Changeset 35747
- Timestamp:
- 11/29/2015 02:24:15 AM (9 years ago)
- Location:
- trunk
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/capabilities.php
r35718 r35747 84 84 // If the post author is set and the user is the author... 85 85 if ( $post->post_author && $user_id == $post->post_author ) { 86 // If the post is published ...87 if ( 'publish' == $post->post_status) {86 // If the post is published or scheduled... 87 if ( in_array( $post->post_status, array( 'publish', 'future' ), true ) ) { 88 88 $caps[] = $post_type->cap->delete_published_posts; 89 89 } elseif ( 'trash' == $post->post_status ) { 90 if ( 'publish' == get_post_meta( $post->ID, '_wp_trash_meta_status', true ) ) { 90 $status = get_post_meta( $post->ID, '_wp_trash_meta_status', true ); 91 if ( in_array( $status, array( 'publish', 'future' ), true ) ) { 91 92 $caps[] = $post_type->cap->delete_published_posts; 93 } else { 94 $caps[] = $post_type->cap->delete_posts; 92 95 } 93 96 } else { … … 98 101 // The user is trying to edit someone else's post. 99 102 $caps[] = $post_type->cap->delete_others_posts; 100 // The post is published , extra cap required.101 if ( 'publish' == $post->post_status) {103 // The post is published or scheduled, extra cap required. 104 if ( in_array( $post->post_status, array( 'publish', 'future' ), true ) ) { 102 105 $caps[] = $post_type->cap->delete_published_posts; 103 106 } elseif ( 'private' == $post->post_status ) { … … 142 145 // If the post author is set and the user is the author... 143 146 if ( $post->post_author && $user_id == $post->post_author ) { 144 // If the post is published ...145 if ( 'publish' == $post->post_status) {147 // If the post is published or scheduled... 148 if ( in_array( $post->post_status, array( 'publish', 'future' ), true ) ) { 146 149 $caps[] = $post_type->cap->edit_published_posts; 147 150 } elseif ( 'trash' == $post->post_status ) { 148 if ( 'publish' == get_post_meta( $post->ID, '_wp_trash_meta_status', true ) ) { 151 $status = get_post_meta( $post->ID, '_wp_trash_meta_status', true ); 152 if ( in_array( $status, array( 'publish', 'future' ), true ) ) { 149 153 $caps[] = $post_type->cap->edit_published_posts; 154 } else { 155 $caps[] = $post_type->cap->edit_posts; 150 156 } 151 157 } else { … … 156 162 // The user is trying to edit someone else's post. 157 163 $caps[] = $post_type->cap->edit_others_posts; 158 // The post is published , extra cap required.159 if ( 'publish' == $post->post_status) {164 // The post is published or scheduled, extra cap required. 165 if ( in_array( $post->post_status, array( 'publish', 'future' ), true ) ) { 160 166 $caps[] = $post_type->cap->edit_published_posts; 161 167 } elseif ( 'private' == $post->post_status ) { -
trunk/tests/phpunit/tests/user/capabilities.php
r35242 r35747 982 982 } 983 983 984 /** 985 * @ticket 33694 986 */ 987 function test_contributor_cannot_edit_scheduled_post() { 988 989 // Add a contributor 990 $contributor = $this->factory->user->create_and_get( array( 991 'role' => 'contributor', 992 ) ); 993 994 // Give them a scheduled post 995 $post = $this->factory->post->create_and_get( array( 996 'post_author' => $contributor->ID, 997 'post_status' => 'future', 998 ) ); 999 1000 // Ensure contributor can't edit or trash the post 1001 $this->assertFalse( user_can( $contributor->ID, 'edit_post', $post->ID ) ); 1002 $this->assertFalse( user_can( $contributor->ID, 'delete_post', $post->ID ) ); 1003 1004 // Test the tests 1005 $this->assertTrue( defined( 'EMPTY_TRASH_DAYS' ) ); 1006 $this->assertNotEmpty( EMPTY_TRASH_DAYS ); 1007 1008 // Trash it 1009 $trashed = wp_trash_post( $post->ID ); 1010 $this->assertNotEmpty( $trashed ); 1011 1012 // Ensure contributor can't edit, un-trash, or delete the post 1013 $this->assertFalse( user_can( $contributor->ID, 'edit_post', $post->ID ) ); 1014 $this->assertFalse( user_can( $contributor->ID, 'delete_post', $post->ID ) ); 1015 1016 } 1017 984 1018 function test_multisite_administrator_with_manage_network_users_can_edit_users() { 985 1019 if ( ! is_multisite() ) {
Note: See TracChangeset
for help on using the changeset viewer.