Introduce edit_comment meta cap

[scribu]

Currently, the edit_post meta cap is used to determine wether a user is allowed to edit a comment or not.

This makes it difficult to restrict editing on a per comment level.

Having a dedicated meta capability would allow more flexibility.

[scribu]

edit_comment.diff allows non-moderators to only edit their own comments.

If someone wants the old behaviour, where an author can edit any comment on one of his posts, they can plug into map_meta_cap, which is the entire point: make it easier to change the comment editing policy.

[nacin]

I don't believe we should change the behavior; I think that's a danger zone. Making this a meta cap probably is a good amount of sense, however.

That said -- duplicate of #12104.

[scribu]

use edit_comment in more places

[scribu]

That said -- duplicate of #12104.

I would say #12104 is a subset of this ticket.

[ryan]

Can we preserve current policy for now and address changing that in a separate ticket?

[scribu]

Ok, we'll leave the policy change for #12104

[scribu]

preserve current policy

[nacin]

Replying to scribu:

Ok, we'll leave the policy change for #12104

One thing though, I don't think that ticket is advocating for a change in the current policy, only in how the capabilities are used. Thus edit_comment (or should it be moderate_comment?) would still call edit_post but that could be changed to enable someone to not have edit_posts capabilities but do have the abilities to moderate comments. That's how I see it, anyway.

[scribu]

Alright, I'll open a new ticket. No more policy talk in this ticket, please. :)

[ryan]

Does the current_user_can check in edit-comments.php need to change?

[scribu]

also update edit-comment.php

[scribu]

Indeed it does. Updated patch.

[scribu]

(In [15596]) Introduce 'edit_comment' meta cap. Fixes #14520

[nestor_at_mash]

Hi all,
The edit_comment capability has not been defined on wp-admin\includes\schema.php
I think, something like the following should be added to schema.php:
populate_roles_310(){

$roles = array('administrator', 'editor', 'author', 'contributor');
foreach ($roles as $role) {

$role =& get_role($role);
if ( empty($role) )

continue;

$role->add_cap( 'edit_comment' );

}

}

and add the line:

populate_roles_310();

to the populate_roles() function

Note: I couldn't decide to reopen this ticket or start a new one ... so I am just adding this comment here in hopes that the author of this fix can implement this.

[dd32]

Replying to nestor_at_mash:

Hi all,
The edit_comment capability has not been defined on wp-admin\includes\schema.php

The edit_comment cap is a meta capability that is, a capability which maps to other real capabilities, it's really just an conditional alias: ​the magic happens here where it's mapped to the Post Type's Edit capability.

So; you should never see a user with the 'edit_comment' cap specifically, but you will have users who it passes as true for since behind the scenes it maps to another real capability which they do have.