#35551 closed enhancement (fixed)
current_user_can always returns true for Super Admins (Doc update)
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Milestone: | 4.5 | Priority: | normal |
| Severity: | normal | Version: | 4.4.1 |
| Component: | Role/Capability | Keywords: | |
| Focuses: | docs | Cc: |
Description
Codex documentation needs update on current_user_can()
The documentation does not state, that current_user_can("capability") always will return true if user is Super Admin - caused me some grief, that I would like to save others :)
I suggest to add the following to the Notes section:
current_user_can( $capability ) will aways return true if user is Super Admin, unless specifically denied
Below code is from: https://developer.wordpress.org/reference/classes/wp_user/has_cap/
// Multisite super admin has all caps by definition, Unless specifically denied.
if ( is_multisite() && is_super_admin( $this->ID ) ) {
if ( in_array('do_not_allow', $caps) )
return false;
return true;
}
Change History (10)
#3
@
7 years ago
We do have it noted inline already. Unless we want to be more explicit in the function docs.
@finnj The Codex can be updated by any logged in user if you'd like to make a change there.
#4
follow-up:
↓ 6
@
7 years ago
@jeremyfelt the inline is on wp_user has_cap, not on current_user_can()
I added a note on the codex (didn't know I could), and tried on the code reference documentation, but I did not formal the link correctly so it does not look good - Most likely this will be captured by moderation, as I cant edit my note...
https://developer.wordpress.org/reference/functions/current_user_can/
you can close this ticket
#5
@
7 years ago
As current_user_can is the API function developers are expected to use, a reference on the inline docs makes sense to me. @DrewAPicture - would you agree?
Seems like a good idea to say this in our docs in the right places.