Changeset 43111 for branches/4.9/src/wp-admin/includes/ajax-actions.php
- Timestamp:
- 05/02/2018 03:48:27 AM (7 years ago)
- Location:
- branches/4.9
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.9
-
branches/4.9/src/wp-admin/includes/ajax-actions.php
r43110 r43111 4035 4035 } 4036 4036 4037 if ( ! current_user_can( ' manage_options' ) ) {4037 if ( ! current_user_can( 'export_others_personal_data' ) ) { 4038 4038 wp_send_json_error( __( 'Invalid request.' ) ); 4039 4039 } … … 4213 4213 } 4214 4214 4215 if ( ! current_user_can( 'delete_users' ) ) { 4215 // Both capabilities are required to avoid confusion, see `_wp_personal_data_removal_page()`. 4216 if ( ! current_user_can( 'erase_others_personal_data' ) || ! current_user_can( 'delete_users' ) ) { 4216 4217 wp_send_json_error( __( 'Invalid request.' ) ); 4217 4218 }
Note: See TracChangeset
for help on using the changeset viewer.