Ticket #28605: 28605.3.diff
| File 28605.3.diff, 15.7 KB (added by , 11 years ago) |
|---|
-
src/wp-admin/admin-header.php
diff --git src/wp-admin/admin-header.php src/wp-admin/admin-header.php index 1034975..c9d49d2 100644
$admin_body_class .= ' no-customize-support no-svg'; 177 177 178 178 <?php 179 179 // Make sure the customize body classes are correct as early as possible. 180 if ( current_user_can( ' edit_theme_options' ) )180 if ( current_user_can( 'customize' ) ) { 181 181 wp_customize_support_script(); 182 } 182 183 ?> 183 184 184 185 <div id="wpwrap"> -
src/wp-admin/customize.php
diff --git src/wp-admin/customize.php src/wp-admin/customize.php index 50119cd..0863781 100644
define( 'IFRAME_REQUEST', true ); 12 12 /** Load WordPress Administration Bootstrap */ 13 13 require_once( dirname( __FILE__ ) . '/admin.php' ); 14 14 15 if ( ! current_user_can( ' edit_theme_options' ) ) {15 if ( ! current_user_can( 'customize' ) ) { 16 16 wp_die( __( 'Cheatin’ uh?' ) ); 17 17 } 18 18 … … if ( $return ) { 24 24 $return = wp_validate_redirect( $return ); 25 25 } 26 26 if ( ! $return ) { 27 $return = $url; 27 if ( $url ) { 28 $return = $url; 29 } elseif ( current_user_can( 'edit_theme_options' ) ) { 30 $return = admin_url( 'themes.php' ); 31 } else { 32 $return = admin_url(); 33 } 28 34 } 29 35 30 36 global $wp_scripts, $wp_customize; … … do_action( 'customize_controls_print_scripts' ); 112 118 submit_button( $save_text, 'primary save', 'save', false ); 113 119 ?> 114 120 <span class="spinner"></span> 115 <a class="customize-controls-close" href="<?php echo esc_url( $return ? $return : admin_url( 'themes.php' )); ?>">121 <a class="customize-controls-close" href="<?php echo esc_url( $return ); ?>"> 116 122 <span class="screen-reader-text"><?php _e( 'Cancel' ); ?></span> 117 123 </a> 118 124 </div> -
src/wp-admin/includes/class-wp-themes-list-table.php
diff --git src/wp-admin/includes/class-wp-themes-list-table.php src/wp-admin/includes/class-wp-themes-list-table.php index 521d24b..90ff99c 100644
class WP_Themes_List_Table extends WP_List_Table { 149 149 $actions['preview'] = '<a href="' . $preview_link . '" class="hide-if-customize" title="' 150 150 . esc_attr( sprintf( __( 'Preview “%s”' ), $title ) ) . '">' . __( 'Preview' ) . '</a>'; 151 151 152 if ( current_user_can( 'edit_theme_options' ) )152 if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { 153 153 $actions['preview'] .= '<a href="' . wp_customize_url( $stylesheet ) . '" class="load-customize hide-if-no-customize">' 154 154 . __( 'Live Preview' ) . '</a>'; 155 } 155 156 156 157 if ( ! is_multisite() && current_user_can( 'delete_themes' ) ) 157 158 $actions['delete'] = '<a class="submitdelete deletion" href="' . wp_nonce_url( 'themes.php?action=delete&stylesheet=' . urlencode( $stylesheet ), 'delete-theme_' . $stylesheet ) -
src/wp-admin/includes/class-wp-upgrader-skins.php
diff --git src/wp-admin/includes/class-wp-upgrader-skins.php src/wp-admin/includes/class-wp-upgrader-skins.php index c5d1d3f..7ab684e 100644
class Theme_Installer_Skin extends WP_Upgrader_Skin { 522 522 523 523 $install_actions = array(); 524 524 $install_actions['preview'] = '<a href="' . esc_url( $preview_link ) . '" class="hide-if-customize" title="' . esc_attr( sprintf( __('Preview “%s”'), $name ) ) . '">' . __('Preview') . '</a>'; 525 $install_actions['preview'] .= '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Preview “%s”'), $name ) ) . '">' . __('Live Preview') . '</a>'; 525 if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { 526 $install_actions['preview'] .