From 61caecfa939d2a904b188b51d80cadd190ef78e5 Mon Sep 17 00:00:00 2001
From: Andrew Nacin <wp@andrewnacin.com>
Date: Wed, 28 Nov 2012 22:28:20 +0000
Subject: [PATCH] Use the create_posts post type cap in more places. Remove the
 janky create_posts meta cap. see #16714.

git-svn-id: http://core.svn.wordpress.org/trunk@22908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/index.php                     | 2 +-
 wp-admin/menu.php                      | 4 ++--
 wp-admin/press-this.php                | 2 +-
 wp-includes/admin-bar.php              | 5 ++++-
 wp-includes/capabilities.php           | 8 --------
 wp-includes/class-wp-xmlrpc-server.php | 6 ++++--
 6 files changed, 12 insertions(+), 15 deletions(-)

diff --git a/wp-admin/index.php b/wp-admin/index.php
index c5d7bd1e65..dd429e7fa7 100644
--- a/wp-admin/index.php
+++ b/wp-admin/index.php
@@ -76,7 +76,7 @@ if ( current_user_can( 'moderate_comments' ) )
 	$help .= '<p>' . __('<strong>Recent Comments</strong> - Shows the most recent comments on your posts (configurable, up to 30) and allows you to moderate them.') . '</p>';
 if ( current_user_can( 'publish_posts' ) )
 	$help .= '<p>' . __('<strong>Incoming Links</strong> - Shows links to your site found by Google Blog Search.') . '</p>';
-if ( current_user_can( 'create_posts' ) ) {
+if ( current_user_can( get_post_type_object( 'post' )->cap->create_posts ) ) {
 	$help .= '<p>' . __('<strong>QuickPress</strong> - Allows you to create a new post and either publish it or save it as a draft.') . '</p>';
 	$help .= '<p>' . __('<strong>Recent Drafts</strong> - Displays links to the 5 most recent draft posts you&#8217;ve started.') . '</p>';
 }
diff --git a/wp-admin/menu.php b/wp-admin/menu.php
index a209b40fad..90c585dbd9 100644
--- a/wp-admin/menu.php
+++ b/wp-admin/menu.php
@@ -49,7 +49,7 @@ $menu[4] = array( '', 'read', 'separator1', '', 'wp-menu-separator' );
 $menu[5] = array( __('Posts'), 'edit_posts', 'edit.php', '', 'open-if-no-js menu-top menu-icon-post', 'menu-posts', 'none' );
 	$submenu['edit.php'][5]  = array( __('All Posts'), 'edit_posts', 'edit.php' );
 	/* translators: add new post */
-	$submenu['edit.php'][10]  = array( _x('Add New', 'post'), 'create_posts', 'post-new.php' );
+	$submenu['edit.php'][10]  = array( _x('Add New', 'post'), get_post_type_object( 'post' )->cap->create_posts, 'post-new.php' );
 
 	$i = 15;
 	foreach ( get_taxonomies( array(), 'objects' ) as $tax ) {
@@ -81,7 +81,7 @@ $menu[15] = array( __('Links'), 'manage_links', 'link-manager.php', '', 'menu-to
 $menu[20] = array( __('Pages'), 'edit_pages', 'edit.php?post_type=page', '', 'menu-top menu-icon-page', 'menu-pages', 'none' );
 	$submenu['edit.php?post_type=page'][5] = array( __('All Pages'), 'edit_pages', 'edit.php?post_type=page' );
 	/* translators: add new page */
-	$submenu['edit.php?post_type=page'][10] = array( _x('Add New', 'page'), 'edit_pages', 'post-new.php?post_type=page' );
+	$submenu['edit.php?post_type=page'][10] = array( _x('Add New', 'page'), get_post_type_object( 'page' )->cap->create_posts, 'post-new.php?post_type=page' );
 	$i = 15;
 	foreach ( get_taxonomies( array(), 'objects' ) as $tax ) {
 		if ( ! $tax->show_ui || ! in_array('page', (array) $tax->object_type, true) )
diff --git a/wp-admin/press-this.php b/wp-admin/press-this.php
index 3cf873dc4c..b9c4485c87 100644
--- a/wp-admin/press-this.php
+++ b/wp-admin/press-this.php
@@ -13,7 +13,7 @@ require_once('./admin.php');
 
 header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
 
-if ( ! current_user_can( 'edit_posts' ) || ! current_user_can( 'create_posts' ) )
+if ( ! current_user_can( 'edit_posts' ) || ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) )
 	wp_die( __( 'Cheatin&#8217; uh?' ) );
 
