Customizer: Add meta capability `customize` which is mapped to `edit_theme_options`.

You can now allow users to access the Customizer, say for any user who can `edit_posts`, via `map_meta_cap` or `user_has_cap` filter. See ticket for examples.

props westonruter, nacin.
fixes #28605.
Built from https://develop.svn.wordpress.org/trunk@29170


git-svn-id: http://core.svn.wordpress.org/trunk@28954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Dominik Schilling 2014-07-14 19:01:16 +00:00
parent e90f45e031
commit 57c914f75a
11 changed files with 52 additions and 29 deletions

View File

@ -177,8 +177,9 @@ $admin_body_class .= ' no-customize-support no-svg';
<?php
// Make sure the customize body classes are correct as early as possible.
if ( current_user_can( 'edit_theme_options' ) )
if ( current_user_can( 'customize' ) ) {
wp_customize_support_script();
}
?>
<div id="wpwrap">

View File

@ -12,7 +12,7 @@ define( 'IFRAME_REQUEST', true );
/** Load WordPress Administration Bootstrap */
require_once( dirname( __FILE__ ) . '/admin.php' );
if ( ! current_user_can( 'edit_theme_options' ) ) {
if ( ! current_user_can( 'customize' ) ) {
wp_die( __( 'Cheatin&#8217; uh?' ) );
}
@ -24,7 +24,13 @@ if ( $return ) {
$return = wp_validate_redirect( $return );
}
if ( ! $return ) {
if ( $url ) {
$return = $url;
} elseif ( current_user_can( 'edit_theme_options' ) || current_user_can( 'switch_themes' ) ) {
$return = admin_url( 'themes.php' );
} else {
$return = admin_url();
}
}
global $wp_scripts, $wp_customize;
@ -112,7 +118,7 @@ do_action( 'customize_controls_print_scripts' );
submit_button( $save_text, 'primary save', 'save', false );
?>
<span class="spinner"></span>
<a class="customize-controls-close" href="<?php echo esc_url( $return ? $return : admin_url( 'themes.php' ) ); ?>">
<a class="customize-controls-close" href="<?php echo esc_url( $return ); ?>">
<span class="screen-reader-text"><?php _e( 'Cancel' ); ?></span>
</a>
</div>

View File

@ -149,9 +149,10 @@ class WP_Themes_List_Table extends WP_List_Table {
$actions['preview'] = '<a href="' . $preview_link . '" class="hide-if-customize" title="'
. esc_attr( sprintf( __( 'Preview &#8220;%s&#8221;' ), $title ) ) . '">' . __( 'Preview' ) . '</a>';
if ( current_user_can( 'edit_theme_options' ) )
if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) {
$actions['preview'] .= '<a href="' . wp_customize_url( $stylesheet ) . '" class="load-customize hide-if-no-customize">'
. __( 'Live Preview' ) . '</a>';
}
if ( ! is_multisite() && current_user_can( 'delete_themes' ) )
$actions['delete'] = '<a class="submitdelete deletion" href="' . wp_nonce_url( 'themes.php?action=delete&amp;stylesheet=' . urlencode( $stylesheet ), 'delete-theme_' . $stylesheet )

View File

@ -522,7 +522,9 @@ class Theme_Installer_Skin extends WP_Upgrader_Skin {
$install_actions = array();
$install_actions['preview'] = '<a href="' . esc_url( $preview_link ) . '" class="hide-if-customize" title="' . esc_attr( sprintf( __('Preview &#8220;%s&#8221;'), $name ) ) . '">' . __('Preview') . '</a>';
if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) {
$install_actions['preview'] .= '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Preview &#8220;%s&#8221;'), $name ) ) . '">' . __('Live Preview') . '</a>';
}
$install_actions['activate'] = '<a href="' . esc_url( $activate_link ) . '" class="activatelink" title="' . esc_attr( sprintf( __('Activate &#8220;%s&#8221;'), $name ) ) . '">' . __('Activate') . '</a>';
if ( is_network_admin() && current_user_can( 'manage_network_themes' ) )
@ -594,11 +596,14 @@ class Theme_Upgrader_Skin extends WP_Upgrader_Skin {
$activate_link = wp_nonce_url( $activate_link, 'switch-theme_' . $stylesheet );
if ( get_stylesheet() == $stylesheet ) {
if ( current_user_can( 'edit_theme_options' ) )
if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) {
$update_actions['preview'] = '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Customize &#8220;%s&#8221;'), $name ) ) . '">' . __('Customize') . '</a>';
}
} elseif ( current_user_can( 'switch_themes' ) ) {
$update_actions['preview'] = '<a href="' . esc_url( $preview_link ) . '" class="hide-if-customize" title="' . esc_attr( sprintf( __('Preview &#8220;%s&#8221;'), $name ) ) . '">' . __('Preview') . '</a>';
if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) {
$update_actions['preview'] .= '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Preview &#8220;%s&#8221;'), $name ) ) . '">' . __('Live Preview') . '</a>';
}
$update_actions['activate'] = '<a href="' . esc_url( $activate_link ) . '" class="activatelink" title="' . esc_attr( sprintf( __('Activate &#8220;%s&#8221;'), $name ) ) . '">' . __('Activate') . '</a>';
}

