WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Ensure that a user can publish_posts before making a post sticky. 

Props: danielbachhuber, whyisjake, peterwilson, xknown.


Built from https://develop.svn.wordpress.org/trunk@46893


git-svn-id: http://core.svn.wordpress.org/trunk@46693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
whyisjake 2019-12-12 17:52:02 +00:00
parent 99f11a6af2
commit 9e87c5b7b4
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php
View File

@ -502,7 +502,7 @@ class WP_REST_Posts_Controller extends WP_REST_Controller {
return new WP_Error( 'rest_cannot_edit_others', __( 'Sorry, you are not allowed to create posts as this user.' ), array( 'status' => rest_authorization_required_code() ) );
}
if ( ! empty( $request['sticky'] ) && ! current_user_can( $post_type->cap->edit_others_posts ) ) {
if ( ! empty( $request['sticky'] ) && ! current_user_can( $post_type->cap->edit_others_posts ) && ! current_user_can( $post_type->cap->publish_posts ) ) {
return new WP_Error( 'rest_cannot_assign_sticky', __( 'Sorry, you are not allowed to make posts sticky.' ), array( 'status' => rest_authorization_required_code() ) );
}
@ -657,7 +657,7 @@ class WP_REST_Posts_Controller extends WP_REST_Controller {
return new WP_Error( 'rest_cannot_edit_others', __( 'Sorry, you are not allowed to update posts as this user.' ), array( 'status' => rest_authorization_required_code() ) );
}
if ( ! empty( $request['sticky'] ) && ! current_user_can( $post_type->cap->edit_others_posts ) ) {
if ( ! empty( $request['sticky'] ) && ! current_user_can( $post_type->cap->edit_others_posts ) && ! current_user_can( $post_type->cap->publish_posts ) ) {
return new WP_Error( 'rest_cannot_assign_sticky', __( 'Sorry, you are not allowed to make posts sticky.' ), array( 'status' => rest_authorization_required_code() ) );
}
@ -959,7 +959,7 @@ class WP_REST_Posts_Controller extends WP_REST_Controller {
* @return stdClass|WP_Error Post object or WP_Error.
*/
protected function prepare_item_for_database( $request ) {
$prepared_post = new stdClass;
$prepared_post = new stdClass();
// Post ID.
if ( isset( $request['id'] ) ) {

2
wp-includes/version.php
View File

@ -13,7 +13,7 @@
*
* @global string $wp_version
*/
$wp_version = '5.4-alpha-46891';
$wp_version = '5.4-alpha-46893';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.