The `query-attachments` AJAX action immediately errors out if the user doesn't have the `upload_files` cap. As such, the Customizer shouldn't show buttons that launch the media modal when the user doesn't have the proper permissions to query attachments.
See #32654. Built from https://develop.svn.wordpress.org/trunk@32913 git-svn-id: http://core.svn.wordpress.org/trunk@32884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
3ffe2a059d
commit
f61501f57f
|
@ -259,6 +259,7 @@ class Custom_Background {
|
||||||
</tr>
|
</tr>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
|
|
||||||
|
<?php if ( current_user_can( 'upload_files' ) ): ?>
|
||||||
<tr>
|
<tr>
|
||||||
<th scope="row"><?php _e('Select Image'); ?></th>
|
<th scope="row"><?php _e('Select Image'); ?></th>
|
||||||
<td><form enctype="multipart/form-data" id="upload-form" class="wp-upload-form" method="post">
|
<td><form enctype="multipart/form-data" id="upload-form" class="wp-upload-form" method="post">
|
||||||
|
@ -278,6 +279,7 @@ class Custom_Background {
|
||||||
</form>
|
</form>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<?php endif; ?>
|
||||||
</tbody>
|
</tbody>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
|
|
|
@ -509,7 +509,7 @@ class Custom_Image_Header {
|
||||||
</tr>
|
</tr>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
|
|
||||||
<?php if ( current_theme_supports( 'custom-header', 'uploads' ) ) : ?>
|
<?php if ( current_user_can( 'upload_files' ) && current_theme_supports( 'custom-header', 'uploads' ) ) : ?>
|
||||||
<tr>
|
<tr>
|
||||||
<th scope="row"><?php _e( 'Select Image' ); ?></th>
|
<th scope="row"><?php _e( 'Select Image' ); ?></th>
|
||||||
<td>
|
<td>
|
||||||
|
|
|
@ -721,6 +721,7 @@ class WP_Customize_Media_Control extends WP_Customize_Control {
|
||||||
$this->json['label'] = html_entity_decode( $this->label, ENT_QUOTES, get_bloginfo( 'charset' ) );
|
$this->json['label'] = html_entity_decode( $this->label, ENT_QUOTES, get_bloginfo( 'charset' ) );
|
||||||
$this->json['mime_type'] = $this->mime_type;
|
$this->json['mime_type'] = $this->mime_type;
|
||||||
$this->json['button_labels'] = $this->button_labels;
|
$this->json['button_labels'] = $this->button_labels;
|
||||||
|
$this->json['canUpload'] = current_user_can( 'upload_files' );
|
||||||
|
|
||||||
$value = $this->value();
|
$value = $this->value();
|
||||||
|
|
||||||
|
@ -823,9 +824,11 @@ class WP_Customize_Media_Control extends WP_Customize_Control {
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="actions">
|
<div class="actions">
|
||||||
|
<# if ( data.canUpload ) { #>
|
||||||
<button type="button" class="button remove-button"><?php echo $this->button_labels['remove']; ?></button>
|
<button type="button" class="button remove-button"><?php echo $this->button_labels['remove']; ?></button>
|
||||||
<button type="button" class="button upload-button" id="{{ data.settings['default'] }}-button"><?php echo $this->button_labels['change']; ?></button>
|
<button type="button" class="button upload-button" id="{{ data.settings['default'] }}-button"><?php echo $this->button_labels['change']; ?></button>
|
||||||
<div style="clear:both"></div>
|
<div style="clear:both"></div>
|
||||||
|
<# } #>
|
||||||
</div>
|
</div>
|
||||||
<# } else { #>
|
<# } else { #>
|
||||||
<div class="current">
|
<div class="current">
|
||||||
|
@ -843,7 +846,9 @@ class WP_Customize_Media_Control extends WP_Customize_Control {
|
||||||
<# if ( data.defaultAttachment ) { #>
|
<# if ( data.defaultAttachment ) { #>
|
||||||
<button type="button" class="button default-button"><?php echo $this->button_labels['default']; ?></button>
|
<button type="button" class="button default-button"><?php echo $this->button_labels['default']; ?></button>
|
||||||
<# } #>
|
<# } #>
|
||||||
|
<# if ( data.canUpload ) { #>
|
||||||
<button type="button" class="button upload-button" id="{{ data.settings['default'] }}-button"><?php echo $this->button_labels['select']; ?></button>
|
<button type="button" class="button upload-button" id="{{ data.settings['default'] }}-button"><?php echo $this->button_labels['select']; ?></button>
|
||||||
|
<# } #>
|
||||||
<div style="clear:both"></div>
|
<div style="clear:both"></div>
|
||||||
</div>
|
</div>
|
||||||
<# } #>
|
<# } #>
|
||||||
|
@ -1158,8 +1163,6 @@ class WP_Customize_Header_Image_Control extends WP_Customize_Image_Control {
|
||||||
$width = absint( get_theme_support( 'custom-header', 'width' ) );
|
$width = absint( get_theme_support( 'custom-header', 'width' ) );
|
||||||
$height = absint( get_theme_support( 'custom-header', 'height' ) );
|
$height = absint( get_theme_support( 'custom-header', 'height' ) );
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|
||||||
<div class="customize-control-content">
|
<div class="customize-control-content">
|
||||||
<p class="customizer-section-intro">
|
<p class="customizer-section-intro">
|
||||||
<?php
|
<?php
|
||||||
|
@ -1180,11 +1183,13 @@ class WP_Customize_Header_Image_Control extends WP_Customize_Image_Control {
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="actions">
|
<div class="actions">
|
||||||
|
<?php if ( current_user_can( 'upload_files' ) ): ?>
|
||||||
<?php /* translators: Hide as in hide header image via the Customizer */ ?>
|
<?php /* translators: Hide as in hide header image via the Customizer */ ?>
|
||||||
<button type="button"<?php echo $visibility ?> class="button remove"><?php _ex( 'Hide image', 'custom header' ); ?></button>
|
<button type="button"<?php echo $visibility ?> class="button remove"><?php _ex( 'Hide image', 'custom header' ); ?></button>
|
||||||
<?php /* translators: New as in add new header image via the Customizer */ ?>
|
<?php /* translators: New as in add new header image via the Customizer */ ?>
|
||||||
<button type="button" class="button new"><?php _ex( 'Add new image', 'header image' ); ?></button>
|
<button type="button" class="button new"><?php _ex( 'Add new image', 'header image' ); ?></button>
|
||||||
<div style="clear:both"></div>
|
<div style="clear:both"></div>
|
||||||
|
<?php endif; ?>
|
||||||
</div>
|
</div>
|
||||||
<div class="choices">
|
<div class="choices">
|
||||||
<span class="customize-control-title header-previously-uploaded">
|
<span class="customize-control-title header-previously-uploaded">
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
*
|
*
|
||||||
* @global string $wp_version
|
* @global string $wp_version
|
||||||
*/
|
*/
|
||||||
$wp_version = '4.3-alpha-32912';
|
$wp_version = '4.3-alpha-32913';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||||
|
|
Loading…
Reference in New Issue