WordPress.org

Make WordPress Core

Opened 8 years ago

Closed 8 years ago

Last modified 8 years ago

#19916 closed defect (bug) (duplicate)

wp.deleteComment, wp.editComment shoud work for authors

Reported by: nprasath002 Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.3.1
Component: XML-RPC Keywords: has-patch
Focuses: Cc:

Description

wp.editComment, wp.deleteComment checks for 'moderate_comments' which authors dont have

Attachments (1)

wp.editComment.patch (1.2 KB) - added by nprasath002 8 years ago.

Download all attachments as: .zip

Change History (6)

#1 follow-up: @maxcutler
8 years ago

I think removing the cap check is the wrong approach. Instead of checking 'moderate_comments', it should really just check the 'edit_comment' meta-cap (which takes the comment ID as a parameter).

#2 in reply to: ↑ 1 ; follow-up: @nprasath002
8 years ago

Replying to maxcutler:

I think removing the cap check is the wrong approach. Instead of checking 'moderate_comments', it should really just check the 'edit_comment' meta-cap (which takes the comment ID as a parameter).

Thats what the patch does.

#3 in reply to: ↑ 2 @maxcutler
8 years ago

  • Cc max@… added

Replying to nprasath002:

Thats what the patch does.

Ah yes, you are correct. Trac's patch context didn't show that there's a call to current_user_can( 'edit_comment', $comment_ID ) later in the method.

The error message for that later check should probably be revised to be more accurate, but otherwise I'm +1.

#4 @nprasath002
8 years ago

  • Resolution set to duplicate
  • Status changed from new to closed

A combined patch is submitted in #17981

#5 @ocean90
8 years ago

  • Milestone Awaiting Review deleted
Note: See TracTickets for help on using tickets.