Opened 5 weeks ago
Closed 5 weeks ago
#62786 closed defect (bug) (duplicate)
wp_insert_post should not check for current_user_can( $taxonomy_obj->cap->assign_terms )
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Taxonomy | Keywords: | |
Focuses: | Cc: |
Description
As in the title, the following line...
<?php if ( current_user_can( $taxonomy_obj->cap->assign_terms ) ) { wp_set_post_terms( $post_id, $tags, $taxonomy ); }
... should instead be:-
<?php wp_set_post_terms( $post_id, $tags, $taxonomy );
This helps when programmatically inserting posts (for example via webhooks). Anyone who needs to check capabilities should do so before calling the function.
Removing the check shouldn't cause any problems since earlier in the code we already set tags and categories without checking caps:-
<?php if ( is_object_in_taxonomy( $post_type, 'category' ) ) { wp_set_post_categories( $post_id, $post_category ); } if ( isset( $postarr['tags_input'] ) && is_object_in_taxonomy( $post_type, 'post_tag' ) ) { wp_set_post_tags( $post_id, $postarr['tags_input'] ); }
Change History (1)
Note: See
TracTickets for help on using
tickets.
Thanks for your report, this issue is already tracked in #19373.