WordPress.org

Make WordPress Core

Ticket #29213: 29213.5.diff

File 29213.5.diff, 9.2 KB (added by westonruter, 7 years ago)

https://github.com/xwp/wordpress-develop/commit/2546b4e14da9716cf2280a696a7d82377d407ba6

  • src/wp-admin/includes/ajax-actions.php

    diff --git src/wp-admin/includes/ajax-actions.php src/wp-admin/includes/ajax-actions.php
    index f17f1a8..872b73e 100644
    function wp_ajax_edit_comment() { 
    10651065function wp_ajax_add_menu_item() {
    10661066        check_ajax_referer( 'add-menu_item', 'menu-settings-column-nonce' );
    10671067
    1068         if ( ! current_user_can( 'edit_theme_options' ) )
     1068        if ( ! current_user_can( 'manage_menus' ) ) {
    10691069                wp_die( -1 );
     1070        }
    10701071
    10711072        require_once ABSPATH . 'wp-admin/includes/nav-menu.php';
    10721073
    function wp_ajax_update_welcome_panel() { 
    13421343 * @since 3.1.0
    13431344 */
    13441345function wp_ajax_menu_get_metabox() {
    1345         if ( ! current_user_can( 'edit_theme_options' ) )
     1346        if ( ! current_user_can( 'manage_menus' ) ) {
    13461347                wp_die( -1 );
     1348        }
    13471349
    13481350        require_once ABSPATH . 'wp-admin/includes/nav-menu.php';
    13491351
    function wp_ajax_wp_link_ajax() { 
    14161418 * @since 3.1.0
    14171419 */
    14181420function wp_ajax_menu_locations_save() {
    1419         if ( ! current_user_can( 'edit_theme_options' ) )
     1421        if ( ! current_user_can( 'manage_menus' ) ) {
    14201422                wp_die( -1 );
     1423        }
    14211424        check_ajax_referer( 'add-menu_item', 'menu-settings-column-nonce' );
    14221425        if ( ! isset( $_POST['menu-locations'] ) )
    14231426                wp_die( 0 );
    function wp_ajax_meta_box_order() { 
    14611464 * @since 3.1.0
    14621465 */
    14631466function wp_ajax_menu_quick_search() {
    1464         if ( ! current_user_can( 'edit_theme_options' ) )
     1467        if ( ! current_user_can( 'manage_menus' ) ) {
    14651468                wp_die( -1 );
     1469        }
    14661470
    14671471        require_once ABSPATH . 'wp-admin/includes/nav-menu.php';
    14681472
  • src/wp-admin/includes/menu.php

    diff --git src/wp-admin/includes/menu.php src/wp-admin/includes/menu.php
    index 873f737..e0ddc81 100644
    unset($sub, $parent); 
    9393foreach ( $menu as $id => $data ) {
    9494        if ( empty($submenu[$data[2]]) )
    9595                continue;
    96         $subs = $submenu[$data[2]];
    97         $first_sub = array_shift($subs);
     96        $subs = $submenu[ $data[2] ];
     97        $first_sub = array_shift( $subs );
    9898        $old_parent = $data[2];
    9999        $new_parent = $first_sub[2];
    100100        /*
    foreach ( $menu as $id => $data ) { 
    102102         * make the first submenu the new parent.
    103103         */
    104104        if ( $new_parent != $old_parent ) {
    105                 $_wp_real_parent_file[$old_parent] = $new_parent;
    106                 $menu[$id][2] = $new_parent;
     105                $_wp_real_parent_file[ $old_parent ] = $new_parent;
     106                $menu[ $id ][1] = $first_sub[1]; // capability
     107                $menu[ $id ][2] = $first_sub[2]; // location
     108                if ( empty( $subs ) ) {
     109                        $menu[ $id ][0] = $first_sub[0]; // label
     110                }
    107111
    108112                foreach ($submenu[$old_parent] as $index => $data) {
    109113                        $submenu[$new_parent][$index] = $submenu[$old_parent][$index];
  • src/wp-admin/menu.php

