WordPress.org

Make WordPress Core

Opened 5 years ago

Last modified 6 months ago

#14460 new feature request

New Permission for no_user_edit so users with edit_users can't edit it

Reported by: brandon.wamboldt Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 3.0
Component: Users Keywords: has-patch needs-testing dev-feedback
Focuses: multisite Cc:

Description

I recently experienced a problem where I have an administrator role with full access and a site administrator role with most access including the ability add, edit, and delete users. However, I don't want the Site Administrator to be able to delete users of the role Administrator.

The change I'm proposing is a new permission or marker which states that if enabled, this user can't be changed by another user who isn't the same role. If possible, I might try to add the patch myself.

This is a fairly important issue which would is interfering with WordPress' use as a content management system, and the only work around I've found is to edit core file.

Attachments (1)

14460.patch (1.3 KB) - added by linuxologos 3 years ago.

Download all attachments as: .zip

Change History (5)

comment:1 @nacin4 years ago

  • Milestone changed from Awaiting Review to Future Release

@linuxologos3 years ago

comment:2 @linuxologos3 years ago

  • Keywords has-patch needs-testing added; user role delete immune removed

If we were to use a new capability to fix this, it seems rather simple (at first look at least).

If for example the administrator was given a "Self protect" capability, then (edit|delete)_user could be checked against this new cap. If another user could edit/delete users, he could do so only for users without the "self protect" cap, unless he himself has the same cap (the administrator in this example).

14460.patch tries to implement this through map_meta_cap(). It's a first pass. Please give an user or role the "self_protect" cap and test.

comment:3 @trepmal3 years ago

In the meantime - or if this is deemed plugin-territory - this code might help: https://gist.github.com/1518263

It's just a proof-of-concept at this point and will likely require some refining and customization.

comment:4 @chriscct76 months ago

  • Focuses multisite added
  • Keywords dev-feedback added
  • Severity changed from major to normal

I could swear this is a duplicate of another ticket proposing a solution where site admins cannot delete other site admins (only network admins could delete site admins), except after extensive searching I have yet to find it.

That being said, this seems something that either could be handled by a plugin or could be handled by core. Maybe one of the core devs working on the MS improvements want to weight in on that?

Note: See TracTickets for help on using tickets.