View File

@ -1279,8 +1279,10 @@ function wp_welcome_panel() {
<p class="about-description"><?php _e( 'We&#8217;ve assembled some links to get you started:' ); ?></p>
<div class="welcome-panel-column-container">
<div class="welcome-panel-column">
<?php if ( current_user_can( 'customize' ) ): ?>
<h4><?php _e( 'Get Started' ); ?></h4>
<a class="button button-primary button-hero load-customize hide-if-no-customize" href="<?php echo wp_customize_url(); ?>"><?php _e( 'Customize Your Site' ); ?></a>
<?php endif; ?>
<a class="button button-primary button-hero hide-if-customize" href="<?php echo admin_url( 'themes.php' ); ?>"><?php _e( 'Customize Your Site' ); ?></a>
<?php if ( current_user_can( 'install_themes' ) || ( current_user_can( 'switch_themes' ) && count( wp_get_themes( array( 'allowed' => true ) ) ) > 1 ) ) : ?>
<p class="hide-if-no-customize"><?php printf( __( 'or, <a href="%s">change your theme completely</a>' ), admin_url( 'themes.php' ) ); ?></p>

View File

@ -430,7 +430,7 @@ function wp_prepare_themes_for_js( $themes = null ) {
'update' => get_theme_update_available( $theme ),
'actions' => array(
'activate' => current_user_can( 'switch_themes' ) ? wp_nonce_url( admin_url( 'themes.php?action=activate&amp;stylesheet=' . $encoded_slug ), 'switch-theme_' . $slug ) : null,
'customize'=> current_user_can( 'edit_theme_options' ) ? wp_customize_url( $slug ) : null,
'customize' => ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) ? wp_customize_url( $slug ) : null,
'preview' => add_query_arg( array(
'preview' => 1,
'template' => urlencode( $theme->get_template() ),

View File

@ -148,7 +148,7 @@ $menu[60] = array( __('Appearance'), $appearance_cap, 'themes.php', '', 'menu-to
$submenu['themes.php'][5] = array( __( 'Themes' ), $appearance_cap, 'themes.php' );
$customize_url = add_query_arg( 'return', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), 'customize.php' );
$submenu['themes.php'][6] = array( __( 'Customize' ), 'edit_theme_options', $customize_url, '', 'hide-if-no-customize' );
$submenu['themes.php'][6] = array( __( 'Customize' ), 'customize', $customize_url, '', 'hide-if-no-customize' );
unset( $customize_url );
if ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) ) {
$submenu['themes.php'][10] = array(__( 'Menus' ), 'edit_theme_options', 'nav-menus.php');

View File

@ -67,7 +67,7 @@ if ( current_user_can( 'install_themes' ) ) {
} // install_themes
// Help tab: Previewing and Customizing
if ( current_user_can( 'edit_theme_options' ) ) {
if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) {
$help_customize =
'<p>' . __( 'Tap or hover on any theme then click the Live Preview button to see a live preview of that theme and change theme options in a separate, full-screen view. You can also find a Live Preview button at the bottom of the theme details screen. Any installed theme can be previewed and customized in this way.' ) . '</p>'.
'<p>' . __( 'The theme being previewed is fully interactive &mdash; navigate to different pages to see how the theme handles posts, archives, and other page templates. The settings may differ depending on what theme features the theme being previewed supports. To accept the new settings and activate the theme all in one step, click the Save &amp; Activate button above the menu.' ) . '</p>' .
@ -78,7 +78,7 @@ if ( current_user_can( 'edit_theme_options' ) ) {
'title' => __( 'Previewing and Customizing' ),
'content' => $help_customize
) );
} // edit_theme_options
} // edit_theme_options && customize
get_current_screen()->set_help_sidebar(
'<p><strong>' . __( 'For more information:' ) . '</strong></p>' .
@ -212,14 +212,16 @@ foreach ( $themes as $theme ) :
<div class="theme-actions">
<?php if ( $theme['active'] ) { ?>
<?php if ( $theme['actions']['customize'] ) { ?>
<?php if ( $theme['actions']['customize'] && current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { ?>
<a class="button button-primary customize load-customize hide-if-no-customize" href="<?php echo $theme['actions']['customize']; ?>"><?php _e( 'Customize' ); ?></a>
<?php } ?>
<?php } else { ?>
<a class="button button-primary activate" href="<?php echo $theme['actions']['activate']; ?>"><?php _e( 'Activate' ); ?></a>
<?php if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { ?>
<a class="button button-secondary load-customize hide-if-no-customize" href="<?php echo $theme['actions']['customize']; ?>"><?php _e( 'Live Preview' ); ?></a>
<a class="button button-secondary hide-if-customize" href="<?php echo $theme['actions']['preview']; ?>"><?php _e( 'Preview' ); ?></a>
<?php } ?>
<?php } ?>
</div>

View File

@ -660,6 +660,7 @@ function wp_admin_bar_appearance_menu( $wp_admin_bar ) {
if ( ! current_user_can( 'edit_theme_options' ) )
return;
if ( current_user_can( 'customize' ) ) {
$current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$wp_admin_bar->add_menu( array(
'parent' => 'appearance',
@ -671,6 +672,7 @@ function wp_admin_bar_appearance_menu( $wp_admin_bar ) {
),
) );
add_action( 'wp_before_admin_bar_render', 'wp_customize_support_script' );
}
if ( current_theme_supports( 'widgets' ) )
$wp_admin_bar->add_menu( array( 'parent' => 'appearance', 'id' => 'widgets', 'title' => __('Widgets'), 'href' => admin_url('widgets.php') ) );

View File

@ -1306,6 +1306,9 @@ function map_meta_cap( $cap, $user_id ) {
else
$caps[] = 'do_not_allow';
break;
case 'customize' :
$caps[] = 'edit_theme_options';
break;
default:
// Handle meta capabilities for custom post types.
$post_type_meta_caps = _post_type_meta_capabilities();

View File

@ -157,8 +157,9 @@ final class WP_Customize_Manager {
show_admin_bar( false );
if ( ! current_user_can( 'edit_theme_options' ) )
if ( ! current_user_can( 'customize' ) ) {
$this->wp_die( -1 );
}
$this->original_stylesheet = get_stylesheet();