Make WordPress Core

Changeset 43286


Ignore:
Timestamp:
05/15/2018 08:43:59 PM (7 years ago)
Author:
iandunn
Message:

Privacy: Require manage_privacy_options to edit policy page.

A user is required to have the manage_privacy_options capability in order to determine which page is set as the privacy policy (the wp_page_for_privacy_policy). Given that, it doesn't make sense to allow users without that capability to edit or delete the page.

A similar situation exists with the page_for_posts and page_on_front options, but Editors are allowed to edit those pages. The reason that this situation is different is because it is more likely that an administrator will want to restrict modifications to the privacy policy, than it is that they will want to allow modifications. Modifications to the policy often require specialized knowledge of local laws, and can have implications for compliance with those laws.

Props dlh, desrosj.
Fixes #44079.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/capabilities.php

    r43155 r43286  
    122122                }
    123123            }
     124
     125            /*
     126             * Setting the privacy policy page requires `manage_privacy_options`,
     127             * so deleting it should require that too.
     128             */
     129            if ( (int) get_option( 'wp_page_for_privacy_policy' ) === $post->ID ) {
     130                $caps = array_merge( $caps, map_meta_cap( 'manage_privacy_options', $user_id ) );
     131            }
     132
    124133            break;
    125134        // edit_post breaks down to edit_posts, edit_published_posts, or
     
    184193                }
    185194            }
     195
     196            /*
     197             * Setting the privacy policy page requires `manage_privacy_options`,
     198             * so editing it should require that too.
     199             */
     200            if ( (int) get_option( 'wp_page_for_privacy_policy' ) === $post->ID ) {
     201                $caps = array_merge( $caps, map_meta_cap( 'manage_privacy_options', $user_id ) );
     202            }
     203
    186204            break;
    187205        case 'read_post':
Note: See TracChangeset for help on using the changeset viewer.