WordPress.org

Make WordPress Core

Changeset 21085


Ignore:
Timestamp:
06/15/12 17:48:01 (3 years ago)
Author:
markjaquith
Message:

Make read_post more useful. Map read_post to edit_post for posts with protected post states. This makes read_post work naturally for draft, future, and pending posts belonging to other users. If the current user cannot edit these non-public posts then the user should not be able to read them either.

Backports [21046] for the 3.3 branch.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/3.3/wp-includes/capabilities.php

    r20499 r21085  
    10661066        } 
    10671067 
    1068         if ( 'private' != $post->post_status ) { 
     1068        $status_obj = get_post_status_object( $post->post_status ); 
     1069        if ( $status_obj->public ) { 
    10691070            $caps[] = $post_type->cap->read; 
    10701071            break; 
     
    10801081        if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID ) 
    10811082            $caps[] = $post_type->cap->read; 
     1083        elseif ( $status_obj->private ) 
     1084            $caps[] = $post_type->cap->read_private_posts; 
    10821085        else 
    1083             $caps[] = $post_type->cap->read_private_posts; 
     1086            $caps[] = map_meta_cap( 'edit_post', $user_id, $post->ID ); 
    10841087        break; 
    10851088    case 'edit_post_meta': 
Note: See TracChangeset for help on using the changeset viewer.