WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#21786 closed defect (bug) (fixed)

remove_cap can't unset a negative capability

Reported by: johnjamesjacoby Owned by: ryan
Milestone: 3.5 Priority: normal
Severity: minor Version:
Component: Role/Capability Keywords: has-patch needs-unit-tests
Focuses: Cc:

Description

WP_User::add_cap() accepts two parameters -- the second decides if a user does or does not have the capability. I.E.:

$user->add_cap( 'foo', false );

means a user will not have a capability that any role otherwise allows.

WP_User::remove_cap( 'foo' ) incorrectly does an empty() check rather than ! isset(), preventing negative capabilities from being unset from a users individual capabilities array.

This makes it impossible to revert negative capabilities without first making them positive, and then removing them.

See: #9128

Attachments (1)

21786.patch (383 bytes) - added by johnjamesjacoby 6 years ago.

Download all attachments as: .zip

Change History (5)

#1 @scribu
6 years ago

  • Milestone changed from Awaiting Review to 3.5
  • Severity changed from normal to minor

#3 @ryan
6 years ago

  • Owner set to ryan
  • Resolution set to fixed
  • Status changed from new to closed

In [21940]:

Allow remove_cap() to unset a negative capability. Props johnjamesjacoby. fixes #21786

Note: See TracTickets for help on using tickets.