufficient permissions to view updates for this site.' ) );
    530595
    531596        check_admin_referer('upgrade-core');
    532597
     
    550615
    551616} elseif ( 'do-plugin-upgrade' == $action ) {
    552617
    553         if ( ! current_user_can( 'update_plugins' ) )
    554                 wp_die( __( 'You do not have sufficient permissions to update this site.' ) );
     618        if ( ! current_user_can( 'view_plugin_updates' ) )
     619                wp_die( __( 'You do not have sufficient permissions to view updates for this site.' ) );
    555620
    556621        check_admin_referer('upgrade-core');
    557622
     
    579644
    580645} elseif ( 'do-theme-upgrade' == $action ) {
    581646
    582         if ( ! current_user_can( 'update_themes' ) )
    583                 wp_die( __( 'You do not have sufficient permissions to update this site.' ) );
     647        if ( ! current_user_can( 'view_theme_updates' ) )
     648                wp_die( __( 'You do not have sufficient permissions to view updates for this site.' ) );
    584649
    585650        check_admin_referer('upgrade-core');
    586651
  • src/wp-includes/capabilities.php

     
    12281228                else
    12291229                        $caps[] = $cap;
    12301230                break;
     1231        case 'view_plugin_updates':
     1232        case 'view_theme_updates':
     1233        case 'view_core_updates':
     1234                if ( is_multisite() && ! is_super_admin( $user_id ) )
     1235                        $caps[] = 'do_not_allow';
     1236                else
     1237                        $caps[] = 'manage_options';
     1238                break;
    12311239        case 'activate_plugins':
    12321240                $caps[] = $cap;
    12331241                if ( is_multisite() ) {
  • src/wp-includes/update.php

     
    450450function wp_get_update_data() {
    451451        $counts = array( 'plugins' => 0, 'themes' => 0, 'wordpress' => 0, 'translations' => 0 );
    452452
    453         if ( $plugins = current_user_can( 'update_plugins' ) ) {
     453        if ( $plugins = current_user_can( 'view_plugin_updates' ) ) {
    454454                $update_plugins = get_site_transient( 'update_plugins' );
    455455                if ( ! empty( $update_plugins->response ) )
    456456                        $counts['plugins'] = count( $update_plugins->response );
    457457        }
    458458
    459         if ( $themes = current_user_can( 'update_themes' ) ) {
     459        if ( $themes = current_user_can( 'view_theme_updates' ) ) {
    460460                $update_themes = get_site_transient( 'update_themes' );
    461461                if ( ! empty( $update_themes->response ) )
    462462                        $counts['themes'] = count( $update_themes->response );
    463463        }
    464464
    465         if ( ( $core = current_user_can( 'update_core' ) ) && function_exists( 'get_core_updates' ) ) {
     465        if ( ( $core = current_user_can( 'view_core_updates' ) ) && function_exists( 'get_core_updates' ) ) {
    466466                $update_wordpress = get_core_updates( array('dismissed' => false) );
    467                 if ( ! empty( $update_wordpress ) && ! in_array( $update_wordpress[0]->response, array('development', 'latest') ) && current_user_can('update_core') )
     467                if ( ! empty( $update_wordpress ) && ! in_array( $update_wordpress[0]->response, array( 'development', 'latest' ) ) && current_user_can( 'view_core_updates' ) )
    468468                        $counts['wordpress'] = 1;
    469469        }
    470470