WordPress.org

Make WordPress Core

Changeset 39588


Ignore:
Timestamp:
12/12/16 21:41:44 (4 months ago)
Author:
flixos90
Message:

Multisite: Handle capability check for removing oneself via map_meta_cap().

Site administrators should not be able to remove themselves from a site. This moves the enforcement of this rule from wp-admin/users.php to remove_user_from_blog() via the remove_user capability, which furthermore allows us to get rid of two additional clauses and their is_super_admin() checks in wp-admin/users.php. A unit test for the new behavior has been added.

Fixes #39063. See #37616.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/users.php

    r39534 r39588  
    322322    foreach ( $userids as $id ) { 
    323323        $id = (int) $id; 
    324         if ( $id == $current_user->ID && !is_super_admin() ) { 
    325             $update = 'err_admin_remove'; 
    326             continue; 
    327         } 
    328324        if ( !current_user_can('remove_user', $id) ) { 
    329325            $update = 'err_admin_remove'; 
     
    378374        $id = (int) $id; 
    379375        $user = get_userdata( $id ); 
    380         if ( $id == $current_user->ID && !is_super_admin() ) { 
    381             /* translators: 1: user id, 2: user login */ 
    382             echo "<li>" . sprintf(__('ID #%1$s: %2$s <strong>The current user will not be removed.</strong>'), $id, $user->user_login) . "</li>\n"; 
    383         } elseif ( !current_user_can('remove_user', $id) ) { 
     376        if ( ! current_user_can( 'remove_user', $id ) ) { 
    384377            /* translators: 1: user id, 2: user login */ 
    385378            echo "<li>" . sprintf(__('ID #%1$s: %2$s <strong>Sorry, you are not allowed to remove this user.</strong>'), $id, $user->user_login) . "</li>\n"; 
  • trunk/src/wp-includes/capabilities.php

    r39494 r39588  
    3333    switch ( $cap ) { 
    3434    case 'remove_user': 
    35         $caps[] = 'remove_users'; 
     35        // In multisite the user must be a super admin to remove themselves. 
     36        if ( isset( $args[0] ) && $user_id == $args[0] && ! is_super_admin( $user_id ) ) { 
     37            $caps[] = 'do_not_allow'; 
     38        } else { 
     39            $caps[] = 'remove_users'; 
     40        } 
    3641        break; 
    3742    case 'promote_user': 
  • trunk/tests/phpunit/tests/user/capabilities.php

    r39555 r39588  
    17581758        $this->assertFalse( current_user_can( 'add_user_meta', self::$users['subscriber']->ID, 'foo' ) ); 
    17591759    } 
     1760 
     1761    /** 
     1762     * @ticket 39063 
     1763     */ 
     1764    public function test_only_super_admins_can_remove_themselves_on_multisite() { 
     1765        if ( ! is_multisite() ) { 
     1766            $this->markTestSkipped( 'Test only runs in multisite.' ); 
     1767        } 
     1768 
     1769        $this->assertTrue( user_can( self::$super_admin->ID, 'remove_user', self::$super_admin->ID ) ); 
     1770 
     1771        $this->assertFalse( user_can( self::$users['administrator']->ID, 'remove_user', self::$users['administrator']->ID ) ); 
     1772        $this->assertFalse( user_can( self::$users['editor']->ID,        'remove_user', self::$users['editor']->ID ) ); 
     1773        $this->assertFalse( user_can( self::$users['author']->ID,        'remove_user', self::$users['author']->ID ) ); 
     1774        $this->assertFalse( user_can( self::$users['contributor']->ID,   'remove_user', self::$users['contributor']->ID ) ); 
     1775        $this->assertFalse( user_can( self::$users['subscriber']->ID,    'remove_user', self::$users['subscriber']->ID ) ); 
     1776    } 
    17601777} 
Note: See TracChangeset for help on using the changeset viewer.