Make WordPress Core

Ticket #41037: 41037.diff

File 41037.diff, 2.6 KB (added by lipathor, 5 years ago)
  • src/wp-includes/capabilities.php

    diff --git a/src/wp-includes/capabilities.php b/src/wp-includes/capabilities.php
    index 0c40c7e384..63ade44df3 100644
    a b function map_meta_cap( $cap, $user_id, ...$args ) { 
    381381                        }
    382382
    383383                        $post = get_post( $comment->comment_post_ID );
     384                        $author = $comment->user_id;
    384385
     386                        if ( ! (int) $author === 0 ) {
     387                                $caps[] = 'do_not_allow';
     388                                break;
     389                        }
    385390                        /*
    386391                         * If the post doesn't exist, we have an orphaned comment.
    387392                         * Fall back to the edit_posts capability, instead.
    function map_meta_cap( $cap, $user_id, ...$args ) { 
    391396                        } else {
    392397                                $caps = map_meta_cap( 'edit_posts', $user_id );
    393398                        }
     399                        if ( (int) $author === $user_id ) {
     400                                $caps[] = [$cap];
     401                        }
    394402                        break;
    395403                case 'unfiltered_upload':
    396404                        if ( defined( 'ALLOW_UNFILTERED_UPLOADS' ) && ALLOW_UNFILTERED_UPLOADS && ( ! is_multisite() || is_super_admin( $user_id ) ) ) {
    function wp_maybe_grant_site_health_caps( $allcaps, $caps, $args, $user ) { 
    10471055        return $allcaps;
    10481056}
    10491057
     1058/**
     1059 * Filters the user capabilities to grant the 'edit_comment' capability as necessary.
     1060 *
     1061 * @since 5.4
     1062 *
     1063 * @param bool[]   $allcaps An array of all the user's capabilities.
     1064 * @param string[] $caps    Required primitive capabilities for the requested capability.
     1065 * @param array    $args {
     1066 *     Arguments that accompany the requested capability check.
     1067 *
     1068 *     @type string    $0 Requested capability.
     1069 *     @type int       $1 Concerned user ID.
     1070 *     @type mixed  ...$2 Optional second and further parameters, typically object ID.
     1071 * }
     1072 * @param WP_User  $user    The user object.
     1073 * @return bool[] Filtered array of the user's capabilities.
     1074 */
     1075function wp_maybe_grant_edit_comment($allcaps, $caps, $args, $user ) {
     1076        if( in_array('edit_comment', $caps) ) {
     1077                $allcaps['edit_comment'] = true;
     1078        }
     1079
     1080        return $allcaps;
     1081}
     1082
    10501083return;
    10511084
    10521085// Dummy gettext calls to get strings in the catalog.
  • src/wp-includes/default-filters.php

    diff --git a/src/wp-includes/default-filters.php b/src/wp-includes/default-filters.php
    index 26cdfeba20..662bab6ac4 100644
    a b add_filter( 'pre_oembed_result', 'wp_filter_pre_oembed_result', 10, 3 ); 
    582582add_filter( 'user_has_cap', 'wp_maybe_grant_install_languages_cap', 1 );
    583583add_filter( 'user_has_cap', 'wp_maybe_grant_resume_extensions_caps', 1 );
    584584add_filter( 'user_has_cap', 'wp_maybe_grant_site_health_caps', 1, 4 );
     585add_filter( 'user_has_cap', 'wp_maybe_grant_edit_comment', 1, 5);
    585586
    586587unset( $filter, $action );