Make WordPress Core

Ticket #6775: 6775.4.diff

File 6775.4.diff, 1.9 KB (added by mdawaffe, 16 years ago)

cap tweaks (independent of 6775.3.diff)

  • wp-includes/post-template.php

     
    641641
    642642        $rows = '';
    643643        $class = false;
     644        $can_edit_post = current_user_can( 'edit_post', $post->ID );
    644645        foreach ( $revisions as $revision ) {
     646                if ( !current_user_can( 'read_post', $revision->ID ) )
     647                        continue;
     648
    645649                $date = wp_post_revision_title( $revision );
    646650                $name = get_author_name( $revision->post_author );
    647651
     
    654658
    655659                        $class = $class ? '' : " class='alternate'";
    656660
    657                         if ( $post->ID != $revision->ID && current_user_can( 'edit_post', $post->ID ) )
     661                        if ( $post->ID != $revision->ID && $can_edit_post )
    658662                                $actions = '<a href="' . wp_nonce_url( add_query_arg( array( 'revision' => $revision->ID, 'diff' => false, 'action' => 'restore' ) ), "restore-post_$post->ID|$revision->ID" ) . '">' . __( 'Restore' ) . '</a>';
    659663                        else
    660664                                $actions = '';
  • wp-admin/revision.php

     
    3838        if ( !$right_revision = get_post( $right ) )
    3939                break;
    4040
    41         if ( !current_user_can( 'edit_post', $left_revision->ID ) || !current_user_can( 'edit_post', $right_revision->ID ) )
     41        if ( !current_user_can( 'read_post', $left_revision->ID ) || !current_user_can( 'read_post', $right_revision->ID ) )
    4242                break;
    4343
    4444        // Don't allow reverse diffs?
     
    8080        if ( !$post = get_post( $revision->post_parent ) )
    8181                break;
    8282
    83         if ( !current_user_can( 'edit_post', $revision->ID ) || !current_user_can( 'edit_post', $post->ID ) )
     83        if ( !current_user_can( 'read_post', $revision->ID ) || !current_user_can( 'read_post', $post->ID ) )
    8484                break;
    8585
    8686        $post_title = '<a href="' . get_edit_post_link() . '">' . get_the_title() . '</a>';