Make WordPress Core

Opened 7 weeks ago

Last modified 6 hours ago

#61100 new defect (bug)

'Change role' field on wp-admin/network/site-users.php?id=xxx contains a bug

Reported by: ignatiusjeroe's profile ignatiusjeroe Owned by:
Milestone: 6.6 Priority: normal
Severity: normal Version:
Component: Networks and Sites Keywords: good-first-bug has-patch needs-testing
Focuses: multisite Cc:


when selecting the option '-No role for this site-' on page wp-admin/network/site-users.php?id=xxx triggers an error. This should not be the case. This field is also available on wp-admin/users.php but this doesnt trigger an error.

See wp-admin/network/site-users.php @ line 140-183. This case 'promote' handles this request. The issue is the value=none of '-No role for this site-', which is not found in $edible_roles. The if-statement on line 145 will cause the error.

The case 'promote' of wp-admin/users.php @ line 110-170 is almost identical to that of wp-admin/network/site-users.php?id=xxx. But this statement took the 'none' value into account.
wp-admin/network/site-users.php line 145 - 147 should be replaced by wp-admin/users.php lines 125-136

Attachments (1)

Screen Shot 2024-04-30 at 16.32.07.png (165.6 KB) - added by ignatiusjeroe 7 weeks ago.

Download all attachments as: .zip

Change History (8)

#1 @SergeyBiryukov
7 weeks ago

  • Keywords needs-patch good-first-bug added
  • Milestone changed from Awaiting Review to 6.6

This ticket was mentioned in PR #6470 on WordPress/wordpress-develop by @mi5t4n.

7 weeks ago

  • Keywords has-patch added; needs-patch removed

This pull request resolves the issue encountered when attempting to change a user's role to 'None' using the 'Change Role To...' bulk option within multisite, specifically at the URL wp-admin/network/site-users.php?id=xxx.

Trac ticket:

#3 @techpartho
3 weeks ago

Here is my suggestion, To fix this, we should modify the case 'promote' section in wp-admin/network/site-users.php to handle the 'none' role similarly to how it's dealt with in wp-admin/users.php.

Here are the steps to fix this issue:

  1. Add a mock none-role to $editable_roles:
$editable_roles['none'] = array(
    'name' => __( '— No role for this site —' ),

  1. Update the if-statement to handle the 'none' role properly:
if ( ! $role || empty( $editable_roles[ $role ] ) ) {
    wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 );

if ( 'none' === $role ) {
    $role = '';

The error will be resolved by implementing these changes, and selecting "-No role for this site-" will work correctly without triggering an error. This solution aligns the behavior of wp-admin/network/site-users.php with wp-admin/users.php.

This ticket was mentioned in Slack in #core by oglekler. View the logs.

5 days ago

#5 @oglekler
5 days ago

  • Keywords needs-testing added

#6 follow-up: @hmbashar
4 days ago

This issue is only for the network site? I've tested on a regular WP, and I don't think there is an issue.

#7 in reply to: ↑ 6 @ignatiusjeroe
6 hours ago

Replying to hmbashar:

This issue is only for the network site? I've tested on a regular WP, and I don't think there is an issue.

Mate, I provided all links (wp-admin/network/site-users.php) to the exact page. Given instructions on how to duplicate the issues. And here you are completely ignoring all the details of the issue. I suggest you follow instructions more carefully. Its a multisite issue which is blatantly clear in the post details.

Note: See TracTickets for help on using tickets.