Make WordPress Core


Ignore:
Timestamp:
06/05/2006 04:52:21 PM (19 years ago)
Author:
ryan
Message:

Add more fine grained user management caps. Part 1. #2775

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/users.php

    r3788 r3846  
    2424    $update = 'promote';
    2525    foreach($userids as $id) {
     26        if ( ! current_user_can('edit_user', $id) )
     27            die(__('You can’t edit that user.'));
    2628        // The new role of the current user must also have edit_users caps
    2729        if($id == $current_user->id && !$wp_roles->role_objects[$_POST['new_role']]->has_cap('edit_users')) {
     
    4648    }
    4749
    48     if ( !current_user_can('edit_users') )
     50    if ( !current_user_can('delete_users') )
    4951        die(__('You can’t delete users.'));
    5052
     
    5355    $update = 'del';
    5456    foreach ($userids as $id) {
     57        if ( ! current_user_can('delete_user', $id) )
     58            die(__('You can’t delete that user.'));
     59 
    5560        if($id == $current_user->id) {
    5661            $update = 'err_admin_del';
     
    7984    }
    8085
    81     if ( !current_user_can('edit_users') )
     86    if ( !current_user_can('delete_users') )
    8287        $error = new WP_Error('edit_users', __('You can’t delete users.'));
    8388
     
    135140    check_admin_referer('add-user');
    136141
     142    if ( ! current_user_can('create_users') )
     143        die(__('You can’t create users.'));
     144
    137145    $user_id = add_user();
    138146    if ( is_wp_error( $user_id ) )
Note: See TracChangeset for help on using the changeset viewer.