Cap migration.

git-svn-id: http://svn.automattic.com/wordpress/trunk@2720 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-07-17 19:29:55 +00:00 · 2005-07-17 19:29:55 +00:00 · 1e5d0b0736
parent 4260709314
commit 1e5d0b0736
10 changed files with 16 additions and 36 deletions
--- a/wp-admin/bookmarklet.php
+++ b/wp-admin/bookmarklet.php
@ -2,7 +2,7 @@
 $mode = 'bookmarklet';
 require_once('admin.php');

-if ($user_level == 0)
+if ( ! current_user_can('edit_posts') )
 	die ("Cheatin' uh?");

 if ('b' == $a) {
--- a/wp-admin/edit-pages.php
+++ b/wp-admin/edit-pages.php
@ -3,25 +3,13 @@ require_once('admin.php');
 $title = __('Pages');
 $parent_file = 'edit.php';
 require_once('admin-header.php');
-
-get_currentuserinfo();
 ?>

 <div class="wrap">
 <h2><?php _e('Page Management'); ?></h2>

 <?php
-/*
-if (isset($user_ID) && ('' != intval($user_ID))) {
-	$posts = $wpdb->get_results("
-	SELECT $wpdb->posts.*, $wpdb->users.user_level FROM $wpdb->posts
-	INNER JOIN $wpdb->users ON ($wpdb->posts.post_author = $wpdb->users.ID)
-	WHERE $wpdb->posts.post_status = 'static'
-	AND ($wpdb->users.user_level < $user_level OR $wpdb->posts.post_author = $user_ID)
-	");
-} else { */
 $posts = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static'");
-// } FIXME

 if ($posts) {
 ?>
--- a/wp-admin/edit.php
+++ b/wp-admin/edit.php
@ -7,8 +7,6 @@ require_once('admin-header.php');

 $_GET['m'] = (int) $_GET['m'];

-get_currentuserinfo();
-
 $drafts = get_users_drafts( $user_ID );
 $other_drafts = get_others_drafts( $user_ID);

@ -255,7 +253,7 @@ $comment_status = wp_get_comment_status($comment->comment_ID);
 			if ( current_user_can('edit_post', $post->ID) ) {
 				echo "[ <a href=\"post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">" .  __('Edit') . "</a>";
 				echo " - <a href=\"post.php?action=deletecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n  \'OK\' to delete, \'Cancel\' to stop."), $comment->comment_author) . "')\">" . __('Delete') . "</a> ";
-				if ( ('none' != $comment_status) && ($user_level >= 3) ) {
+				if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
 					if ('approved' == wp_get_comment_status($comment->comment_ID)) {
 						echo " - <a href=\"post.php?action=unapprovecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\">" . __('Unapprove') . "</a> ";
 					} else {
--- a/wp-admin/menu-header.php
+++ b/wp-admin/menu-header.php
@ -8,7 +8,7 @@ get_admin_page_parent();
 foreach ($menu as $item) {
 	$class = '';

-	// 0 = name, 1 = user_level, 2 = file
+	// 0 = name, 1 = capability, 2 = file
 	if (( strcmp($self, $item[2]) == 0 && empty($parent_file)) || ($parent_file && ($item[2] == $parent_file))) $class = ' class="current"';
    
 	if ( current_user_can($item[1]) ) {
--- a/wp-admin/moderation.php
+++ b/wp-admin/moderation.php
@ -31,9 +31,8 @@ switch($action) {

 case 'update':

-	if ($user_level < 3) {
+	if ( ! current_user_can('moderate_comments') )
 		die(__('<p>Your level is not high enough to moderate comments.</p>'));
-	}

 	$item_ignored = 0;
 	$item_deleted = 0;
@ -119,7 +118,7 @@ if ( isset($_GET['deleted']) || isset($_GET['approved']) || isset($_GET['ignored
 <div class="wrap">

 <?php
-if ($user_level > 3)
+if ( current_user_can('moderate_comments') )
 	$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0'");
 else
 	$comments = '';
--- a/wp-admin/profile.php
+++ b/wp-admin/profile.php
@ -58,8 +58,6 @@ break;

 case 'update':

-	get_currentuserinfo();
-
 	/* checking the nickname has been typed */
 	if (empty($_POST["newuser_nickname"])) {
 		die (__("<strong>ERROR</strong>: please enter your nickname (can be the same as your username)"));
@ -276,7 +274,7 @@ if ( $show_password_fields ) :
 </div>


-<?php if ($is_gecko && $profiledata->user_level != 0) { ?>
+<?php if ( $is_gecko && current_user_can('edit_posts') ) { ?>
 <div class="wrap">
    <script type="text/javascript">
 //<![CDATA[
--- a/wp-admin/sidebar.php
+++ b/wp-admin/sidebar.php
@ -3,9 +3,7 @@ $mode = 'sidebar';

 require_once('admin.php');

-get_currentuserinfo();
-
-if ($user_level == 0)
+if ( ! current_user_can('edit_posts') )
 	die ("Cheatin' uh ?");

 if ('b' == $_GET['a']) {
--- a/wp-admin/templates.php
+++ b/wp-admin/templates.php
@ -36,9 +36,8 @@ switch($action) {

 case 'update':

-	if ($user_level < 5) {
+	if ( ! current_user_can('edit_files') )
 		die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
-	}

 	$newcontent = stripslashes($_POST['newcontent']);
 	if (is_writeable($real_file)) {
@ -57,7 +56,8 @@ break;
 default:

 	require_once('./admin-header.php');
-	if ( $user_level <= 5 )
+	
+	if ( ! current_user_can('edit_files') )
 		die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));

 	if ( strstr( $file, 'wp-config.php' ) )
--- a/wp-admin/upgrade-schema.php
+++ b/wp-admin/upgrade-schema.php
@ -244,6 +244,7 @@ function populate_roles() {
 												'edit_published_posts' => true,
 												'publish_posts' => true,
 												'edit_pages' => true,
+												'moderate_comments' => true,
 												'manage_categories' => true,
 												'manage_links' => true,
 												'upload_files' => true,
@ -276,9 +277,10 @@ function populate_roles() {
 												'edit_published_posts' => true,
 												'publish_posts' => true,
 												'edit_pages' => true,
+												'moderate_comments' => true,
 												'manage_categories' => true,
 												'manage_links' => true,
-												'upload_images' => true,
+												'upload_files' => true,
 												'read' => true,
 												'level_7' => true,
 												'level_6' => true,
@ -295,7 +297,7 @@ function populate_roles() {
 											'capabilities' => array(
 												'edit_posts' => true,
 												'publish_posts' => true,
-												'upload_images' => true,
+												'upload_files' => true,
 												'read' => true,
 												'level_2' => true,
 												'level_1' => true,
--- a/wp-admin/upload.php
+++ b/wp-admin/upload.php
@ -5,13 +5,10 @@ $title = 'Upload Image or File';

 require_once('admin-header.php');

-if ($user_level == 0) //Checks to see if user has logged in
-	die (__("Cheatin' uh ?"));
-
 if (!get_settings('use_fileupload')) //Checks if file upload is enabled in the config
 	die (__("The admin disabled this function"));

-if ( !get_settings('fileupload_minlevel') )
+if ( ! current_user_can('upload_files') )
 	die (__("You are not allowed to upload files"));

 $allowed_types = explode(' ', trim(strtolower(get_settings('fileupload_allowedtypes'))));