Andrew Nacin
0e620877fd
Use the wpdb method instead of $wpdb->prefix.
...
props hakre.
fixes #16756 .
Built from https://develop.svn.wordpress.org/trunk@25615
git-svn-id: http://core.svn.wordpress.org/trunk@25532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-24 23:41:10 +00:00
Scott Taylor
daa4b531e8
Fix several esoteric errors related to AJAX unit tests for comments:
...
* `wp_ajax_get_comments()` relies on the `$post_id` global - even though `$_POST['p']` is passed to every action in the test methods. If `$post_id` is still lingering in between tests and doesn't match `p` in the request, the cap check might pass while the queries for comments will blow up. I added `unset( $GLOBALS['post_id'] )` to `Tests_Ajax_GetComments::setUp()`.
* If the global `$post_id` is empty, but `$_REQUEST['p']` is not, `$post_id` is now set to `absint( $_REQUEST['p'] )` and sanity-checked in `wp_ajax_get_comments()`.
* `map_meta_cap()` always assumes that `get_comment()` succeeds when checking for the `edit_comment` cap. It doesn't. I added sanity checks in a few places where it will break early if `get_post()` or `get_comment()` are empty.
* `wp_update_comment()` always assumes `get_comment()` succeeds. It doesn't. I added a check for empty.
All AJAX unit tests run and pass in debug mode. All general unit tests pass against these changes.
Fixes #25282 .
Built from https://develop.svn.wordpress.org/trunk@25438
git-svn-id: http://core.svn.wordpress.org/trunk@25360 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-14 18:36:09 +00:00
Scott Taylor
cb70e277af
Add an additional available param (the `WP_User` instance) to the `user_has_cap` filter.
...
Props Viper007Bond.
Fixes #24490 .
Built from https://develop.svn.wordpress.org/trunk@25329
git-svn-id: http://core.svn.wordpress.org/trunk@25291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 22:23:10 +00:00
Andrew Nacin
cbad0048a4
Don't set up $post_author_data in map_meta_cap() as we don't need it.
...
props duck_.
fixes #25177 .
Built from https://develop.svn.wordpress.org/trunk@25177
git-svn-id: http://core.svn.wordpress.org/trunk@25150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-30 04:01:08 +00:00
Andrew Nacin
c2db94d10c
Use meta caps edit_post, read_post, and delete_post directly, rather than consulting the post type object. map_meta_cap() handles that for us. props markjaquith, kovshenin. fixes #23226 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-08 20:05:42 +00:00
Sergey Biryukov
81e2420c0a
Correct return value for get_role() and WP_Roles::get_role(). props tivnet. fixes #24607 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 13:01:55 +00:00
Ryan Boren
982694749b
In WP_User::get_data_by(), don't abs int negative IDs. Instead, return false when an ID less than 1 is passed.
...
Props nacin, mordauk
fixes #23480
git-svn-id: http://core.svn.wordpress.org/trunk@24316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-22 18:14:37 +00:00
Sergey Biryukov
362b41c33a
Pass old roles to set_user_role action. props awellis13. fixes #19134 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@23358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-31 01:15:25 +00:00
Ryan Boren
54ac1d939b
Make current_user_can_for_blog() safe to run single site.
...
Props nacin, MarkJaquith
fixes #22803
git-svn-id: http://core.svn.wordpress.org/trunk@23117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-07 09:53:27 +00:00
Andrew Nacin
61caecfa93
Use the create_posts post type cap in more places. Remove the janky create_posts meta cap. see #16714 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@22908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-28 22:28:20 +00:00
Ryan Boren
fac33f51fa
When using WP_User::set_role() to set the role, don't unset all caps when the requested role matches the current role.
...
