WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Check the publish_post cap when publishing an already existing post. 

Props nprasath002
Fixes #20474


git-svn-id: http://svn.automattic.com/wordpress/trunk@20568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2012-04-23 21:54:30 +00:00
parent 348c188871
commit 0bffacac50
1 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
wp-includes/class-wp-xmlrpc-server.php
View File

@ -785,13 +785,23 @@ class wp_xmlrpc_server extends IXR_Server {
case 'pending': case 'pending':
break; break;
case 'private': case 'private':
if ( ! current_user_can( $post_type->cap->publish_posts ) ) if ( $update ) {
return new IXR_Error( 401, __( 'Sorry, you are not allowed to create private posts in this post type' )); if ( ! current_user_can( $post_type->cap->publish_post, $post_data[ 'ID' ] ) )
return new IXR_Error( 401, __( 'Sorry, you are not allowed to set this post as private.' ) );
} else {
if ( ! current_user_can( $post_type->cap->publish_posts ) )
return new IXR_Error( 401, __( 'Sorry, you are not allowed to create private posts in this post type' ));
}
break; break;
case 'publish': case 'publish':
case 'future': case 'future':
if ( ! current_user_can( $post_type->cap->publish_posts ) ) if ( $update ) {
return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish posts in this post type' )); if ( ! current_user_can( $post_type->cap->publish_post, $post_data[ 'ID' ] ) )
return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish this post.' ) );
} else {
if ( ! current_user_can( $post_type->cap->publish_posts ) )
return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish posts in this post type' ));
}
break; break;
default: default:
$post_data['post_status'] = 'draft'; $post_data['post_status'] = 'draft';