= '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Preview “%s”'), $name ) ) . '">' . __('Live Preview') . '</a>'; 527 } 526 528 $install_actions['activate'] = '<a href="' . esc_url( $activate_link ) . '" class="activatelink" title="' . esc_attr( sprintf( __('Activate “%s”'), $name ) ) . '">' . __('Activate') . '</a>'; 527 529 528 530 if ( is_network_admin() && current_user_can( 'manage_network_themes' ) ) … … class Theme_Upgrader_Skin extends WP_Upgrader_Skin { 594 596 $activate_link = wp_nonce_url( $activate_link, 'switch-theme_' . $stylesheet ); 595 597 596 598 if ( get_stylesheet() == $stylesheet ) { 597 if ( current_user_can( 'edit_theme_options' ) )599 if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { 598 600 $update_actions['preview'] = '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Customize “%s”'), $name ) ) . '">' . __('Customize') . '</a>'; 601 } 599 602 } elseif ( current_user_can( 'switch_themes' ) ) { 600 603 $update_actions['preview'] = '<a href="' . esc_url( $preview_link ) . '" class="hide-if-customize" title="' . esc_attr( sprintf( __('Preview “%s”'), $name ) ) . '">' . __('Preview') . '</a>'; 601 $update_actions['preview'] .= '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Preview “%s”'), $name ) ) . '">' . __('Live Preview') . '</a>'; 604 if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { 605 $update_actions['preview'] .= '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Preview “%s”'), $name ) ) . '">' . __('Live Preview') . '</a>'; 606 } 602 607 $update_actions['activate'] = '<a href="' . esc_url( $activate_link ) . '" class="activatelink" title="' . esc_attr( sprintf( __('Activate “%s”'), $name ) ) . '">' . __('Activate') . '</a>'; 603 608 } 604 609 -
src/wp-admin/includes/dashboard.php
diff --git src/wp-admin/includes/dashboard.php src/wp-admin/includes/dashboard.php index 2ead9c6..b3f5f1c 100644
function wp_welcome_panel() { 1281 1281 <p class="about-description"><?php _e( 'We’ve assembled some links to get you started:' ); ?></p> 1282 1282 <div class="welcome-panel-column-container"> 1283 1283 <div class="welcome-panel-column"> 1284 <h4><?php _e( 'Get Started' ); ?></h4> 1285 <a class="button button-primary button-hero load-customize hide-if-no-customize" href="<?php echo wp_customize_url(); ?>"><?php _e( 'Customize Your Site' ); ?></a> 1284 <?php if ( current_user_can( 'customize' ) ): ?> 1285 <h4><?php _e( 'Get Started' ); ?></h4> 1286 <a class="button button-primary button-hero load-customize hide-if-no-customize" href="<?php echo wp_customize_url(); ?>"><?php _e( 'Customize Your Site' ); ?></a> 1287 <?php endif; ?> 1286 1288 <a class="button button-primary button-hero hide-if-customize" href="<?php echo admin_url( 'themes.php' ); ?>"><?php _e( 'Customize Your Site' ); ?></a> 1287 1289 <?php if ( current_user_can( 'install_themes' ) || ( current_user_can( 'switch_themes' ) && count( wp_get_themes( array( 'allowed' => true ) ) ) > 1 ) ) : ?> 1288 1290 <p class="hide-if-no-customize"><?php printf( __( 'or, <a href="%s">change your theme completely</a>' ), admin_url( 'themes.php' ) ); ?></p> -
src/wp-admin/includes/theme.php
diff --git src/wp-admin/includes/theme.php src/wp-admin/includes/theme.php index d141a39..180b5cc 100644
function wp_prepare_themes_for_js( $themes = null ) { 430 430 'update' => get_theme_update_available( $theme ), 431 431 'actions' => array( 432 432 'activate' => current_user_can( 'switch_themes' ) ? wp_nonce_url( admin_url( 'themes.php?action=activate&stylesheet=' . $encoded_slug ), 'switch-theme_' . $slug ) : null, 433 'customize' => current_user_can( 'edit_theme_options') ? wp_customize_url( $slug ) : null,433 'customize' => ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) ? wp_customize_url( $slug ) : null, 434 434 'preview' => add_query_arg( array( 435 435 'preview' => 1, 436 436 'template' => urlencode( $theme->get_template() ), -
src/wp-admin/menu.php
