Replace current_user_can( 'manage_network_users' ) in wp-admin/includes/ajax-actions.php and wp-admin/user-new.php (line 228)

[ashokkumar24]

This is part of the #37616 task. There are 2 is_super_admin() checks in wp-includes/option.php that should be replaced with current_user_can( 'manage_network' ).

[ashokkumar24]

Replace current_user_can( 'manage_network_users' ) in wp-admin/includes/ajax-actions.php and wp-admin/user-new.php

[ashokkumar24]

Replying to ashokkumar24:

This is part of the #37616 task. current_user_can( 'manage_network_users' ) in wp-admin/includes/ajax-actions.php and wp-admin/user-new.php.

[flixos90]

Hi @ashokkumar24, and thanks for the patch - looks good!

[johnbillion]

The logic in src/wp-admin/user-new.php now includes two capability checks:

is_multisite() &&
current_user_can( 'promote_users' ) &&
! wp_is_large_network( 'users' ) &&
( current_user_can( 'manage_network_users' ) || apply_filters( 'autocomplete_users_for_site_admins', false ) )

Need to determine if both are actually needed here.

[flixos90]

Replying to johnbillion:

The logic in src/wp-admin/user-new.php now includes two capability checks:

is_multisite() &&
current_user_can( 'promote_users' ) &&
! wp_is_large_network( 'users' ) &&
( current_user_can( 'manage_network_users' ) || apply_filters( 'autocomplete_users_for_site_admins', false ) )

Need to determine if both are actually needed here.

I agree that it looks a bit uncommon to have two capability checks in one clause, but since the second is in a separate OR check, I think it should remain like that. This is also necessary to keep backward compatibility as the second capability check replaces is_super_admin() (or now rather detects whether the user has caps to manage network-wide users).

[flixos90]

In 39934:

Multisite: Replace is_super_admin() with manage_network_users when checking for users autocomplete capabilities.

Props ashokkumar24.
Fixes #39201. See #37616.