Opened 4 years ago
Closed 4 years ago
#47291 closed defect (bug) (reported-upstream)
(Featured Image metabox) Author can't choose others images
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | 5.0 |
| Component: | Media | Keywords: | |
| Focuses: | rest-api | Cc: |
Description
Author (and lower) can't choose others images in the Featured Image metabox, selection stuck with a spinner without any additional information.
Steps to reproduce:
- Login as user A, and add an image to media library
- Login as user B, and create a new post
- Scroll to "Featured Image", and click "Set featured image" button
- On the opened list of media files, select previously uploaded file (by user A)
- In the background request to REST Media fails with status
403, and user sees a Spinner infinitely without any additional information
Pre WP 5.0 behavior:
User could choose and set as Featured images uploaded by other users, also the one that he had only the 'view' permission.
Root of issue:
After selection of image in the modal, there is an REST request to the Media endpoint that should obtain additional data about the selected image. The request is made with a context edit to which current user have no permission (he is not an owner of the image nor the Editor to have permissions to edit others media).
Request that fails:
- Headers:
URL: http://localhost/wordpress/dev/wp-json/wp/v2/media/209?context=edit&_locale=user Method: GET Address: 127.0.0.1:80 Code: 403 Forbidden
- Response:
{
"code":"rest_forbidden_context",
"message":"Sorry, you are not allowed to edit this post.",
"data":
{
"status":403
}
}
Suggested fix:
Changing context of the request made from metabox.
Change History (5)
#2
@
4 years ago
- Focuses rest-api added
- Version changed from trunk to 5.0
Pre WP 5.0 behavior
Setting Version to the earliest applicable version where the regression happened.
#3
in reply to:
↑ 1
@
4 years ago
Replying to ajayghaghretiya1:
I can not regenerate this issue by the steps you provided. Can you please explain in details or provide us the video?
Yes, no problem, here the Screencast: https://www.screencast.com/t/qRMoEe6g0eCE
#5
@
4 years ago
- Milestone Awaiting Review deleted
- Resolution set to reported-upstream
- Status changed from new to closed
Closing this ticket as it's been reported upstream on the Gutenberg Github here;
https://github.com/WordPress/gutenberg/issues/18510
I can not regenerate this issue by the steps you provided. Can you please explain in details or provide us the video?