Make WordPress Core


Ignore:
Timestamp:
09/30/2016 10:39:32 PM (8 years ago)
Author:
johnbillion
Message:

Taxonomy: Introduce more fine grained capabilities for managing taxonomy terms.

This introduces the singular edit_term, delete_term, and assign_term meta capabilities for terms, and switches the base capability name for tags from manage_categories to manage_post_tags and the corresponding edit_post_tags, delete_post_tags, and assign_post_tags.

All of these capabilities ultimately map to manage_categories so by default there is no change in the behaviour of the capabilities for categories, tags, or custom taxonomies. The map_meta_cap filter and the capabilities argument when registering a taxonomy now allow for control over editing, deleting, and assigning individual terms, as well as a separation of capabilities for tags from those of categories.

Fixes #35614
Props johnjamesjacoby for feedback

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/capabilities.php

    r38695 r38698  
    403403        $caps[] = 'manage_options';
    404404        break;
     405    case 'edit_term':
     406    case 'delete_term':
     407    case 'assign_term':
     408        $term_id = $args[0];
     409        $term = get_term( $term_id );
     410        if ( ! $term || is_wp_error( $term ) ) {
     411            $caps[] = 'do_not_allow';
     412            break;
     413        }
     414
     415        $tax = get_taxonomy( $term->taxonomy );
     416        if ( ! $tax ) {
     417            $caps[] = 'do_not_allow';
     418            break;
     419        }
     420
     421        if ( 'delete_term' === $cap && ( $term->term_id == get_option( 'default_' . $term->taxonomy ) ) ) {
     422            $caps[] = 'do_not_allow';
     423            break;
     424        }
     425
     426        $taxo_cap = $cap . 's';
     427
     428        $caps = map_meta_cap( $tax->cap->$taxo_cap, $user_id, $term_id );
     429
     430        break;
     431    case 'manage_post_tags':
     432    case 'edit_categories':
     433    case 'edit_post_tags':
     434    case 'delete_categories':
     435    case 'delete_post_tags':
     436        $caps[] = 'manage_categories';
     437        break;
     438    case 'assign_categories':
     439    case 'assign_post_tags':
     440        $caps[] = 'edit_posts';
     441        break;
    405442    case 'create_sites':
    406443    case 'delete_sites':
Note: See TracChangeset for help on using the changeset viewer.