#15122 closed defect (bug) (fixed)
current_user_can_for_blog() doesn't use map_meta_cap for multisite user admins
Reported by: | jamescollins | Owned by: | |
---|---|---|---|
Milestone: | 3.0.2 | Priority: | normal |
Severity: | normal | Version: | 3.0 |
Component: | Role/Capability | Keywords: | |
Focuses: | Cc: |
Description
[12796] introduced a new current_user_can_for_blog() function, which was based on how the existing current_user_can() function was implemented.
This included this check:
if( is_multisite() && is_super_admin() ) return true;
Then in [13270]/#12109, the current_user_can() function was modified so that map_meta_cap is always used for multisite user admins.
However this change didn't include the necessary change to the current_user_can_for_blog() function as well.
This means that currently the current_user_can_for_blog() will always return true for multisite user admins, without map_meta_cap ever being used.
Patch attached.
Attachments (1)
Change History (11)
#1
@
14 years ago
- Keywords has-patch added
I realise we're close to 3.1 feature freeze, but it would be great if we could get this change committed so its included in 3.1.
Thanks.
#2
@
14 years ago
- Milestone changed from Awaiting Review to 3.0.2
This looks like a bug, so it would be unaffected by the freeze.
Setting to 3.0.2 actually.
#4
@
14 years ago
nacin, if this has a 3.0.2 milestone doesn't it need to be committed to the 3.0 branch as well as trunk?
Thanks.
#5
@
14 years ago
Wasn't sure if I wanted to apply it to 3.0.2. This isn't a function that's actually used in core, and it doesn't look like it's used in any plugins based on a quick site:plugins.svn.wordpress.org
search on Google. I suppose we should apply it to 3.0, because it will return incorrect (though not truly disastrous) results.
#6
@
14 years ago
nacin, it would be good to either set the milestone of this ticket to 3.1, or commit this fix to the 3.0 branch.
Thanks.
#7
@
14 years ago
- Milestone changed from 3.0.2 to 3.1
- Resolution set to fixed
- Status changed from new to closed
Sure thing.
#8
@
14 years ago
- Milestone changed from 3.1 to 3.0.2
- Resolution fixed deleted
- Status changed from closed to reopened
Patch against trunk r15811