Ticket #39677: 39677.2.diff
| File 39677.2.diff, 6.5 KB (added by , 8 years ago) |
|---|
-
src/wp-admin/network/settings.php
63 63 ); 64 64 65 65 // Handle translation install. 66 if ( ! empty( $_POST['WPLANG'] ) && wp_can_install_language_pack() ) { // @todo: Skip if already installed66 if ( ! empty( $_POST['WPLANG'] ) && current_user_can( 'install_languages' ) && wp_can_install_language_pack() ) { // @todo: Skip if already installed 67 67 $language = wp_download_language_pack( $_POST['WPLANG'] ); 68 68 if ( $language ) { 69 69 $_POST['WPLANG'] = $language; … … 342 342 'selected' => $lang, 343 343 'languages' => $languages, 344 344 'translations' => $translations, 345 'show_available_translations' => wp_can_install_language_pack(),345 'show_available_translations' => current_user_can( 'install_languages' ) && wp_can_install_language_pack(), 346 346 ) ); 347 347 ?> 348 348 </td> -
src/wp-admin/network/site-new.php
65 65 if ( isset( $_POST['WPLANG'] ) ) { 66 66 if ( '' === $_POST['WPLANG'] ) { 67 67 $meta['WPLANG'] = ''; // en_US 68 } elseif ( wp_can_install_language_pack() ) {68 } elseif ( current_user_can( 'install_languages' ) && wp_can_install_language_pack() ) { 69 69 $language = wp_download_language_pack( wp_unslash( $_POST['WPLANG'] ) ); 70 70 if ( $language ) { 71 71 $meta['WPLANG'] = $language; … … 233 233 'selected' => $lang, 234 234 'languages' => $languages, 235 235 'translations' => $translations, 236 'show_available_translations' => wp_can_install_language_pack(),236 'show_available_translations' => current_user_can( 'install_languages' ) && wp_can_install_language_pack(), 237 237 ) ); 238 238 ?> 239 239 </td> -
src/wp-admin/options-general.php
144 144 'selected' => $locale, 145 145 'languages' => $languages, 146 146 'translations' => $translations, 147 'show_available_translations' => ( ! is_multisite() || is_super_admin()) && wp_can_install_language_pack(),147 'show_available_translations' => current_user_can( 'install_languages' ) && wp_can_install_language_pack(), 148 148 ) ); 149 149 150 150 // Add note about deprecated WPLANG constant. -
src/wp-admin/options.php
182 182 } 183 183 184 184 // Handle translation install. 185 if ( ! empty( $_POST['WPLANG'] ) && ( ! is_multisite() || is_super_admin()) ) { // @todo: Skip if already installed185 if ( ! empty( $_POST['WPLANG'] ) && current_user_can( 'install_languages' ) ) { // @todo: Skip if already installed 186 186 require_once( ABSPATH . 'wp-admin/includes/translation-install.php' ); 187 187 188 188 if ( wp_can_install_language_pack() ) { -
src/wp-admin/update-core.php
608 608 echo ' <a class="button" href="' . esc_url( self_admin_url('update-core.php?force-check=1') ) . '">' . __( 'Check Again' ) . '</a>'; 609 609 echo '</p>'; 610 610 611 if ( $core = current_user_can( 'update_core' ) )611 if ( current_user_can( 'update_core' ) ) { 612 612 core_upgrade_preamble(); 613 if ( $plugins = current_user_can( 'update_plugins' ) ) 613 } 614 if ( current_user_can( 'update_plugins' ) ) { 614 615 list_plugin_updates(); 615 if ( $themes = current_user_can( 'update_themes' ) ) 616 } 617 if ( current_user_can( 'update_themes' ) ) { 616 618 list_theme_updates(); 617 if ( $core || $plugins || $themes ) 619 } 620 if ( current_user_can( 'update_languages' ) ) { 618 621 list_translation_updates(); 619 unset( $core, $plugins, $themes ); 622 } 623 620 624 /** 621 625 * Fires after the core, plugin, and theme update tables. 622 626 * … … 729 733 730 734 } elseif ( 'do-translation-upgrade' == $action ) { 731 735 732 if ( ! current_user_can( 'update_ core' ) && ! current_user_can( 'update_plugins' ) && ! current_user_can( 'update_themes' ) )736 if ( ! current_user_can( 'update_languages' ) ) 733 737 wp_die( __( 'Sorry, you are not allowed to update this site.' ) ); 734 738 735 739 check_admin_referer( 'upgrade-translations' ); -
src/wp-includes/capabilities.php
378 378 case 'install_themes': 379 379 case 'upload_themes': 380 380 case 'update_core': 381 // Disallow anything that creates, deletes, or updates core, plugin, or theme files. 381 case 'update_languages': 382 case 'install_languages': 383 // Disallow anything that creates, deletes, or updates core, plugin, theme, or translation files. 382 384 // Files in uploads are excepted. 383 385 if ( wp_disallow_file_mods( 'capability_update_core' ) ) { 384 386 $caps[] = 'do_not_allow'; 385 387 } elseif ( is_multisite() && ! is_super_admin( $user_id ) ) { 386 388 $caps[] = 'do_not_allow'; 389 } elseif ( 'update_languages' === $cap || 'install_languages' === $cap ) { 390 $caps[] = 'update_core'; 387 391 } elseif ( 'upload_themes' === $cap ) { 388 392 $caps[] = 'install_themes'; 389 393 } elseif ( 'upload_plugins' === $cap ) { -
tests/phpunit/tests/user/capabilities.php
233 233 'upload_themes' => array( 'administrator' ), 234 234 'customize' => array( 'administrator' ), 235 235 'add_users' => array( 'administrator' ), 236 'install_languages' => array( 'administrator' ), 237 'update_languages' => array( 'administrator' ), 236 238 237 239 'edit_categories' => array( 'administrator', 'editor' ), 238 240 'delete_categories' => array( 'administrator', 'editor' ), … … 261 263 'upload_themes' => array(), 262 264 'edit_css' => array(), 263 265 'upgrade_network' => array(), 266 'install_languages' => array(), 267 'update_languages' => array(), 264 268 265 269 'customize' => array( 'administrator' ), 266 270 'delete_site' => array( 'administrator' ),