current_user_can( 'install_languages' ) calls a function which may not be defined

[johnbillion]

The following code causes a fatal error when used on the front end of a site:

add_action( 'init', function() {
	current_user_can( 'install_languages' );
} );

This is because the install_languages case inside map_meta_cap() calls wp_can_install_language_pack() which in turn instantiates the WP_Upgrader class and calls methods which call functions which are only available in the admin context. request_filesystem_credentials() is ultimately called and causes a fatal error because the function is only available in the admin context.

[johnbillion]

cc @flixos90

[flixos90]

I suppose the easiest solution is to look at which exact files from wp-admin/includes are required and load them on demand before calling wp_can_install_language_pack() as well.

This is way sub-optimal (so already is calling wp_can_install_language_pack() from the frontend, since it is commonly only available in the admin), so it may be worth exploring possibilities in the future for generally including some of these things in the frontend - although, on the other hand, those would only be used in the frontend for edge-cases so we may need to be good with just loading the files on demand. Either way, such changes would be out of scope for this ticket and that late in the release cycle.

[flixos90]

42230.diff​ loads wp-admin/includes/file.php before checking wp_can_install_language_pack() to prevent fatals when calling request_filesystem_credentials().

[flixos90]

In 41885:

Role/Capability: Prevent a fatal error when checking a language capability early or in the frontend.

The meta capabilities install_languages and update_languages rely on the admin function wp_can_install_language_pack(). That function in turn relies on request_filesystem_credentials(), so it needs to be ensured that this function is available as well.

Fixes #42230.