WordPress.org

Make WordPress Core

Changeset 43147


Ignore:
Timestamp:
05/03/2018 05:24:35 PM (3 years ago)
Author:
iandunn
Message:

Privacy: Limit Privacy Settings screen to Super Admins in Multisite.

In many common Multisite use cases, the network administrator will want to set a network-wide privacy policy -- via the privacy_policy_url filter -- for consistency and convenience. When that's done, the Privacy Settings screen on individual sites becomes unnecessary, and may confuse administrators of those sites when they see that their changes don't have any effect on the policy link in the footer.

Since we can't programatically determine which behavior the network admins would like, the safest default setting is to restrict the ability to super admins, and let them delegate it to individual site owners via a plugin, if they'd like to.

Fixes #43935.

Location:
trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/menu.php

    r43145 r43147  
    271271    $submenu['options-general.php'][30] = array( __( 'Media' ), 'manage_options', 'options-media.php' );
    272272    $submenu['options-general.php'][40] = array( __( 'Permalinks' ), 'manage_options', 'options-permalink.php' );
    273     $submenu['options-general.php'][45] = array( __( 'Privacy' ), 'manage_options', 'privacy.php' );
     273    $submenu['options-general.php'][45] = array( __( 'Privacy' ), 'manage_privacy_policy', 'privacy.php' );
    274274
    275275$_wp_last_utility_menu = 80; // The index of the last top-level menu in the utility menu group
  • trunk/src/wp-admin/privacy.php

    r43145 r43147  
    1010require_once( dirname( __FILE__ ) . '/admin.php' );
    1111
    12 if ( ! current_user_can( 'manage_options' ) ) {
     12if ( ! current_user_can( 'manage_privacy_policy' ) ) {
    1313    wp_die( __( 'Sorry, you are not allowed to manage privacy on this site.' ) );
    1414}
  • trunk/src/wp-includes/capabilities.php

    r43085 r43147  
    558558        case 'export_others_personal_data':
    559559        case 'erase_others_personal_data':
     560        case 'manage_privacy_policy':
    560561            $caps[] = is_multisite() ? 'manage_network' : 'manage_options';
    561562            break;
  • trunk/tests/phpunit/tests/user/capabilities.php

    r43085 r43147  
    240240            'export_others_personal_data' => array( 'administrator' ),
    241241            'erase_others_personal_data'  => array( 'administrator' ),
     242            'manage_privacy_policy'       => array( 'administrator' ),
    242243
    243244            'edit_categories'        => array( 'administrator', 'editor' ),
     
    274275            'export_others_personal_data' => array( '' ),
    275276            'erase_others_personal_data'  => array( '' ),
     277            'manage_privacy_policy'       => array(),
    276278
    277279            'customize'              => array( 'administrator' ),
Note: See TracChangeset for help on using the changeset viewer.