WordPress.org

Make WordPress Core

Changeset 43153


Ignore:
Timestamp:
05/03/2018 06:41:18 PM (3 years ago)
Author:
azaozz
Message:

Privacy: Limit Privacy Settings screen to Super Admins in Multisite.

In many common Multisite use cases, the network administrator will want to set a network-wide privacy policy -- via the privacy_policy_url filter -- for consistency and convenience. When that's done, the Privacy Settings screen on individual sites becomes unnecessary, and may confuse administrators of those sites when they see that their changes don't have any effect on the policy link in the footer.

Since we can't programatically determine which behavior the network admins would like, the safest default setting is to restrict the ability to super admins, and let them delegate it to individual site owners via a plugin, if they'd like to.

Merhes [43147] to the 4.9 branch.
Fixes #43935.

Location:
branches/4.9
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • branches/4.9

  • branches/4.9/src/wp-admin/menu.php

    r43152 r43153  
    257257    $submenu['options-general.php'][30] = array(__('Media'), 'manage_options', 'options-media.php');
    258258    $submenu['options-general.php'][40] = array(__('Permalinks'), 'manage_options', 'options-permalink.php');
    259     $submenu['options-general.php'][45] = array( __( 'Privacy' ), 'manage_options', 'privacy.php' );
     259    $submenu['options-general.php'][45] = array( __( 'Privacy' ), 'manage_privacy_policy', 'privacy.php' );
    260260
    261261$_wp_last_utility_menu = 80; // The index of the last top-level menu in the utility menu group
  • branches/4.9/src/wp-admin/privacy.php

    r43152 r43153  
    1010require_once( dirname( __FILE__ ) . '/admin.php' );
    1111
    12 if ( ! current_user_can( 'manage_options' ) ) {
     12if ( ! current_user_can( 'manage_privacy_policy' ) ) {
    1313    wp_die( __( 'Sorry, you are not allowed to manage privacy on this site.' ) );
    1414}
  • branches/4.9/src/wp-includes/capabilities.php

    r43111 r43153  
    542542    case 'export_others_personal_data':
    543543    case 'erase_others_personal_data':
     544    case 'manage_privacy_policy':
    544545        $caps[] = is_multisite() ? 'manage_network' : 'manage_options';
    545546        break;
  • branches/4.9/tests/phpunit/tests/user/capabilities.php

    r43111 r43153  
    239239            'export_others_personal_data' => array( 'administrator' ),
    240240            'erase_others_personal_data'  => array( 'administrator' ),
     241            'manage_privacy_policy'       => array( 'administrator' ),
    241242
    242243            'edit_categories'        => array( 'administrator', 'editor' ),
     
    272273            'export_others_personal_data' => array( '' ),
    273274            'erase_others_personal_data'  => array( '' ),
     275            'manage_privacy_policy'       => array(),
    274276
    275277            'customize'              => array( 'administrator' ),
Note: See TracChangeset for help on using the changeset viewer.