Props scribu, jammitch
fixes #18932
git-svn-id: http://core.svn.wordpress.org/trunk@22418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 17:16:37 +00:00
Dion Hulse
f4976f40b3
Fix a PHP Notice when attempting to Add or remove capabilities from nonexistant roles. Props SergeyBiryukov. Fixes #18461
...
git-svn-id: http://core.svn.wordpress.org/trunk@22354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-31 23:18:33 +00:00
Ryan Boren
f9ddde8da6
Return WP_User objects when querying 'all' fields with WP_User_Query.
...
Allow passing stdClass or WP_User to the WP_User constructor.
fixes #22057
git-svn-id: http://core.svn.wordpress.org/trunk@22248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-16 20:05:40 +00:00
Ryan Boren
77518e9c71
Objects no longer need to be explicitly passed by ref to call_user_func*() to be callable. Props wonderboymusic. fixes #21865
...
git-svn-id: http://core.svn.wordpress.org/trunk@22118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-04 20:00:16 +00:00
Ryan Boren
f8f60ac01b
Introduce create_posts meta capability. Props scribu, nacin, casben79. see #16714
...
git-svn-id: http://core.svn.wordpress.org/trunk@22060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 15:33:19 +00:00
Ryan Boren
afe19c7437
Add publish_post meta cap. Props nacin. fixes #21288
...
git-svn-id: http://core.svn.wordpress.org/trunk@22056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 12:48:59 +00:00
Ryan Boren
ba84c90e1b
Allow remove_cap() to unset a negative capability. Props johnjamesjacoby. fixes #21786
...
git-svn-id: http://core.svn.wordpress.org/trunk@21940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-21 13:41:43 +00:00
Andrew Nacin
37537626e3
Don't use hard-coded indexes when dealing with an array of roles. props elyobo. fixes #19222 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-16 16:24:33 +00:00
Andrew Nacin
46eb6f0c26
Move the optimization done to get_user_by() in [21376] higher up the stack, into map_meta_cap() and is_super_admin().
...
This provides nearly the same benefits without possibly receiving a stale object from get_userdata(),
which could affect authentication, and introduce side effects for plugins.
see #21120 .
git-svn-id: http://core.svn.wordpress.org/trunk@21563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-20 21:58:34 +00:00
Andrew Nacin
84c3a86036
Hide the link manager from the UI on upgrade, if the site has no links. New DB option, link_manager_enabled.
...
Enforce this by denying the 'manage_links' capability, which hides the All Links, Add New Link, and Link Categories screens. Hide WP_Widget_Links and the UI for the default_link_category as well.
Convert all references to 'posts and links' when handling reassignment on user deletion to just 'posts'.
see #21307 .
git-svn-id: http://core.svn.wordpress.org/trunk@21501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-13 16:18:42 +00:00
Ryan Boren
cbd6a8becd
Allow passing stdClass and WP_User to wp_insert_user() and wp_update_user(). Introduce WP_User::to_array(). Eliminate uses of get_object_vars() when passing to wp_*_user(). fixes #21429
...
git-svn-id: http://core.svn.wordpress.org/trunk@21496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-10 15:36:54 +00:00
ryan
d286875515
switch_to_blog() and restore_current_blog() housekeeping.
...
wp-includes/admin-bar.php:
* Replace get_admin_url() and get_home_url() with admin_url() and home_url() and place them inside a switch/restore. Likewise replace current_user_can_for_blog() with current_user_can(). This avoids doing multiple switch restores.
wp-includes/ms-blogs.php:
* Deprecate the $validate argument to switch_to_blog(). This avoids a not very necessary call to get_blog_details(), possibly saving a few queries.
* Use $_wp_switched and $_wp_switched_stack instead of $switched and $switched_stack to make it less likely these globals will be stomped.
* Use GLOBALS to access blog_id and other globals. I've preferred this style lately since it makes it obvious a global is being used and avoids global blog_id being stomped by a local variable.
* Lose some is_object() checks. wp_get_current_user() always returns an object, for example.
* Call the new WP_Roles::reinit() method.
wp-includes/class-wp-xmlrpc-server.php:
* Replace current_user_can_for_blog() with current_user_can() and move it inside the switch/restore pair. This eliminates a switch/restore.
wp-includes/capabilities.php:
* Use array_keys() instead of $role => $data since $data is unused. I *think* this is a bit faster.
* Introduce WP_Roles::reinit(). This reinitializes WP_Roles and is used after switch_to_blog() has already update the blog ID in the wpdb object. If a global roles array is being used instead of the db, reinit is skipped.
* current_user_can_for_blog() now does a switch/restore. It didn't before meaning it could be reinitializing the user with the wrong role information for the current blog.
wp-includes/ms-settings.php:
* Define $_wp_switched_stack and $_wp_switched. This way switch_to_blog() and restore_current_blog() can rely on it being set.
wp-settings.php:
* Instantiate the WP_Roles global. This was it is always defined during init. To remove the WP_Roles checks from WP_Role and WP_User this would probably have to move before plugins are loaded, which might not be a good thing.
wp-includes/functions.php:
* Update wp_upload_dir() to reference _wp_switched.
git-svn-id: http://core.svn.wordpress.org/trunk@21485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-09 16:28:15 +00:00
nacin
7127ed1197
Move most instances of new WP_User to get_userdata(). see #21120 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-03 01:06:05 +00:00
nacin
fed9492cbc
Use get_userdata() rather than new WP_User in is_super_admin(), to take advantage of the performance improvements in [21376]. see #21120 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-31 17:47:08 +00:00
nacin
fcae3978c3
Don't call get_userdata() every time for the current user in map_meta_cap()'s read_post, edit_post, and delete_post branches. see #21120 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-31 17:39:14 +00:00
nacin
9d20dfc4e1
Enforce multisite plugins menu preference in map_meta_cap(). This means a simple current_user_can('activate_plugins') check will handle the 'Enable administration menus' setting.
...
Remove bogus checks for enabling/disabling the 'themes' menu (something core does not handle out of the box) when in the network admin.
fixes #21123 .
git-svn-id: http://core.svn.wordpress.org/trunk@21198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-30 12:40:25 +00:00
nacin
4add59f0c1
Remove 'fall through' points in map_meta_cap() as they can hide bugs.
...
git-svn-id: http://core.svn.wordpress.org/trunk@21152 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-27 19:27:54 +00:00
ryan
0a22489dc7
Fix warning when processing read_post cap. Props duck_. fixes #20917
...
git-svn-id: http://core.svn.wordpress.org/trunk@21060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-12 13:50:51 +00:00
ryan
d4311fb73e
Make read_post more useful. Map read_post to edit_post for posts with protected post states. This makes read_post work naturally for draft, future, and pending posts belonging to other users. If the current user cannot edit these non-public posts then the user should not be able to read them either.
...
git-svn-id: http://core.svn.wordpress.org/trunk@21046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-10 16:21:44 +00:00
nacin
bd1224eacf
Update phpdoc for WP_User::has_cap(). props nunomorgadinho. see #19756 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@20683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-02 14:17:04 +00:00
nacin
4fae1f64c2
Do not block file mod/edit caps when DISALLOW_UNFILTERED_HTML is set. There are separate constants (DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS for those). fixes #20488 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-19 14:05:05 +00:00
ryan
de41bc288b
Introduce WP_User::exists(). see #20372
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-06 19:18:45 +00:00
ryan
e3b46b25d3
Lose EOF ?>. Clean up EOF newlines. fixes #12307
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
ryan
340e93324c
Remove extraneous spaces. Props kenan3008, dimadin. fixes #19501 #19433
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-14 17:36:38 +00:00
ryan
07ff8b216b
Use one space, not two, after trailing punctuation. fixes #19537
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
duck_
27a55d6459
Provide back compat mapping for user_level, wp_usersettings and wp_usersettingstime properties of WP_User objects. Fixes #19265 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-17 20:40:24 +00:00
nacin
68c443e9ee
Remove dead code. empty() will catch anything that equals false.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-05 13:35:48 +00:00
ryan
c1e7325db6
Avoid 'Only variables should be assigned by reference' warning. Props arena. fixes #18867
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-12 20:41:06 +00:00
ryan
8f50fdf79a
Don't stomp meta fields in wp_update_user(). Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-07 02:34:41 +00:00
duck_
e4ed63fc6f
Fix typos in documentation (wp-includes/[a-h]). See #18560 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18633 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-03 16:02:41 +00:00
ryan
8edd1656f7
Handle null user ID in the WP_User constructor. Props kawauso. fixes #17894
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-24 19:47:35 +00:00
ryan
0f06334e11
Introduce metadata_exists(), WP_User::get_data_by(), WP_User::get(), WP_User::has_prop(). Don't fill user objects with meta. Eliminate data duplication in cache and memory. Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-24 19:32:59 +00:00
ryan
902cbda424
Handle id back compat in isset magic method. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-05 20:54:08 +00:00
ryan
ec4ccf2900
Deprecate get_userdatabylogin() and get_user_by_email(). Props scribu. fixes #18333
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-05 16:57:31 +00:00
ryan
f5a33890bb
Remove first_name and last_name properties. Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-05 16:45:11 +00:00
ryan
8611d30e5e
Handle deprecation of id in __set(). Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-04 15:42:38 +00:00
ryan
6c81d023bb
Add magic get/set/isset methods to WP_User to avoid data duplication. Standardize on WP_User::ID. Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-04 03:09:27 +00:00
ryan
1bea107db4
Remove return by ref from get_role(). Props scribu, elyobo. fixes #18237
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-07-28 17:12:18 +00:00
ryan
4ad0954961
Introduce register_meta(), get_metadata_by_mid(), and *_post_meta capabilities. fixes #17850
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-07-20 22:04:35 +00:00
markjaquith
cfcde41182
Check parent caps for revisions. props aaroncampbell. fixes #17668
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-08 18:06:43 +00:00
ryan
04487fc268
Constructor cleanup. Props ocean90. fixes #16768
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-29 20:05:12 +00:00
ryan
b60c345536
Remove PHP4 constructors. Props hakre. see #16768
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-05 17:25:08 +00:00
nacin
9845ee1fcd
I have CDO. see #15779 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-14 11:25:11 +00:00
nacin
cd51624aba
Ensure the map_meta_cap filter receives the right cap when the map_meta_cap flag is false. fixes #15779 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-14 11:22:32 +00:00
ryan
104c9ed3d8
Make sure create_users is strippped from blog admins for multisite setups where add_new_users is not enabled. see #15357
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-23 16:29:21 +00:00
nacin
e5f944a913
Don't check post_type_supports in map_meta_cap. see #14122 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-17 06:21:34 +00:00
nacin
795ab6d0f3
Cripple capability_type. Produced inconsistent, janky meta cap mapping; now only acts as a capability base. see #14122 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-10 14:50:14 +00:00
ryan
d24a3cfe04
Always allow super admins to have create_users. see #15357
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-09 21:45:06 +00:00
ryan
9a9d29019d
Introduce user_can(). Props simonwheatley. fixes #14602
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-05 17:04:46 +00:00
ryan
e1a7cc966f
Do not set role if it is the same. Props nickmomrik. fixes #14708
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15919 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-22 19:38:20 +00:00
nacin
c46c3c4637
Only check the post author if the post type supports authors. see #14122 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-21 14:55:15 +00:00
nacin
d27f272247
Rough first pass on map_meta_cap for custom post types. see #14122 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-21 14:40:04 +00:00
nacin
21f2b80f97
Use map_meta_cap for multisite super admins in current_user_can_for_blog. props jamescollins, see #15122 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-15 06:47:40 +00:00
ryan
9c31fd7c70
First pass of user admin. Network admin and screen cleanups. see #14696
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-07 19:34:18 +00:00
nacin
669b7b3e87
Provide an example for add_role() capabilities argument. props simonwheatley, fixes #14918 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-09-21 14:52:03 +00:00
nacin
ca725961c5
More efficient is_super_admin(). Don't call new WP_User on the current user. props mdawaffe, fixes #14842 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-09-10 23:24:34 +00:00
scribu
449d62100e
Introduce 'edit_comment' meta cap. Fixes #14520
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-09-07 23:35:28 +00:00
scribu
11ff3a7ce9
call get_users() from get_users_of_blog()
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-09-05 14:35:55 +00:00
nacin
713b3c1b82
Fix the delete_user meta cap.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-09-04 12:24:43 +00:00
nacin
2f90a8c63c
Ensure we're checking when looking for is_super_admin() in map_meta_cap(). Bump DB version.
...
fixes #14454 for trunk.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-07-29 21:58:58 +00:00
nacin
113a26770f
Fix checking for whether WP_User object is actually a user. props filosofo, fixes #13903 for trunk.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-07-13 21:27:05 +00:00
dd32
a14d289755
Alot more tabs. Props jacobsantos & Viper007bond. See #14147
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-30 00:05:18 +00:00
ryan
6582f99bf2
Pass ID to is_super_admin(). Props bigdawggi. fixes #14066 for 3.1
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-24 14:49:23 +00:00
nacin
1d16e3de6e
Fix phpdoc typo. props demetris, fixes #13781 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15165 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-08 07:44:50 +00:00
ryan
bf354522bd
Use import cap. Add old edit_files cap to list of caps to shutdown if DISALLOW_FILE_EDIT. see #13681
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-01 18:08:27 +00:00
nacin
f9783ba838
Some sanity checks -- make sure we have a valid post author user object before checking if the current user is the author.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14782 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-21 15:15:32 +00:00
nacin
7734a07cb2
Move post type object capabilities to a 'cap' object. Allow them to be initialized via the 'capabilities' key (an array) when registering support for the post type. Caps are now referred to by the name of the cap as if it was a post, i.e. ->cap->edit_post. see #13358 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-12 20:45:18 +00:00
ryan
7b7243d94a
Strip trailing whites.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-03 20:26:11 +00:00
nacin
d5f61d9db3
Explicitly set the capability required in edit_users map_meta_cap branch, so we don't accidentally pass edit_user. props TheDeadMedic. fixes #13074 , fixes #13137
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14256 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-27 20:39:39 +00:00
ryan
ffd9a036cd
Introduce DISALLOW_UNFILTERED_HTML
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-26 21:42:42 +00:00
ryan
bc0947b075
Introduce get_super_admins(). Allow hard-coding a global super_admins array and bypassing site options. fixes #12815
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-23 20:34:03 +00:00
josephscott
e26aed0ac4
New 'list_users' cap to provide more controls over listing users vs. editing
...
users.
Apply this new cap to the 'Authors & Users' menu item and 'Users' page in
wp-admin.
Bump db version to 14139 to pick up the new cap.
