WordPress.org

Make WordPress Core

Opened 3 months ago

Last modified 2 months ago

#47119 reviewing defect (bug)

Can't revoke super admin if email is different case from network admin

Reported by: trepmal Owned by: SergeyBiryukov
Milestone: 5.3 Priority: normal
Severity: normal Version: 3.1
Component: Users Keywords: has-patch
Focuses: administration, multisite Cc:

Description (last modified by SergeyBiryukov)

In multisite, if a Super Admin's email is a case-insensitive match to the Network Admin email, the checkbox for revoking super-admin shows, but doesn't work.

Reproduction:

  • set Network Admin email to Admin@example.test
  • set a Super Admin's email to admin@example.test
  • attempt to revoke super admin from same user

This will fail because of the case-insensitive comparison here:
https://core.trac.wordpress.org/browser/trunk/src/wp-includes/capabilities.php#L922

In typical circumstances (when emails do not have a case difference) the checkbox doesn't show because of comparison here:
https://core.trac.wordpress.org/browser/trunk/src/wp-admin/user-edit.php#L420

Looks like this has been an issue since about 3.1, maybe older.

relevant commits: [26115], [16767]

Attachments (1)

47119.diff (900 bytes) - added by trepmal 3 months ago.

Download all attachments as: .zip

Change History (2)

@trepmal
3 months ago

#1 @SergeyBiryukov
2 months ago

  • Component changed from Administration to Users
  • Description modified (diff)
  • Focuses administration multisite added
  • Milestone changed from Awaiting Review to 5.3
  • Owner set to SergeyBiryukov
  • Status changed from new to reviewing
Note: See TracTickets for help on using tickets.