WordPress.org

Make WordPress Core

Ticket #44176: 44176.diff

File 44176.diff, 4.9 KB (added by xkon, 21 months ago)
  • src/wp-admin/erase-personal-data.php

    diff --git a/src/wp-admin/erase-personal-data.php b/src/wp-admin/erase-personal-data.php
    index dc80022eef..e79c72b6c4 100644
    a b  
    99/** WordPress Administration Bootstrap */
    1010require_once( dirname( __FILE__ ) . '/admin.php' );
    1111
    12 if ( ! current_user_can( 'erase_others_personal_data' ) || ! current_user_can( 'delete_users' ) ) {
     12if ( ! current_user_can( 'erase_others_personal_data' ) ) {
    1313        wp_die( __( 'Sorry, you are not allowed to erase data on this site.' ) );
    1414}
    1515
  • src/wp-admin/includes/ajax-actions.php

    diff --git a/src/wp-admin/includes/ajax-actions.php b/src/wp-admin/includes/ajax-actions.php
    index d1700d9fa0..12976aa15c 100644
    a b function wp_ajax_wp_privacy_erase_personal_data() { 
    48904890                wp_send_json_error( __( 'Invalid request ID.' ) );
    48914891        }
    48924892
    4893         // Both capabilities are required to avoid confusion, see `_wp_personal_data_removal_page()`.
    4894         if ( ! current_user_can( 'erase_others_personal_data' ) || ! current_user_can( 'delete_users' ) ) {
     4893        if ( ! current_user_can( 'erase_others_personal_data' ) ) {
    48954894                wp_send_json_error( __( 'Sorry, you are not allowed to perform this action.' ) );
    48964895        }
    48974896
  • src/wp-admin/includes/schema.php

    diff --git a/src/wp-admin/includes/schema.php b/src/wp-admin/includes/schema.php
    index a2e8216457..1448d2f528 100644
    a b function populate_roles() { 
    695695        populate_roles_270();
    696696        populate_roles_280();
    697697        populate_roles_300();
     698        populate_roles_540();
    698699}
    699700
    700701/**
    function populate_roles_300() { 
    924925        }
    925926}
    926927
     928/**
     929 * Create and modify WordPress roles for WordPress 5.4.
     930 *
     931 * @since 5.4.0
     932 */
     933function populate_roles_540() {
     934        // Add the caps to the Administrators as they were split.
     935        $role = get_role( 'administrator' );
     936
     937        if ( ! empty( $role ) ) {
     938                $role->add_cap( 'export_others_personal_data' );
     939                $role->add_cap( 'erase_others_personal_data' );
     940                $role->add_cap( 'manage_privacy_options' );
     941        }
     942
     943        // Introduce DPO and add all the caps by default.
     944        add_role( 'dpo', 'DPO' );
     945
     946        $role = get_role( 'dpo' );
     947
     948        if ( ! empty( $role ) ) {
     949                $role->add_cap( 'export_others_personal_data' );
     950                $role->add_cap( 'erase_others_personal_data' );
     951                $role->add_cap( 'manage_privacy_options' );
     952                $role->add_cap( 'read' );
     953                $role->add_cap( 'level_0' );
     954                $role->add_cap( 'edit_pages' );
     955                $role->add_cap( 'edit_others_pages' );
     956                $role->add_cap( 'edit_published_pages' );
     957                $role->add_cap( 'publish_pages' );
     958                $role->add_cap( 'delete_pages' );
     959                $role->add_cap( 'delete_others_pages' );
     960                $role->add_cap( 'delete_published_pages' );
     961                $role->add_cap( 'delete_private_pages' );
     962                $role->add_cap( 'edit_private_pages' );
     963                $role->add_cap( 'read_private_pages' );
     964        }
     965}
     966
    927967if ( ! function_exists( 'install_network' ) ) :
    928968        /**
    929969         * Install Network.
  • src/wp-admin/menu.php

    diff --git a/src/wp-admin/menu.php b/src/wp-admin/menu.php
    index 7aec19663d..b78d4f5bde 100644
    a b if ( ! is_multisite() && defined( 'WP_ALLOW_MULTISITE' ) && WP_ALLOW_MULTISITE ) 
    288288        $submenu['tools.php'][50] = array( __( 'Network Setup' ), 'setup_network', 'network.php' );
    289289}
    290290
    291 $menu[80]                               = array( __( 'Settings' ), 'manage_options', 'options-general.php', '', 'menu-top menu-icon-settings', 'menu-settings', 'dashicons-admin-settings' );
     291if ( current_user_can( 'manage_options' ) ) {
     292        $menu[80] = array( __( 'Settings' ), 'manage_options', 'options-general.php', '', 'menu-top menu-icon-settings', 'menu-settings', 'dashicons-admin-settings' );
     293} elseif ( current_user_can( 'manage_privacy_options' ) && ! current_user_can( 'manage_options' ) ) {
     294        $menu[80] = array( __( 'Settings' ), 'manage_privacy_options', 'options-general.php', '', 'menu-top menu-icon-settings', 'menu-settings', 'dashicons-admin-settings' );
     295}
     296
    292297        $submenu['options-general.php'][10] = array( _x( 'General', 'settings screen' ), 'manage_options', 'options-general.php' );
    293298        $submenu['options-general.php'][15] = array( __( 'Writing' ), 'manage_options', 'options-writing.php' );
    294299        $submenu['options-general.php'][20] = array( __( 'Reading' ), 'manage_options', 'options-reading.php' );
  • src/wp-includes/capabilities.php

    diff --git a/src/wp-includes/capabilities.php b/src/wp-includes/capabilities.php
    index 0c40c7e384..93e7084324 100644
    a b function map_meta_cap( $cap, $user_id, ...$args ) { 
    574574                        }
    575575                        break;
    576576                case 'export_others_personal_data':
     577                        $caps[] = 'export_others_personal_data';
     578                        break;
    577579                case 'erase_others_personal_data':
     580                        $caps[] = 'erase_others_personal_data';
     581                        break;
    578582                case 'manage_privacy_options':
    579                         $caps[] = is_multisite() ? 'manage_network' : 'manage_options';
     583                        $caps[] = 'manage_privacy_options';
    580584                        break;
    581585                default:
    582586                        // Handle meta capabilities for custom post types.