See #13074
git-svn-id: http://svn.automattic.com/wordpress/trunk@14189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-22 19:48:13 +00:00
ryan
fda80bc7f6
Separate user deletion and removal. Add promote_users cap so that multisite Admins (not supes) can promote. see #13074
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14176 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-21 17:43:53 +00:00
ryan
c4a677dea9
Introduce DISALLOW_FILE_MOD for disabling all ops that modify core, theme, or plugins files. see #13000
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14088 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-14 17:22:11 +00:00
nacin
c5c47b4b20
Make remove_user a meta capability. see #12793
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-03 05:14:34 +00:00
wpmuguru
fbf3ee6abc
delete user cap in remove_all_caps(), props ocean90, see #12711
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-29 20:35:06 +00:00
nacin
a7feaed0e6
Change @since 3.0 to @since 3.0.0.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13827 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-26 19:13:36 +00:00
dd32
68445ab030
Use correct cap checks and nonces for custom post_type's
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13786 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-21 02:29:11 +00:00
dd32
6ff82f54e7
Fix WP_User::remove_role(). See #10285
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-21 01:36:54 +00:00
markjaquith
58d47426cc
More pedantry. "Setup" is not a verb. http://notaverb.com/setup
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-17 04:39:50 +00:00
nacin
52979cc4d5
Fix assignment in WP_User::for_blog(). props prettyboymp, fixes #12587
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-11 18:24:37 +00:00
dd32
65b22dcf9c
Strip delete_themes from Multisite non-super-admins. Props Denis-de-Bernardy. Fixes #11802
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-02 11:42:15 +00:00
nacin
8bcc5969dc
Spelling and grammar fun. Fixes #11875 props cnorris23
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-24 20:13:23 +00:00
nacin
2ce7dc4dac
Don't use deprecated *_usermeta() functions. Props technosailor fixes #10837
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-22 21:25:32 +00:00
wpmuguru
be4fb62b25
use map_meta_cap for multisite superadmins, props dd32, fixes #12109
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13270 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-21 00:19:05 +00:00
ryan
6aabfcb1a8
Introduce DISALLOW_FILE_EDIT flag for enabling/disabling the theem and plugin editors. Props nacin. see #11306
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13034 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-09 00:07:52 +00:00
ryan
92bf8d124c
Introduce WP_User::for_blog() and current_user_can_for_blog() to avoid calls to WP_User::_init_caps(). fixes #11781
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-22 17:27:28 +00:00
ryan
c679e65c9c
Add email and login dupe checking down into wp_insert_user(). Tidy up user-new.php. see #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12778 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-20 21:58:13 +00:00
ryan
aac0a1230a
Use API to set the user's role. see #11781
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12770 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-19 20:12:04 +00:00
ryan
f7d7bc2dd0
Use cap checks instead of multisite and super admin checks. Add some new caps. Merge cleanup. see #11644 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-18 22:21:36 +00:00
ryan
6da55f7792
Trailing whitespace cleanup
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-15 22:11:12 +00:00
ryan
b4447f9f9c
Mainstream things that don't need to be multisite only. Formatting cleanups. see #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-11 22:23:58 +00:00
wpmuguru
7b64248bc8
merge in multisite login, wp-includes, See #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-11 21:49:40 +00:00
ryan
8c875db5b4
Assume current user of user ID is not passed. Props filosofo. fixes #11808
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12650 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-07 19:45:57 +00:00
ryan
43bfa1a300
Remove certain caps for non super admins when running multisite. see #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-07 04:05:53 +00:00
ryan
68073badbc
Return true for all admin user is multisite is not enabled. see #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-06 23:39:40 +00:00
ryan
5ba4a05d29
Introduce is_super_admin(). see #11644 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-06 23:27:22 +00:00
ryan
da89de4958
More custom post type support. Props scribu. see #9674
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-04 16:58:43 +00:00
westi
bb827e82c6
Mark user levels as Deprecated. Fixes #10805 props nacin.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-30 16:51:32 +00:00
westi
acd41194ff
Ensure we don't destory the $wp_roles->role_objects property when assigning a second role to a WP_User object. Fixes #9128 props dd32.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-22 11:42:46 +00:00
westi
8c791aaf60
Check the correct global in get_page and also ensure that the cap check for deleting pages copes for the default page we edit when adding new. Fixes #11203 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-07 18:01:02 +00:00
westi
5a9f4aabd5