 /**
diff --git a/wp-includes/admin-bar.php b/wp-includes/admin-bar.php
index 524e735152..6af1021453 100644
--- a/wp-includes/admin-bar.php
+++ b/wp-includes/admin-bar.php
@@ -363,13 +363,16 @@ function wp_admin_bar_my_sites_menu( $wp_admin_bar ) {
 			'href'   => admin_url(),
 		) );
 
-		if ( current_user_can( 'edit_posts' ) ) {
+		if ( current_user_can( get_post_type_object( 'post' )->cap->create_posts ) ) {
 			$wp_admin_bar->add_menu( array(
 				'parent' => $menu_id,
 				'id'     => $menu_id . '-n',
 				'title'  => __( 'New Post' ),
 				'href'   => admin_url( 'post-new.php' ),
 			) );
+		}
+
+		if ( current_user_can( 'edit_posts' ) ) {
 			$wp_admin_bar->add_menu( array(
 				'parent' => $menu_id,
 				'id'     => $menu_id . '-c',
diff --git a/wp-includes/capabilities.php b/wp-includes/capabilities.php
index 4f49ed98f6..0aedbefef6 100644
--- a/wp-includes/capabilities.php
+++ b/wp-includes/capabilities.php
@@ -1060,14 +1060,6 @@ function map_meta_cap( $cap, $user_id ) {
 				$caps[] = $post_type->cap->delete_private_posts;
 		}
 		break;
-	// current_user_can( 'create_posts', $post_type )
-	case 'create_posts':
-		$post_type = isset( $args[0] ) ? $args[0] : 'post';
-		$post_type_object = get_post_type_object( $post_type );
-
-		$caps[] = $post_type_object->cap->create_posts;
-
-		break;
 		// edit_post breaks down to edit_posts, edit_published_posts, or
 		// edit_others_posts
 	case 'edit_post':
diff --git a/wp-includes/class-wp-xmlrpc-server.php b/wp-includes/class-wp-xmlrpc-server.php
index da90648418..0798fcbf90 100644
--- a/wp-includes/class-wp-xmlrpc-server.php
+++ b/wp-includes/class-wp-xmlrpc-server.php
@@ -1016,7 +1016,7 @@ class wp_xmlrpc_server extends IXR_Server {
 			if ( $post_data['post_type'] != get_post_type( $post_data['ID'] ) )
 				return new IXR_Error( 401, __( 'The post type may not be changed.' ) );
 		} else {
-			if ( ! current_user_can( $post_type->cap->edit_posts ) )
+			if ( ! current_user_can( $post_type->cap->create_posts ) || ! current_user_can( $post_type->cap->edit_posts ) )
 				return new IXR_Error( 401, __( 'Sorry, you are not allowed to post on this site.' ) );
 		}
 
@@ -3928,7 +3928,7 @@ class wp_xmlrpc_server extends IXR_Server {
 		do_action('xmlrpc_call', 'blogger.newPost');
 
 		$cap = ($publish) ? 'publish_posts' : 'edit_posts';
-		if ( !current_user_can($cap) )
+		if ( ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) || !current_user_can($cap) )
 			return new IXR_Error(401, __('Sorry, you are not allowed to post on this site.'));
 
 		$post_status = ($publish) ? 'publish' : 'draft';
@@ -4143,6 +4143,8 @@ class wp_xmlrpc_server extends IXR_Server {
 			$post_type = 'post';
 		}
 
+		if ( ! current_user_can( get_post_type_object( $post_type )->cap->create_posts ) )
+			return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish posts on this site.' ) );
 		if ( !current_user_can( $cap ) )
 			return new IXR_Error( 401, $error_message );