Context Navigation

← Previous Ticket
Next Ticket →

#49450 closed defect (bug) (fixed)

WP_REST_Users_Controller includes the entire admin for one utility function

Reported by:	SergeyBiryukov	Owned by:	SergeyBiryukov
Milestone:	5.4	Priority:	normal
Severity:	normal	Version:
Component:	Users	Keywords:	good-first-bug has-patch
Focuses:	rest-api	Cc:

Description

Background: #43757.

WP_REST_Users_Controller::check_role_update() includes the entire admin API (wp-admin/includes/admin.php) just to get access to get_editable_roles().

It could just require wp-admin/includes/user.php instead, like the ::delete_item() method does .

Attachments (1)

49450.diff (724 bytes) - added by johnwatkins0 6 years ago.

Download all attachments as: .zip

Change History (3)

@johnwatkins0
6 years ago

Attachment 49450.diff added

#1 @SergeyBiryukov
6 years ago

Keywords has-patch added; needs-patch removed

#2 @SergeyBiryukov
6 years ago

Owner set to SergeyBiryukov
Resolution set to fixed
Status changed from new to closed

In 47299:

Users: Limit the scope of admin files required in WP_REST_Users_Controller.

This requires only wp-admin/includes/user.php for get_editable_roles(), instead of wp-admin/includes/admin.php.

Follow-up to [43589].

Props johnwatkins0.
Fixes #49450.

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

Make WordPress Core