Context Navigation

← Previous Change
Next Change →

capabilities.php

Timestamp:

05/02/2018 01:07:00 AM (7 years ago)

Author:

iandunn

Message:

Privacy: Limit export and erasure to super admins on Multisite.

Multisite networks have a variety of use cases, and in many of them single-site administrators are not trusted to take actions that affect the whole network, require making decisions about legal compliance, etc. By default, those actions should require super admin capabilities. Plugins can be used to override that behavior if a particular site's use case calls for it.

Props allendav, jeremyfelt, iandunn.
Fixes #43919.

File:

: 1 edited

trunk/src/wp-includes/capabilities.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/src/wp-includes/capabilities.php

-                      r42875
+                      r43085
+            }
             break;
+        case 'export_others_personal_data':
+        case 'erase_others_personal_data':
+            $caps[] = is_multisite() ? 'manage_network' : 'manage_options';
+            break;
         default:
             // Handle meta capabilities for custom post types.

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core

Context Navigation

Changeset 43085 for trunk/src/wp-includes/capabilities.php

Legend:

trunk/src/wp-includes/capabilities.php

Download in other formats: