Ticket #2775: user_caps.diff
| File user_caps.diff, 4.5 KB (added by , 17 years ago) |
|---|
-
wp-includes/version.php
2 2 3 3 // This just holds the version number, in a separate file so we can bump it without cluttering the SVN 4 4 5 $wp_version = '2.1-alpha 1';6 $wp_db_version = 38 09;5 $wp_version = '2.1-alpha2'; 6 $wp_db_version = 3845; 7 7 8 8 ?> -
wp-includes/capabilities.php
272 272 $caps = array(); 273 273 274 274 switch ($cap) { 275 case 'delete_user': 276 $caps[] = 'delete_users'; 277 break; 278 case 'edit_user': 279 $caps[] = 'edit_users'; 280 break; 275 281 case 'delete_post': 276 282 $author_data = get_userdata($user_id); 277 283 //echo "post ID: {$args[0]}<br/>"; -
wp-admin/users.php
23 23 $userids = $_POST['users']; 24 24 $update = 'promote'; 25 25 foreach($userids as $id) { 26 if ( ! current_user_can('edit_user', $id) ) 27 die(__('You can’t edit that user.')); 26 28 // The new role of the current user must also have edit_users caps 27 29 if($id == $current_user->id && !$wp_roles->role_objects[$_POST['new_role']]->has_cap('edit_users')) { 28 30 $update = 'err_admin_role'; … … 45 47 header('Location: users.php'); 46 48 } 47 49 48 if ( !current_user_can(' edit_users') )50 if ( !current_user_can('delete_users') ) 49 51 die(__('You can’t delete users.')); 50 52 51 53 $userids = $_POST['users']; 52 54 53 55 $update = 'del'; 54 56 foreach ($userids as $id) { 57 if ( ! current_user_can('delete_user', $id) ) 58 die(__('You can’t delete that user.')); 59 55 60 if($id == $current_user->id) { 56 61 $update = 'err_admin_del'; 57 62 continue; … … 78 83 header('Location: users.php'); 79 84 } 80 85 81 if ( !current_user_can(' edit_users') )86 if ( !current_user_can('delete_users') ) 82 87 $error = new WP_Error('edit_users', __('You can’t delete users.')); 83 88 84 89 $userids = $_POST['users']; … … 134 139 case 'adduser': 135 140 check_admin_referer('add-user'); 136 141 142 if ( ! current_user_can('create_users') ) 143 die(__('You can’t create users.')); 144 137 145 $user_id = add_user(); 138 146 if ( is_wp_error( $user_id ) ) 139 147 $errors = $user_id; -
wp-admin/upgrade-functions.php
492 492 } 493 493 } 494 494 495 if ( $wp_current_db_version < 3 767) {495 if ( $wp_current_db_version < 3845 ) { 496 496 populate_roles_210(); 497 497 } 498 498 -
wp-admin/admin-functions.php
738 738 <td><a href='$url' title='website: $url'>$short_url</a></td>"; 739 739 $r .= "\n\t\t<td align='center'>$numposts</td>"; 740 740 $r .= "\n\t\t<td>"; 741 if ( current_user_can('edit_users'))741 if ( current_user_can('edit_user', $user_object->ID) ) 742 742 $r .= "<a href='user-edit.php?user_id=$user_object->ID' class='edit'>".__('Edit')."</a>"; 743 743 $r .= "</td>\n\t</tr>"; 744 744 return $r; -
wp-admin/user-edit.php
34 34 35 35 check_admin_referer('update-user_' . $user_id); 36 36 37 if ( !current_user_can('edit_users'))37 if ( !current_user_can('edit_user', $user_id) ) 38 38 $errors = new WP_Error('head', __('You do not have permission to edit this user.')); 39 39 else 40 40 $errors = edit_user($user_id); … … 49 49 50 50 $profileuser = new WP_User($user_id); 51 51 52 if ( !current_user_can('edit_users'))52 if ( !current_user_can('edit_user', $user_id) ) 53 53 if ( !is_wp_error( $errors ) ) 54 54 $errors = new WP_Error('head', __('You do not have permission to edit this user.')); 55 55 ?> -
wp-admin/upgrade-schema.php
364 364 $role->add_cap('read_private_pages'); 365 365 } 366 366 367 $role = get_role('administrator'); 368 if ( ! empty($role) ) { 369 $role->add_cap('delete_users'); 370 $role->add_cap('create_users'); 371 } 372 367 373 $role = get_role('author'); 368 374 if ( ! empty($role) ) { 369 375 $role->add_cap('delete_posts');