diff --git src/wp-admin/menu.php src/wp-admin/menu.php index d32a133..c2ecdef 100644
$menu[59] = array( '', 'read', 'separator2', '', 'wp-menu-separator' ); 144 144 145 145 $appearance_cap = current_user_can( 'switch_themes') ? 'switch_themes' : 'edit_theme_options'; 146 146 147 $menu[60] = array( __( 'Appearance'), $appearance_cap, 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'dashicons-admin-appearance' );147 $menu[60] = array( __( 'Appearance' ), $appearance_cap, 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'dashicons-admin-appearance' ); 148 148 $submenu['themes.php'][5] = array( __( 'Themes' ), $appearance_cap, 'themes.php' ); 149 149 150 150 $customize_url = add_query_arg( 'return', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), 'customize.php' ); 151 $submenu['themes.php'][6] = array( __( 'Customize' ), ' edit_theme_options', $customize_url, '', 'hide-if-no-customize' );151 $submenu['themes.php'][6] = array( __( 'Customize' ), 'customize', $customize_url, '', 'hide-if-no-customize' ); 152 152 unset( $customize_url ); 153 153 if ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) ) { 154 154 $submenu['themes.php'][10] = array(__( 'Menus' ), 'edit_theme_options', 'nav-menus.php'); -
src/wp-admin/themes.php
diff --git src/wp-admin/themes.php src/wp-admin/themes.php index ad5896c..9588f4b 100644
foreach ( $themes as $theme ) : 212 212 <div class="theme-actions"> 213 213 214 214 <?php if ( $theme['active'] ) { ?> 215 <?php if ( $theme['actions']['customize'] ) { ?>215 <?php if ( $theme['actions']['customize'] && current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { ?> 216 216 <a class="button button-primary customize load-customize hide-if-no-customize" href="<?php echo $theme['actions']['customize']; ?>"><?php _e( 'Customize' ); ?></a> 217 217 <?php } ?> 218 218 <?php } else { ?> 219 219 <a class="button button-primary activate" href="<?php echo $theme['actions']['activate']; ?>"><?php _e( 'Activate' ); ?></a> 220 <a class="button button-secondary load-customize hide-if-no-customize" href="<?php echo $theme['actions']['customize']; ?>"><?php _e( 'Live Preview' ); ?></a> 221 <a class="button button-secondary hide-if-customize" href="<?php echo $theme['actions']['preview']; ?>"><?php _e( 'Preview' ); ?></a> 220 <?php if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { ?> 221 <a class="button button-secondary load-customize hide-if-no-customize" href="<?php echo $theme['actions']['customize']; ?>"><?php _e( 'Live Preview' ); ?></a> 222 <a class="button button-secondary hide-if-customize" href="<?php echo $theme['actions']['preview']; ?>"><?php _e( 'Preview' ); ?></a> 223 <?php } ?> 222 224 <?php } ?> 223 225 224 226 </div> -
src/wp-includes/admin-bar.php
diff --git src/wp-includes/admin-bar.php src/wp-includes/admin-bar.php index 9e4c115..3812dc2 100644
function wp_admin_bar_comments_menu( $wp_admin_bar ) { 654 654 function wp_admin_bar_appearance_menu( $wp_admin_bar ) { 655 655 $wp_admin_bar->add_group( array( 'parent' => 'site-name', 'id' => 'appearance' ) ); 656 656 657 if ( current_user_can( 'switch_themes' ) || current_user_can( 'edit_theme_options' ) ) 657 if ( current_user_can( 'switch_themes' ) || current_user_can( 'edit_theme_options' ) ) { 658 658 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'themes', 'title' => __('Themes'), 'href' => admin_url('themes.php') ) ); 659 } 659 660 660 if ( ! current_user_can( 'edit_theme_options' ) ) 661 return; 662 663 $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 664 $wp_admin_bar->add_menu( array( 665 'parent' => 'appearance', 666 'id' => 'customize', 667 'title' => __('Customize'), 668 'href' => add_query_arg( 'url', urlencode( $current_url ), wp_customize_url() ), 669 