Make WordPress Core

Changeset 57123


Ignore:
Timestamp:
11/17/2023 05:09:09 PM (14 months ago)
Author:
SergeyBiryukov
Message:

Coding Standards: Rewrite a few capability checks for clarity and readability.

This aims to:

  • Perform the checks as early as possible to avoid redundant function calls.
  • Remove an empty conditiaonal branch and make the exit conditions clearer.
  • Bring the formatting in line with other multi-line conditionals in core.

Follow-up to [56836].

See #59650.

Location:
trunk/src/wp-admin/includes
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/class-wp-comments-list-table.php

    r57120 r57123  
    639639        global $post, $comment;
    640640
     641        // Restores the more descriptive, specific name for use within this method.
    641642        $comment = $item;
     643
     644        if ( $comment->comment_post_ID > 0 ) {
     645            $post = get_post( $comment->comment_post_ID );
     646        }
     647
     648        $edit_post_cap = $post ? 'edit_post' : 'edit_posts';
     649
     650        if ( ! current_user_can( $edit_post_cap, $comment->comment_post_ID )
     651            && ( ! empty( $post->post_password )
     652                || ! current_user_can( 'read_post', $comment->comment_post_ID ) )
     653        ) {
     654            // The user has no access to the post and thus cannot see the comments.
     655            return false;
     656        }
    642657
    643658        $the_comment_class = wp_get_comment_status( $comment );
     
    649664        $the_comment_class = implode( ' ', get_comment_class( $the_comment_class, $comment, $comment->comment_post_ID ) );
    650665
    651         if ( $comment->comment_post_ID > 0 ) {
    652             $post = get_post( $comment->comment_post_ID );
    653         }
    654 
    655666        $this->user_can = current_user_can( 'edit_comment', $comment->comment_ID );
    656 
    657         $edit_post_cap = $post ? 'edit_post' : 'edit_posts';
    658         if (
    659             current_user_can( $edit_post_cap, $comment->comment_post_ID ) ||
    660             (
    661                 empty( $post->post_password ) &&
    662                 current_user_can( 'read_post', $comment->comment_post_ID )
    663             )
    664         ) {
    665             // The user has access to the post and thus can see comments.
    666         } else {
    667             return false;
    668         }
    669667
    670668        echo "<tr id='comment-$comment->comment_ID' class='$the_comment_class'>";
  • trunk/src/wp-admin/includes/class-wp-list-table.php

    r57120 r57123  
    829829     */
    830830    protected function comments_bubble( $post_id, $pending_comments ) {
     831        $post_object   = get_post( $post_id );
     832        $edit_post_cap = $post_object ? 'edit_post' : 'edit_posts';
     833
     834        if ( ! current_user_can( $edit_post_cap, $post_id )
     835            && ( ! empty( $post_object->post_password )
     836                || ! current_user_can( 'read_post', $post_id ) )
     837        ) {
     838            // The user has no access to the post and thus cannot see the comments.
     839            return false;
     840        }
     841
    831842        $approved_comments = get_comments_number();
    832843
     
    851862            $pending_comments_number
    852863        );
    853 
    854         $post_object   = get_post( $post_id );
    855         $edit_post_cap = $post_object ? 'edit_post' : 'edit_posts';
    856         if (
    857             current_user_can( $edit_post_cap, $post_id ) ||
    858             (
    859                 empty( $post_object->post_password ) &&
    860                 current_user_can( 'read_post', $post_id )
    861             )
    862         ) {
    863             // The user has access to the post and thus can see comments.
    864         } else {
    865             return false;
    866         }
    867864
    868865        if ( ! $approved_comments && ! $pending_comments ) {
  • trunk/src/wp-admin/includes/dashboard.php

    r56836 r57123  
    10891089
    10901090        foreach ( $possible as $comment ) {
    1091             if ( ! current_user_can( 'read_post', $comment->comment_post_ID ) ) {
     1091            $comment_post = get_post( $comment->comment_post_ID );
     1092
     1093            if ( ! current_user_can( 'edit_post', $comment->comment_post_ID )
     1094                && ( ! empty( $comment_post->post_password )
     1095                    || ! current_user_can( 'read_post', $comment->comment_post_ID ) )
     1096            ) {
     1097                // The user has no access to the post and thus cannot see the comments.
    10921098                continue;
    10931099            }
     
    11101116        echo '<ul id="the-comment-list" data-wp-lists="list:comment">';
    11111117        foreach ( $comments as $comment ) {
    1112             $comment_post = get_post( $comment->comment_post_ID );
    1113             if (
    1114                 current_user_can( 'edit_post', $comment->comment_post_ID ) ||
    1115                 (
    1116                     empty( $comment_post->post_password ) &&
    1117                     current_user_can( 'read_post', $comment->comment_post_ID )
    1118                 )
    1119             ) {
    1120                 _wp_dashboard_recent_comments_row( $comment );
    1121             }
     1118            _wp_dashboard_recent_comments_row( $comment );
    11221119        }
    11231120        echo '</ul>';
Note: See TracChangeset for help on using the changeset viewer.