#13000 closed defect (bug) (fixed)
delete_themes and delete_plugins caps do not obey DISALLOW_FILE_EDIT
Reported by: | ryan | Owned by: | ryan |
---|---|---|---|
Milestone: | 3.0 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Security | Keywords: | |
Focuses: | Cc: |
Description
Should they? Deleting is a file modification.
Change History (8)
#2
@
14 years ago
This comes up from sites that manage everything through svn, themes and plugins included. A means of disabling theme and plugin delete links for such sites would be nice.
#3
@
14 years ago
Such sites would probably need to disallow anything that touches files. Plugin/theme update, delete, install, and edit as well as core upgrades.
Note: See
TracTickets for help on using
tickets.
I'm leaning toward no, they shouldn't. Disallowing plugin/theme deletes seems an overloading of DISALLOW_FILE_EDIT. I can see someone setting DISALLOW_FILE_EDIT but still wanting to be able to delete plugins/themes.