Opened 15 years ago
Closed 15 years ago
#10806 closed defect (bug) (fixed)
XMLRPC references level_8 capability
Reported by: | dd32 | Owned by: | josephscott |
---|---|---|---|
Milestone: | 3.0 | Priority: | normal |
Severity: | normal | Version: | 2.9 |
Component: | XML-RPC | Keywords: | has-patch |
Focuses: | multisite | Cc: |
Description
the WPMU part of the wp_getUsersBlogs() XMLRPC method refers directly to the 'level_8' capability, The usage of user levels has been deprecated for awhile..
I'm not entirely too sure how this applies to MU, so am not providing a patch..
Affected line: http://core.trac.wordpress.org/browser/trunk/xmlrpc.php#L472
s/level_10/administrator/ would appear to me to be the best solution to me.. but not sure if that role is used by MU.. possibly checking a capability would be better such as manage_options ?
And before someone mentions this should be on the WPMU trac, This is WPMU specific code in WP.
Attachments (1)
Change History (8)
#3
@
15 years ago
s/level_8/manage_options/ seems accurate here, that's generally the defining capability of an administrator.
I'm wondering who should be able to access the users of a blog though, Just the superadmin, the owner of a blog, etc.
#4
@
15 years ago
Oh, wait, yea: "Retrieve the blogs of the user."
That's is_super_admin() territory.
#5
@
15 years ago
I'm wondering who should be able to access the users of a blog though, Just the superadmin, the owner of a blog, etc.
The function is to retrieve the blogs that the current user belongs to. The isAdmin flag is a way to indicate whether the user can administrate the blog. Of course, it being a single flag that needs to be compatible, we can't get into capabilities.
We associate manage_options closest to the persona of administrator so we should go with that.
s/level_8/manage_options/ seems accurate here, that's generally the defining capability of an administrator.