WordPress.org

Make WordPress Core

Opened 7 months ago

Closed 7 months ago

#39059 closed defect (bug) (fixed)

Remove unnecessary `is_super_admin()` checks for editing others posts

Reported by: flixos90 Owned by: flixos90
Milestone: 4.8 Priority: normal
Severity: normal Version:
Component: Role/Capability Keywords: has-patch
Focuses: multisite Cc:

Description

This is part of the #37616 task. Since super admins have all capabilities anyway, the checks in wp-admin/edit-form-advanced.php and wp-admin/includes/class-wp-posts-list-table.php are not necessary.

See https://core.trac.wordpress.org/ticket/37616#comment:23

Attachments (1)

39059.diff (1.3 KB) - added by flixos90 7 months ago.

Download all attachments as: .zip

Change History (5)

@flixos90
7 months ago

#1 @flixos90
7 months ago

  • Keywords has-patch added
  • Owner set to flixos90
  • Status changed from new to assigned

#2 @johnbillion
7 months ago

  • Type changed from enhancement to defect (bug)

#3 @jeremyfelt
7 months ago

39059.diff looks good, @flixos90. Can we combine the first two if clauses now that is_super_admin() is removed?

if ( post_type_supports($post_type, 'author') && current_user_can( .... ) )

That changes a bit more code, but leaves a cleaner read IMO.

#4 @flixos90
7 months ago

  • Resolution set to fixed
  • Status changed from assigned to closed

In 39539:

Multisite: Remove redundant is_super_admin() when checking for edit_others_posts.

The super admin on multisite as well as the administrator on non-multisite both have this capability already. For custom post types using different capabilities this change ensures that only users with that capability have permissions.

Fixes #39059. See #37616.

Note: See TracTickets for help on using tickets.