    diff --git src/wp-admin/menu.php src/wp-admin/menu.php
    index 89c13d9..43517e9 100644
    $menu[60] = array( __('Appearance'), $appearance_cap, 'themes.php', '', 'menu-to 
    154154        $submenu['themes.php'][6] = array( __( 'Customize' ), 'customize', $customize_url, '', 'hide-if-no-customize' );
    155155
    156156        if ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) ) {
    157                 $submenu['themes.php'][10] = array(__( 'Menus' ), 'edit_theme_options', 'nav-menus.php');
     157                $submenu['themes.php'][10] = array(__( 'Menus' ), 'manage_menus', 'nav-menus.php');
    158158        }
    159159
    160160        if ( current_theme_supports( 'custom-header' ) && current_user_can( 'customize') ) {
  • src/wp-admin/nav-menus.php

    diff --git src/wp-admin/nav-menus.php src/wp-admin/nav-menus.php
    index 5f99e72..77686be 100644
    if ( ! current_theme_supports( 'menus' ) && ! current_theme_supports( 'widgets' 
    1919        wp_die( __( 'Your theme does not support navigation menus or widgets.' ) );
    2020
    2121// Permissions Check
    22 if ( ! current_user_can('edit_theme_options') )
     22if ( ! current_user_can( 'manage_menus' ) ) {
    2323        wp_die( __( 'Cheatin’ uh?' ), 403 );
     24}
    2425
    2526wp_enqueue_script( 'nav-menu' );
    2627
  • src/wp-includes/admin-bar.php

    diff --git src/wp-includes/admin-bar.php src/wp-includes/admin-bar.php
    index 49279a9..5d3e145 100644
    function wp_admin_bar_comments_menu( $wp_admin_bar ) { 
    657657function wp_admin_bar_appearance_menu( $wp_admin_bar ) {
    658658        $wp_admin_bar->add_group( array( 'parent' => 'site-name', 'id' => 'appearance' ) );
    659659
    660         if ( current_user_can( 'switch_themes' ) || current_user_can( 'edit_theme_options' ) )
    661                 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'themes', 'title' => __('Themes'), 'href' => admin_url('themes.php') ) );
    662 
    663         if ( ! current_user_can( 'edit_theme_options' ) )
    664                 return;
     660        if ( current_user_can( 'switch_themes' ) || current_user_can( 'edit_theme_options' ) ) {
     661                $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'themes', 'title' => __( 'Themes' ), 'href' => admin_url( 'themes.php' ) ) );
     662        }
    665663
    666664        $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    667665        $customize_url = add_query_arg( 'url', urlencode( $current_url ), wp_customize_url() );
    function wp_admin_bar_appearance_menu( $wp_admin_bar ) { 
    678676                add_action( 'wp_before_admin_bar_render', 'wp_customize_support_script' );
    679677        }
    680678
    681         if ( current_theme_supports( 'widgets' ) ) {
     679        if ( current_user_can( 'edit_theme_options' ) && current_theme_supports( 'widgets' ) ) {
    682680                $wp_admin_bar->add_menu( array(
    683681                        'parent' => 'appearance',
    684682                        'id'     => 'widgets',
    function wp_admin_bar_appearance_menu( $wp_admin_bar ) { 
    702700                }
    703701        }
    704702
    705         if ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) )
    706                 $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'menus', 'title' => __('Menus'), 'href' => admin_url('nav-menus.php') ) );
     703        if ( current_user_can( 'manage_menus' ) && ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) ) ) {
     704                $wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'menus', 'title' => __( 'Menus' ), 'href' => admin_url( 'nav-menus.php' ) ) );
     705        }
    707706
    708         if ( current_theme_supports( 'custom-background' ) ) {
     707        if ( current_user_can( 'edit_theme_options' ) && current_theme_supports( 'custom-background' ) ) {
    709708                $wp_admin_bar->add_menu( array(
    710709                        'parent' => 'appearance',
    711710                        'id'     => 'background',
    function wp_admin_bar_appearance_menu( $wp_admin_bar ) { 
    729728                }
    730729        }
    731730
    732         if ( current_theme_supports( 'custom-header' ) ) {
     731        if ( current_user_can( 'edit_theme_options' ) && current_theme_supports( 'custom-header' ) ) {
    733732                $wp_admin_bar->add_menu( array(
    734733                        'parent' => 'appearance',
    735734                        'id'     => 'header',
  • src/wp-includes/capabilities.php

