Changeset 39402

Timestamp:

12/01/2016 02:30:07 AM (8 years ago)

Author:

rachelbaker

Message:

REST API: Fix incorrect capability check on term create.

Change the capability check used in WP_REST_Terms_Controller when creating a new term is attempted, from manage_terms to edit_terms. This matches the behavior within the WordPress admin. See #35614.

Props johnbillion, rmccue, rachelbaker, helen, jorbin, SergeyBiryukov.

Fixes #38958.

File:

• trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php (modified) (1 diff)

trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php

@@ -350 +350 @@
 
         $taxonomy_obj = get_taxonomy( $this->taxonomy );
-        if ( ! current_user_can( $taxonomy_obj->cap->manage_terms ) ) {
+        if ( ! current_user_can( $taxonomy_obj->cap->edit_terms ) ) {
             return new WP_Error( 'rest_cannot_create', __( 'Sorry, you are not allowed to create new terms.' ), array( 'status' => rest_authorization_required_code() ) );
         }