Opened 15 years ago
Closed 15 years ago
#12691 closed defect (bug) (fixed)
Editing a page or custom post type requires edit_posts capability
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | 3.0 | Priority: | normal |
| Severity: | normal | Version: | 3.0 |
| Component: | Posts, Post Types | Keywords: | has-patch |
| Focuses: | Cc: |
Description
In r13810 (WP 3.0-alpha), it is not possible to create a role which gives users only the capability to edit pages or custom post types, without also assigning the edit_posts capability.
To reproduce, create a role with all *_page(s) capabilities plus read, but without edit_posts (I used the "Members" plugin for that). Then create a user with this role and log in. The menu items for editing and adding new pages will be shown, but clicking "Edit" fails with "Cheatin' uh?".
Similarly, you can also create a new post type with a custom "capability_type". Even if you create all the capabilities and add them to the role, only the menu title will show up, while "Edit" and "Add new" are missing. Trying to call the edit page directly produces the same results as above.
The patch fixes these two bugs by checking for $post_type_object->edit_type_cap instead of edit_posts.
Looks okay to me.