From c1db3198cee07a3c9afeaf002d0c4af8ee4b7292 Mon Sep 17 00:00:00 2001 From: John Blackbourn Date: Thu, 11 Aug 2022 18:24:09 +0000 Subject: [PATCH] Application Passwords: Allow a Super Admin to set an application password on a site they're not a member of. This removes the requirement that a Super Admin must be a member of the current site when they attempt to set an application password within the admin area of an individual site on the network. Props TimothyBlynJacobs, ilovecats7, johnbillion, georgestephanis, johnjamesjacoby Fixes #53224 Built from https://develop.svn.wordpress.org/trunk@53882 git-svn-id: http://core.svn.wordpress.org/trunk@53441 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- .../class-wp-rest-application-passwords-controller.php | 2 +- wp-includes/version.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php index af920d21f5..b0ac65a647 100644 --- a/wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php +++ b/wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php @@ -719,7 +719,7 @@ class WP_REST_Application_Passwords_Controller extends WP_REST_Controller { return $error; } - if ( is_multisite() && ! is_user_member_of_blog( $user->ID ) ) { + if ( is_multisite() && ! user_can( $user->ID, 'manage_sites' ) && ! is_user_member_of_blog( $user->ID ) ) { return $error; } diff --git a/wp-includes/version.php b/wp-includes/version.php index 3059a1a751..e55896f474 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.1-alpha-53881'; +$wp_version = '6.1-alpha-53882'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.