Make WordPress Core


Ignore:
Timestamp:
06/10/2019 07:41:12 AM (5 years ago)
Author:
peterwilsoncc
Message:

Site health: Introduce view_site_health_checks capability.

Introduces the faux primitive capability view_site_health_checks available to single site admins and multisite super-admin to view the site health page within the admin.

The capability is mapped to the install_plugins capability without being dependent on the file system being writable. This fixes a bug where the feature couldn't be used by sites unable to write to the file system or managed through version control.

The capability is granted on the user_has_cap filter.

Props birgire, Clorith, palmiak, peterwilsoncc, spacedmonkey.
Fixes #46957.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/ajax-actions.php

    r45424 r45507  
    48704870    check_ajax_referer( 'health-check-site-status' );
    48714871
    4872     if ( ! current_user_can( 'install_plugins' ) ) {
     4872    if ( ! current_user_can( 'view_site_health_checks' ) ) {
    48734873        wp_send_json_error();
    48744874    }
     
    48904890    wp_verify_nonce( 'health-check-site-status' );
    48914891
    4892     if ( ! current_user_can( 'install_plugins' ) ) {
     4892    if ( ! current_user_can( 'view_site_health_checks' ) ) {
    48934893        wp_send_json_error();
    48944894    }
     
    49104910    check_ajax_referer( 'health-check-site-status' );
    49114911
    4912     if ( ! current_user_can( 'install_plugins' ) ) {
     4912    if ( ! current_user_can( 'view_site_health_checks' ) ) {
    49134913        wp_send_json_error();
    49144914    }
     
    49314931    check_ajax_referer( 'health-check-site-status' );
    49324932
    4933     if ( ! current_user_can( 'install_plugins' ) ) {
     4933    if ( ! current_user_can( 'view_site_health_checks' ) ) {
    49344934        wp_send_json_error();
    49354935    }
     
    49514951    check_ajax_referer( 'health-check-site-status-result' );
    49524952
    4953     if ( ! current_user_can( 'install_plugins' ) ) {
     4953    if ( ! current_user_can( 'view_site_health_checks' ) ) {
    49544954        wp_send_json_error();
    49554955    }
     
    49684968    check_ajax_referer( 'health-check-site-status-result' );
    49694969
    4970     if ( ! current_user_can( 'install_plugins' ) || is_multisite() ) {
     4970    if ( ! current_user_can( 'view_site_health_checks' ) || is_multisite() ) {
    49714971        wp_send_json_error();
    49724972    }
Note: See TracChangeset for help on using the changeset viewer.