#21786 closed defect (bug) (fixed)
remove_cap can't unset a negative capability
Reported by: |
|
Owned by: |
|
---|---|---|---|
Milestone: | 3.5 | Priority: | normal |
Severity: | minor | Version: | |
Component: | Role/Capability | Keywords: | has-patch needs-unit-tests |
Focuses: | Cc: |
Description
WP_User::add_cap() accepts two parameters -- the second decides if a user does or does not have the capability. I.E.:
$user->add_cap( 'foo', false );
means a user will not have a capability that any role otherwise allows.
WP_User::remove_cap( 'foo' ) incorrectly does an empty() check rather than ! isset(), preventing negative capabilities from being unset from a users individual capabilities array.
This makes it impossible to revert negative capabilities without first making them positive, and then removing them.
See: #9128
Attachments (1)
Change History (5)
Note: See
TracTickets for help on using
tickets.
They can go in here: http://unit-tests.trac.wordpress.org/browser/trunk/tests/user/capabilities.php