WordPress.org

Make WordPress Core

Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#42332 closed defect (bug) (worksforme)

delete_site permission is not working as it should

Reported by: Shebo Owned by:
Milestone: Priority: normal
Severity: minor Version: 4.2
Component: Role/Capability Keywords:
Focuses: multisite Cc:

Description

in changeset:31673 the delete_site action got it's own capability, but from what I tested it's not working.
When the function map_meta_cap in capabilities.php stumbling upon delete_site capability it registers it as manage_option.
That means that the condition if(current_user_can( 'delete_site' )) will always be falsey, because there's not scenario when map_meta_cap is producing it.

The current (unwanted) behavior is when delete_site explicitly is given beyond the scope of the administrator role, the option is not shown in the admin menu, and when using the direct url ms-delete-site.php a permission error is shown.

Change History (3)

#1 @johnbillion
4 years ago

  • Keywords reporter-feedback added
  • Version changed from trunk to 4.2

Thanks for the report, @Shebo.

The delete_site capability is a meta capability, which means the capability is only granted to a user or a role at runtime according to logic (in this case, mapping it to the manage_options primitive capability). Granting a meta capability directly to a user or a role won't work.

In order to actually grant a user the delete_site capability, you'll also need to implement a filter such as the following in addition to granting them the delete_site capability via their user or their role:

add_filter( 'map_meta_cap', function( array $required_caps, $cap, $user_id, array $args ) {
        if ( 'delete_site' === $cap ) {
                $required_caps = array(
                        'delete_site',
                );
        }
        return $required_caps;
}, 10, 4 );

Can you let us know if this works as expected?

#2 @Shebo
4 years ago

  • Resolution set to worksforme
  • Severity changed from normal to minor
  • Status changed from new to closed

Thanks for the quick response, @johnbillion.
I saw that delete_site was not the only permission that uses that sort of "meta capability" logic, and I must say it's kind of a weird behavior.

I didn't see any reference to it in the codex or other documentation, and my assertion was that if I'm explicitly giving some role a certain capability, it should work without any supplements of support on my behalf.
I can't think of a use case when someone gives a delete_site capability to certain role and doesn't expect that role to have it.

But I guess that's how the permission system works, and of course - your solution of using the map_meta_cap filter worked like a charm.

Thank you very much for explaining that logic and providing a valid solution.

#3 @netweb
4 years ago

  • Keywords reporter-feedback removed
  • Milestone Awaiting Review deleted
Note: See TracTickets for help on using tickets.