Make WordPress Core

Changeset 17432


Ignore:
Timestamp:
02/09/2011 05:30:46 PM (14 years ago)
Author:
ryan
Message:

Add additional promote_users checks. Show Add existing button only for multisite. Don't show bulk actions if user can't promote users. Show add new user menu if user has create_users but not promote_users. Props nacin. fixes #16501 for 3.1

Location:
branches/3.1/wp-admin
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • branches/3.1/wp-admin/includes/class-wp-users-list-table.php

    r17324 r17432  
    132132    function extra_tablenav( $which ) {
    133133        if ( 'top' != $which )
     134            return;
     135        if ( ! current_user_can( 'promote_users' ) )
    134136            return;
    135137?>
  • branches/3.1/wp-admin/menu.php

    r17267 r17432  
    192192    $_wp_real_parent_file['profile.php'] = 'users.php'; // Back-compat for plugins adding submenus to profile.php.
    193193    $submenu['users.php'][5] = array(__('Users'), 'list_users', 'users.php');
    194     $submenu['users.php'][10] = array(_x('Add New', 'user'), 'promote_users', 'user-new.php');
     194    if ( current_user_can('create_users') )
     195        $submenu['users.php'][10] = array(_x('Add New', 'user'), 'create_users', 'user-new.php');
     196    else
     197        $submenu['users.php'][10] = array(_x('Add New', 'user'), 'promote_users', 'user-new.php');
    195198
    196199    $submenu['users.php'][15] = array(__('Your Profile'), 'read', 'profile.php');
     
    198201    $_wp_real_parent_file['users.php'] = 'profile.php';
    199202    $submenu['profile.php'][5] = array(__('Your Profile'), 'read', 'profile.php');
    200     $submenu['profile.php'][10] = array(__('Add New User'), 'promote_users', 'user-new.php');
     203    if ( current_user_can('create_users') )
     204        $submenu['profile.php'][10] = array(__('Add New User'), 'create_users', 'user-new.php');
     205    else
     206        $submenu['profile.php'][10] = array(__('Add New User'), 'promote_users', 'user-new.php');
    201207}
    202208
  • branches/3.1/wp-admin/user-new.php

    r17069 r17432  
    1010require_once('./admin.php');
    1111
    12 if ( ! current_user_can('create_users') && ! current_user_can('promote_users') )
    13     wp_die(__('Cheatin’ uh?'));
     12if ( is_multisite() ) {
     13    if ( ! current_user_can( 'create_users' ) && ! current_user_can( 'promote_users' ) )
     14        wp_die( __( 'Cheatin’ uh?' ) );
     15} elseif ( ! current_user_can( 'create_users' ) ) {
     16    wp_die( __( 'Cheatin’ uh?' ) );
     17}
    1418
    1519if ( is_multisite() ) {
  • branches/3.1/wp-admin/users.php

    r17366 r17432  
    4848case 'promote':
    4949    check_admin_referer('bulk-users');
     50
     51    if ( ! current_user_can( 'promote_users' ) )
     52        wp_die( __( 'You can’t edit that user.' ) );
    5053
    5154    if ( empty($_REQUEST['users']) ) {
     
    353356if ( current_user_can( 'create_users' ) ) { ?>
    354357    <a href="user-new.php" class="button add-new-h2"><?php echo esc_html_x( 'Add New', 'user' ); ?></a>
    355 <?php } elseif ( current_user_can( 'promote_users' ) ) { ?>
     358<?php } elseif ( is_multisite() && current_user_can( 'promote_users' ) ) { ?>
    356359    <a href="user-new.php" class="button add-new-h2"><?php echo esc_html_x( 'Add Existing', 'user' ); ?></a>
    357360<?php }
Note: See TracChangeset for help on using the changeset viewer.