Make WordPress Core

Changeset 21046


Ignore:
Timestamp:
06/10/2012 04:21:44 PM (13 years ago)
Author:
ryan
Message:

Make read_post more useful. Map read_post to edit_post for posts with protected post states. This makes read_post work naturally for draft, future, and pending posts belonging to other users. If the current user cannot edit these non-public posts then the user should not be able to read them either.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/capabilities.php

    r20683 r21046  
    10771077        }
    10781078
    1079         if ( 'private' != $post->post_status ) {
     1079        $status_obj = get_post_status_object( $post->post_status );
     1080        if ( $status_obj->public ) {
    10801081            $caps[] = $post_type->cap->read;
    10811082            break;
     
    10911092        if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID )
    10921093            $caps[] = $post_type->cap->read;
     1094        elseif ( $status_obj->private )
     1095            $caps[] = $post_type->cap->read_private_posts;
    10931096        else
    1094             $caps[] = $post_type->cap->read_private_posts;
     1097            $caps[] = map_meta_cap( 'edit_post', $user_id, $post->ID );
    10951098        break;
    10961099    case 'edit_post_meta':
Note: See TracChangeset for help on using the changeset viewer.