WordPress.org

Make WordPress Core

Opened 7 years ago

Closed 5 years ago

#3798 closed defect (bug) (fixed)

Admin permissions with ajax

Reported by: impleri Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.1
Component: Administration Keywords:
Focuses: Cc:

Description

I'm one of the (seemingly) many who have the "you don't have permission to do that" problem. I've tried re-asserting myself in the administrator role... No luck. Couldn't even create a user with javascript enabled. So, I did some looking into it. It appears that when the call is made to check capabilities, it is looking for the capability "unfiltered_html" first, then failing and giving the permission error. And that's with deleting categories, adding categories, deleting posts, and adding users.
Also, I double-checked the database wp_usermeta table to ensure that the two fields for my level and role were set to 10 and administrator (well, a:1{s:"Administrator";b:1;})...and they are. I hope that helps in determining the source of the error a little bit more.

Change History (4)

comment:1 markjaquith7 years ago

Could you paste the content of your $wpdb->prefix user_roles option? (e.g. wp_user_roles)

Be sure to use triple curly braces to mark it as code so the WikiFormatting doesn't eat it.

comment:2 impleri7 years ago

I forgot about this! (until it started happening on a clean blog). I am currently noticing it for creating categories. It won't do it through the AJAX.

$wp_user_roles = array(
	"administrator" => array(
		"name" => "Administrator",
		"capabilities" => array(
			"switch_themes" = 1,
			"edit_themes" = 1,
			"activate_plugins" = 1,
			"edit_plugins" = 1,
			"edit_users" = 1,
			"edit_files" = 1,
			"manage_options" = 1,
			"moderate_comments" = 1,
			"manage_categories" = 1,
			"manage_links" = 1,
			"upload_files" = 1,
			"import" = 1,
			"unfiltered_html" = 1,
			"edit_posts" = 1,
			"edit_others_posts" = 1,
			"edit_published_posts" = 1,
			"publish_posts" = 1,
			"edit_pages" = 1,
			"read" = 1,
			"level_10" = 1,
			"level_9" = 1,
			"level_8" = 1,
			"level_7" = 1,
			"level_6" = 1,
			"level_5" = 1,
			"level_4" = 1,
			"level_3" = 1,
			"level_2" = 1,
			"level_1" = 1,
			"level_0" = 1,
			"edit_others_pages" = 1,
			"edit_published_pages" = 1,
			"publish_pages" = 1,
			"delete_pages" = 1,
			"delete_others_pages" = 1,
			"delete_published_pages" = 1,
			"delete_posts" = 1,
			"delete_others_posts" = 1,
			"delete_published_posts" = 1,
			"delete_private_posts" = 1,
			"edit_private_posts" = 1,
			"read_private_posts" = 1,
			"delete_private_pages" = 1,
			"edit_private_pages" = 1,
			"read_private_pages" = 1,
			"delete_users" = 1,
			"create_users" = 1,
		),
	),
	"editor" => array(
		"name" => "Editor",
		"capabilities" => array(
			"moderate_comments" = 1,
			"manage_categories" = 1,
			"manage_links" = 1,
			"upload_files" = 1,
			"unfiltered_html" = 1,
			"edit_posts" = 1,
			"edit_others_posts" = 1,
			"edit_published_posts" = 1,
			"publish_posts" = 1,
			"edit_pages" = 1,
			"read" = 1,
			"level_7" = 1,
			"level_6" = 1,
			"level_5" = 1,
			"level_4" = 1,
			"level_3" = 1,
			"level_2" = 1,
			"level_1" = 1,
			"level_0" = 1,
			"edit_others_pages" = 1,
			"edit_published_pages" = 1,
			"publish_pages" = 1,
			"delete_pages" = 1,
			"delete_others_pages" = 1,
			"delete_published_pages" = 1,
			"delete_posts" = 1,
			"delete_others_posts" = 1,
			"delete_published_posts" = 1,
			"delete_private_posts" = 1,
			"edit_private_posts" = 1,
			"read_private_posts" = 1,
			"delete_private_pages" = 1,
			"edit_private_pages" = 1,
			"read_private_pages" = 1,
		),
	),
	"author" => array(
		"name" => "Author",
		"capabilities" => array(
			"upload_files" = 1,
			"edit_posts" = 1,
			"edit_published_posts" = 1,
			"publish_posts" = 1,
			"read" = 1,
			"level_2" = 1,
			"level_1" = 1,
			"level_0" = 1,
			"delete_posts" = 1,
			"delete_published_posts" = 1,
		),
	),
	"contributor" => array(
		"name" => "Contributor",
		"capabilities" => array(
			"edit_posts" = 1,
			"read" = 1,
			"level_1" = 1,
			"level_0" = 1,
			"delete_posts" = 1,
		),
	),
	"subscriber" => array(
		"name" => "Subscriber",
		"capabilities" => array(
			"read" = 1,
			"level_0" = 1,
		),
	),
);

comment:3 Nazgul7 years ago

  • Milestone changed from 2.3 to 2.5

comment:4 Denis-de-Bernardy5 years ago

  • Milestone 2.9 deleted
  • Resolution set to fixed
  • Status changed from new to closed

Haven't noticed any weird issues in recent months, when upgrading sites, so I take it this is fixed.

Note: See TracTickets for help on using tickets.