'meta' => array( 670 'class' => 'hide-if-no-customize', 671 ), 672 ) ); 673 add_action( 'wp_before_admin_bar_render', 'wp_customize_support_script' ); 661 if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { 662 $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 663 $wp_admin_bar->add_menu( array( 664 'parent' => 'appearance', 665 'id' => 'customize', 666 'title' => __( 'Customize' ), 667 'href' => add_query_arg( 'url', urlencode( $current_url ), wp_customize_url() ), 668 'meta' => array( 669 'class' => 'hide-if-no-customize', 670 ), 671 ) ); 672 add_action( 'wp_before_admin_bar_render', 'wp_customize_support_script' ); 673 } 674 674 675 if ( current_theme_supports( 'widgets' ) ) 676 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'widgets', 'title' => __('Widgets'), 'href' => admin_url('widgets.php') ) ); 675 if ( current_user_can( 'edit_theme_options' ) ) { 676 if ( current_theme_supports( 'widgets' ) ) { 677 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'widgets', 'title' => __( 'Widgets' ), 'href' => admin_url( 'widgets.php' ) ) ); 678 } 677 679 678 if ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) ) 679 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'menus', 'title' => __('Menus'), 'href' => admin_url('nav-menus.php') ) ); 680 if ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) ) { 681 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'menus', 'title' => __( 'Menus' ), 'href' => admin_url( 'nav-menus.php' ) ) ); 682 } 680 683 681 if ( current_theme_supports( 'custom-background' ) ) 682 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'background', 'title' => __('Background'), 'href' => admin_url('themes.php?page=custom-background') ) ); 684 if ( current_theme_supports( 'custom-background' ) ) { 685 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'background', 'title' => __( 'Background' ), 'href' => admin_url( 'themes.php?page=custom-background' ) ) ); 686 } 683 687 684 if ( current_theme_supports( 'custom-header' ) ) 685 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'header', 'title' => __('Header'), 'href' => admin_url('themes.php?page=custom-header') ) ); 688 if ( current_theme_supports( 'custom-header' ) ) { 689 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'header', 'title' => __( 'Header' ), 'href' => admin_url( 'themes.php?page=custom-header' ) ) ); 690 } 691 } 686 692 } 687 693 688 694 /** -
src/wp-includes/capabilities.php
diff --git src/wp-includes/capabilities.php src/wp-includes/capabilities.php index 42ec2f1..7f23159 100644
function map_meta_cap( $cap, $user_id ) { 1304 1304 else 1305 1305 $caps[] = 'do_not_allow'; 1306 1306 break; 1307 case 'customize' : 1308 $caps[] = 'edit_theme_options'; 1309 break; 1307 1310 default: 1308 1311 // Handle meta capabilities for custom post types. 1309 1312 $post_type_meta_caps = _post_type_meta_capabilities(); -
src/wp-includes/class-wp-customize-manager.php
diff --git src/wp-includes/class-wp-customize-manager.php src/wp-includes/class-wp-customize-manager.php index 4929d15..a91ff0e 100644
final class WP_Customize_Manager { 150 150 public function setup_theme() { 151 151 send_origin_headers(); 152 152 153 if ( is_admin() && ! $this->doing_ajax() ) 154 auth_redirect(); 155 elseif ( $this->doing_ajax() && ! is_user_logged_in() ) 156 $this->wp_die( 0 ); 153 if ( is_admin() && ! $this->doing_ajax() ) { 154 auth_redirect(); 155 } elseif ( $this->doing_ajax() && ! is_user_logged_in() ) { 156 $this->wp_die( 0 ); 157 } 157 158 158 159 show_admin_bar( false ); 159 160 160 if ( ! current_user_can( ' edit_theme_options' ) )161 if ( ! current_user_can( 'customize' ) ) { 161 162 $this->wp_die( -1 ); 163 } 162 164 163 165 $this->original_stylesheet = get_stylesheet(); 164 166