Avoid clearing stored capabilities for a user when removing their built in role in multisite.

Previously, if “No role on this site” was assigned to a user AND that user did not have an empty role array stored for the site, the `$blog_prefix . ‘capabilities’` meta for that user would be deleted completely after changes to the user were saved. Any custom capabilities stored (i.e. `$user->add_role()`) would be removed as well.

This removes the code controlling the old WPMU handling of “no role” and allows custom stored capabilities to remain. Users with no role and custom capabilities will now appear in the users list table with “None” as the role.

In the process we’re able to better clarify the multisite specific pieces that do occur.

Props PeteMall, jeremyfelt.

Fixes #18934.

Built from https://develop.svn.wordpress.org/trunk@31516


git-svn-id: http://core.svn.wordpress.org/trunk@31497 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Jeremy Felt 2015-02-23 01:34:24 +00:00
parent 1b6bb2f183
commit 754636aaf1
2 changed files with 11 additions and 22 deletions

View File

@ -146,32 +146,21 @@ if ( IS_PROFILE_PAGE ) {
do_action( 'edit_user_profile_update', $user_id );
}
if ( !is_multisite() ) {
$errors = edit_user($user_id);
} else {
// Update the email address in signups, if present.
if ( is_multisite() ) {
$user = get_userdata( $user_id );
// Update the email address in signups, if present.
if ( $user->user_login && isset( $_POST[ 'email' ] ) && is_email( $_POST[ 'email' ] ) && $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $user->user_login ) ) )
if ( $user->user_login && isset( $_POST[ 'email' ] ) && is_email( $_POST[ 'email' ] ) && $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $user->user_login ) ) ) {
$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $_POST[ 'email' ], $user_login ) );
// We must delete the user from the current blog if WP added them after editing.
$delete_role = false;
$blog_prefix = $wpdb->get_blog_prefix();
if ( $user_id != $current_user->ID ) {
$cap = $wpdb->get_var( "SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user_id}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'" );
if ( !is_network_admin() && null == $cap && $_POST[ 'role' ] == '' ) {
$_POST[ 'role' ] = 'contributor';
$delete_role = true;
}
}
if ( !isset( $errors ) || ( isset( $errors ) && is_object( $errors ) && false == $errors->get_error_codes() ) )
$errors = edit_user($user_id);
if ( $delete_role ) // stops users being added to current blog when they are edited
delete_user_meta( $user_id, $blog_prefix . 'capabilities' );
}
if ( is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can( 'manage_network_options' ) && !isset($super_admins) && empty( $_POST['super_admin'] ) == is_super_admin( $user_id ) )
empty( $_POST['super_admin'] ) ? revoke_super_admin( $user_id ) : grant_super_admin( $user_id );
// Update the user.
$errors = edit_user( $user_id );
// Grant or revoke super admin status if requested.
if ( is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can( 'manage_network_options' ) && !isset($super_admins) && empty( $_POST['super_admin'] ) == is_super_admin( $user_id ) ) {
empty( $_POST['super_admin'] ) ? revoke_super_admin( $user_id ) : grant_super_admin( $user_id );
}
if ( !is_wp_error( $errors ) ) {

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.2-alpha-31515';
$wp_version = '4.2-alpha-31516';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.