edit-comments.php not available to roles with proper capabilities
|Reported by:||sillybean||Owned by:|
I tried to create a Comment Moderator role today and realized it wouldn't work. My intention was to create a role for people who can't write or edit posts, but can keep an eye on the comment threads. I created the role like so:
add_role('moderator', 'Moderator', array( 'read' => 1, 'moderate_comments' => 1, ));
... then created a new user with that role. When I logged in as my test user, I realized that it was for all intents and purposes a Subscriber. I couldn't see any admin panels but the Dashboard, my profile, and the Tools. I went poking around in edit-comments.php and discovered that it's checking for another capability altogether:
if ( !current_user_can('edit_posts') ) wp_die(__('Cheatin’ uh?'));
I double-checked wp-admin/includes/menu.php and it agreed that 'edit_posts' was the minimum capability to see this page, so I tried adding 'edit_posts' to my new role, and I still couldn't get there.
Later on in edit-comments.php, when actually trashing a comment, there is a check for 'moderate_comments', but it's a moot point: this screen doesn't even show up in the admin menu, and if you navigate directly to it, you'll get the "You do not have sufficient permissions to access this page" message.
I thought it was entirely possible I'd missed some finer point of creating roles, so I redid it with Justin Tadlock's excellent Members plugin, and that didn't work either.
This behavior might be intentional, but if so, I'm not following the logic. I know roles are due for an overhaul in the next version or two.
Change History (32)
comment:11 nacin — 3 years ago
- Keywords needs-patch added
- Milestone changed from Awaiting Triage to Future Release
- Type changed from defect (bug) to enhancement