Changeset 33358
- Timestamp:
- 07/22/2015 04:05:17 AM (9 years ago)
- Location:
- branches/4.2
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.2/src/wp-admin/includes/dashboard.php
r32175 r33358 418 418 function wp_dashboard_quick_press( $error_msg = false ) { 419 419 global $post_ID; 420 421 if ( ! current_user_can( 'edit_posts' ) ) { 422 return; 423 } 420 424 421 425 /* Check if a new auto-draft (= no new post_ID) is needed or if the old can be used */ -
branches/4.2/src/wp-admin/post.php
r31633 r33358 116 116 $error_msg = __( 'Unable to submit this form, please refresh and try again.' ); 117 117 118 if ( ! current_user_can( 'edit_posts' ) ) 119 $error_msg = __( 'Oops, you don’t have access to add new drafts.' ); 118 if ( ! current_user_can( 'edit_posts' ) ) { 119 exit; 120 } 120 121 121 122 if ( $error_msg ) -
branches/4.2/src/wp-includes/capabilities.php
r32173 r33358 1144 1144 case 'edit_page': 1145 1145 $post = get_post( $args[0] ); 1146 if ( empty( $post ) ) 1146 if ( empty( $post ) ) { 1147 $caps[] = 'do_not_allow'; 1147 1148 break; 1149 } 1148 1150 1149 1151 if ( 'revision' == $post->post_type ) { -
branches/4.2/tests/phpunit/tests/user/capabilities.php
r32177 r33358 742 742 $this->assertFalse( $user->has_cap( 'publish_pages' ) ); 743 743 } 744 745 function test_subscriber_cant_edit_posts() { 746 $user = new WP_User( $this->factory->user->create( array( 'role' => 'subscriber' ) ) ); 747 wp_set_current_user( $user->ID ); 748 749 $post = $this->factory->post->create( array( 'post_author' => 1 ) ); 750 751 $this->assertFalse( current_user_can( 'edit_post', $post ) ); 752 $this->assertFalse( current_user_can( 'edit_post', $post + 1 ) ); 753 } 744 754 }
Note: See TracChangeset
for help on using the changeset viewer.