Make WordPress Core


Ignore:
Timestamp:
02/11/2006 09:56:02 AM (18 years ago)
Author:
ryan
Message:

Add new page caps now that pages can be draft or publish. Brings page caps to parity with posts. Add delete caps for posts and pages. fixes #2382 #2336 #2301

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/admin-functions.php

    r3510 r3513  
    55    global $user_ID;
    66
    7     if (!current_user_can('edit_posts'))
    8         die(__('You are not allowed to create posts or drafts on this blog.'));
     7    if ( 'page' == $_POST['post_type'] ) {
     8        if ( !current_user_can('edit_pages') )
     9            die(__('You are not allowed to create pages on this blog.'));   
     10    } else {
     11        if ( !current_user_can('edit_posts') )
     12            die(__('You are not allowed to create posts or drafts on this blog.'));
     13    }
    914
    1015    // Rename.
     
    1621    if (!empty ($_POST['post_author_override'])) {
    1722        $_POST['post_author'] = (int) $_POST['post_author_override'];
    18     } else
     23    } else {
    1924        if (!empty ($_POST['post_author'])) {
    2025            $_POST['post_author'] = (int) $_POST['post_author'];
     
    2328        }
    2429
    25     if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts'))
    26         die(__('You cannot post as this user.'));
     30    }
     31
     32    if ($_POST['post_author'] != $_POST['user_ID']) {
     33        if ( 'page' == $_POST['post_type'] ) {     
     34            if ( !current_user_can('edit_others_pages') )
     35                die(__('You cannot create pages as this user.'));
     36        } else {
     37            if ( !current_user_can('edit_others_posts') )
     38                die(__('You cannot post as this user.'));
     39           
     40        }
     41    }
    2742
    2843    // What to do based on which button they pressed
     
    3550    if ('' != $_POST['advanced'])
    3651        $_POST['post_status'] = 'draft';
    37     //if ('' != $_POST['savepage']) {
    38     //  $_POST['post_status'] = 'draft';
    39 
    40     if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
    41         $_POST['post_status'] = 'draft';
    42 
    43     if ('page' == $_POST['post_type'] && !current_user_can('edit_pages'))
    44         die(__('This user cannot edit pages.'));
     52
     53    if ( 'page' == $_POST['post_type'] ) {
     54        if ('publish' == $_POST['post_status'] && !current_user_can('publish_pages'))
     55            $_POST['post_status'] = 'draft';   
     56    } else {
     57        if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
     58            $_POST['post_status'] = 'draft';
     59    }
    4560
    4661    if (!empty ($_POST['edit_date'])) {
     
    124139    $post_ID = (int) $_POST['post_ID'];
    125140
    126     if (!current_user_can('edit_post', $post_ID))
    127         die(__('You are not allowed to edit this post.'));
     141    if ( 'page' == $_POST['post_type'] ) {
     142        if ( !current_user_can('edit_page', $post_ID) )
     143            die(__('You are not allowed to edit this page.')); 
     144    } else {
     145        if ( !current_user_can('edit_post', $post_ID) )
     146            die(__('You are not allowed to edit this post.'));
     147    }
    128148
    129149    // Rename.
     
    143163        }
    144164
    145     if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts'))
    146         die(__('You cannot post as this user.'));
     165    if ($_POST['post_author'] != $_POST['user_ID']) {
     166        if ( 'page' == $_POST['post_type'] ) {     
     167            if ( !current_user_can('edit_others_pages') )
     168                die(__('You cannot edit pages as this user.'));
     169        } else {
     170            if ( !current_user_can('edit_others_posts') )
     171                die(__('You cannot edit posts as this user.'));
     172           
     173        }
     174    }
    147175
    148176    // What to do based on which button they pressed
     
    155183    if ('' != $_POST['advanced'])
    156184        $_POST['post_status'] = 'draft';
    157     //if ('' != $_POST['savepage'])
    158     //  $_POST['post_status'] = 'static';
    159 
    160     if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
    161         $_POST['post_status'] = 'draft';
    162 
    163     if ('static' == $_POST['post_status'] && !current_user_can('edit_pages'))
    164         die(__('This user cannot edit pages.'));
     185
     186    if ( 'page' == $_POST['post_type'] ) {
     187        if ('publish' == $_POST['post_status'] && !current_user_can('edit_published_pages'))
     188            $_POST['post_status'] = 'draft';   
     189    } else {
     190        if ('publish' == $_POST['post_status'] && !current_user_can('edit_published_posts'))
     191            $_POST['post_status'] = 'draft';
     192    }
    165193
    166194    if (!isset ($_POST['comment_status']))
Note: See TracChangeset for help on using the changeset viewer.