Changeset 61089 for trunk/src/wp-includes/comment.php

Timestamp:

10/30/2025 11:54:22 AM (3 months ago)

Author:

wildworks

Message:

Editor: Add auth_callback to _wp_note_status comment meta.

Adds an auth_callback to the _wp_note_status comment meta so that only users with the edit_comment capability can update this meta field via the REST API.

This is necessary to ensure that users can properly resolve or reopen Notes.

Props wildworks, adamsilverstein, westonruter, mamaduka, desrosj.
Fixes #64153.

File:

• trunk/src/wp-includes/comment.php (modified) (1 diff)

trunk/src/wp-includes/comment.php

@@ -4130 +4130 @@
                 ),
             ),
+            'auth_callback' => function ( $allowed, $meta_key, $object_id ) {
+                return current_user_can( 'edit_comment', $object_id );
+            },
         )
     );
 }
-add_action( 'init', 'wp_create_initial_comment_meta' );