WordPress.org
Get WordPress

Make WordPress Core

Opened 8 years ago

Closed 8 years ago

#39082 closed enhancement (fixed)

Menu items in the My Sites -> Network Admin menu should use individual capability checks

Reported by: johnbillion's profile johnbillion Owned by: flixos90's profile flixos90
Milestone: 4.8 Priority: normal
Severity: normal Version: 3.0
Component: Toolbar Keywords: good-first-bug has-patch commit has-unit-tests
Focuses: multisite Cc:

Description

The following menu items under My Sites -> Network Admin always appear if the user has the manage_network capability. They should use appropriate cap checks to determine whether or not to show each menu item.

  • Sites (manage_sites)
  • Users (manage_network_users)
  • Themes (manage_network_themes)
  • Plugins (manage_network_plugins)
  • Settings (manage_network_options)

Attachments (3)

39082-partial-1.patch (1.7 KB) - added by achbed 8 years ago.
39082.patch (2.6 KB) - added by chandrapatel 8 years ago.
Added capability check for each sub menu.
39082.diff (5.6 KB) - added by flixos90 8 years ago.

Download all attachments as: .zip

Change History (9)

#1 @achbed
8 years ago

It appears that menu items are still there, because some submenu items are legitimately available (they use alternate cap checks). For example, if someone has create_sites capability, then they will still see the Sites menu because the Add New submenu item is there. They would not see the All Sites submenu item unless they also have manage_sites capability.

The main Sites menu (when selected) always ends up at sites.php - which may not be available based on the capability check.

To fix this, we'd have to alter the top-level menu for each item based on a capability check, and we would have to agree on where that top-level menu should point to.

I've prepped an example patch showing the proposed logic in place for sites and users so we can validate the approach.

@achbed
8 years ago

#2 @flixos90
8 years ago

Hi @achbed, and thanks for the patch!

However the issue here is about the menu items shown in the admin bar dropdown, not the admin menu on the left side of the screen. Regarding what you're proposing, could you please open a new separate ticket for it and upload your patch there?

@chandrapatel
8 years ago

Added capability check for each sub menu.

#3 @chandrapatel
8 years ago

Hi @flixos90

Please check 39082.patch

I test it by adding few capabilities to Editor role using User Role Editor plugin. Please check and let me know if its fine.

#4 @flixos90
8 years ago

  • Keywords has-patch added; needs-patch removed

Thanks a lot for the patch @chandrapatel - looks good! :)

@flixos90
8 years ago

#5 @flixos90
8 years ago

  • Keywords commit has-unit-tests added
  • Owner set to flixos90
  • Status changed from new to assigned

In 39082.diff I added three unit tests for the changes.

#6 @flixos90
8 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

In 39948:

Multisite: Show menu items in My Sites > Network Admin admin bar menu based on more precise capability checks.

Previously the menu items would all be displayed solely based on the manage_network capability. This change provides parity with the network admin menu.

Unit tests for the network admin menu functionality of wp_admin_bar_my_sites_menu() have been added.

Props chandrapatel.
Fixes #39082.

Note: See TracTickets for help on using tickets.