    diff --git src/wp-includes/capabilities.php src/wp-includes/capabilities.php
    index 160c20e..47afa28 100644
    function map_meta_cap( $cap, $user_id ) { 
    13351335        case 'customize' :
    13361336                $caps[] = 'edit_theme_options';
    13371337                break;
     1338        case 'manage_menus' :
     1339                $caps[] = 'edit_theme_options';
     1340                break;
    13381341        default:
    13391342                // Handle meta capabilities for custom post types.
    13401343                $post_type_meta_caps = _post_type_meta_capabilities();
  • src/wp-includes/class-wp-customize-manager.php

    diff --git src/wp-includes/class-wp-customize-manager.php src/wp-includes/class-wp-customize-manager.php
    index c9dc52d..008fb05 100644
    final class WP_Customize_Manager { 
    11711171                        'title'          => __( 'Navigation' ),
    11721172                        'theme_supports' => 'menus',
    11731173                        'priority'       => 100,
    1174                         'description'    => sprintf( _n('Your theme supports %s menu. Select which menu you would like to use.', 'Your theme supports %s menus. Select which menu appears in each location.', $num_locations ), number_format_i18n( $num_locations ) ) . "\n\n" . __('You can edit your menu content on the Menus screen in the Appearance section.'),
     1174                        'description'    => sprintf( _n( 'Your theme supports %s menu. Select which menu you would like to use.', 'Your theme supports %s menus. Select which menu appears in each location.', $num_locations ), number_format_i18n( $num_locations ) ) . "\n\n" . __( 'You can edit your menu content on the Menus screen in the Appearance section.' ),
     1175                        'capability'     => 'manage_menus',
    11751176                ) );
    11761177
    11771178                if ( $menus ) {
    final class WP_Customize_Manager { 
    11861187                                $this->add_setting( $menu_setting_id, array(
    11871188                                        'sanitize_callback' => 'absint',
    11881189                                        'theme_supports'    => 'menus',
     1190                                        'capability'        => 'manage_menus',
    11891191                                ) );
    11901192
    11911193                                $this->add_control( $menu_setting_id, array(
  • src/wp-includes/default-widgets.php

    diff --git src/wp-includes/default-widgets.php src/wp-includes/default-widgets.php
    index 180e074..e48ea0a 100644
    class WP_Widget_Tag_Cloud extends WP_Widget { 
    13481348                $menus = wp_get_nav_menus();
    13491349
    13501350                // If no menus exists, direct the user to go and create some.
    1351                 if ( !$menus ) {
    1352                         echo '<p>'. sprintf( __('No menus have been created yet. <a href="%s">Create some</a>.'), admin_url('nav-menus.php') ) .'</p>';
     1351                if ( ! $menus ) {
     1352                        if ( current_user_can( 'manage_menus' ) ) {
     1353                                echo '<p>'. sprintf( __( 'No menus have been created yet. <a href="%s">Create some</a>.' ), admin_url( 'nav-menus.php' ) ) . '</p>';
     1354                        } else {
     1355                                echo '<p>' . __( 'No menus have been created yet, and you do not have permission to create them.' ) . '</p>';
     1356                        }
    13531357                        return;
    13541358                }
    13551359                ?>