Better documentation on the format of the capabilities when adding a role. Fixes #11106 props simonwheatley.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-11-09 22:15:50 +00:00
westi
5f9ac8a5fd
Ensure we always have author info to check capabilities with. Fixes notice on Add new post page.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-18 12:06:39 +00:00
markjaquith
0a665944e8
Add set_user_role action hook. props jamescollins, usermrpapa. fixes #10716
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-14 02:30:51 +00:00
ryan
18f11f1fbc
Use oEmbed for youtube. Props Viper007Bond. see #10337
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-13 22:36:24 +00:00
ryan
410fcc2e42
Embeds. Props Viper007Bond. see #10337
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-13 17:04:22 +00:00
ryan
aa1e377ede
Filter fields through kses upon display. Introduce sanitize_user_object() and sanitize_user_field(). see #10751
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-14 13:57:48 +00:00
ryan
ba57ce7aba
Add missing break. Props snakefoot. fixes #10692
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-11 13:42:15 +00:00
ryan
40ac59ef2b
Disallow unfiltered uploads for admins by default. fixes #10692
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-28 00:17:53 +00:00
westi
e8b550fd33
Move the storage of the metadata for trashed posts into the post meta table rather than storing it in an option. See #4529 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-25 22:05:15 +00:00
azaozz
8d4223adb3
Don't let contributors to re-publish their trashed posts, props caesarsgrunt, see #4529
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-24 20:48:31 +00:00
azaozz
be026258fa
"Trash" updates, props caesarsgrunt, see #4529
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-19 08:35:24 +00:00
ryan
b692a1f322
Cast to array to fix warning. Props johnkolbert, Denis-de-Bernardy. fixes #9128
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-20 20:03:20 +00:00
westi
8f58c6908e
Let a plugin filter the expanded capabilities returned by map_meta_cap. Fixes #9462 props rmccue.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-05 17:23:04 +00:00
ryan
07f625bc03
Explicitly return ref for the sake of PHP4. Fixes user_level being empty when installing on PHP4. Props Mr Pete. fixes #8317 for trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-12-12 20:47:18 +00:00
ryan
e89192b1a8
Strip trailing whitespace
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-12-09 18:03:31 +00:00
ryan
525e7a17b9
phpdoc for capabilities.php. Props jacobsantos. fixes #5632
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@8904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-16 21:51:36 +00:00
ryan
113c014920
Notice fixes. Props DD32. see #7509
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@8646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-14 17:00:37 +00:00
markjaquith
d40ac02f98
Whitespacing/coding standards cleanup for capabilities.php
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@8573 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-06 20:50:30 +00:00
markjaquith
74c46749cb
Cast to array when using foreach(). Props santosj (and thanks for your perseverance!). fixes #2784
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@8572 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-06 20:31:54 +00:00
ryan
4e74faa972
Default cap arg should be an empty array. Props tellyworth. fixes #5520
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@7701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-04-16 21:56:03 +00:00
ryan
ece19d2bfb
Merge user-edit.php and profile.php. Props nbachiyski. fixes #5736
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-01-31 21:44:17 +00:00
ryan
028a159440
Remove unused vars. Props DD32. see #5418
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-12-06 19:49:33 +00:00
ryan
13b23aa20a
Space before slash to properly close br tag. Props tmountjr. fixes #4717
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@5870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-08-14 03:12:24 +00:00
ryan
a438f8a92a
Better draft, private, and future post/page management from mdawaffe. fixes #3945
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@5575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-05-28 18:34:06 +00:00
ryan
effc238853
Fix typo in read_pages conditional. Props McShelby. fixes #3705
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@4825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-01-28 21:58:01 +00:00
ryan
84bef56f9d
ID instead of id. Props Nazgul. fixes #3152
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@4505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-11-20 05:01:57 +00:00
ryan
9a8391315a
ID instead of id. Props Nazgul. fixes #3152
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@4504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-11-20 04:29:06 +00:00
ryan
9f534ebae6
Remove trailing spaces and convert spaces to tabs. Props Nazgul. fixes #986
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@4495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-11-19 07:56:05 +00:00
ryan
3e076ba536
Page cap fixes from activeingredient. fixes #3096
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@4158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-09-02 17:15:18 +00:00
ryan
182bc141e2
Allow use of global roles array instead of options db. Useful for multi-blog setups.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@4113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-08-24 23:23:36 +00:00
ryan
8310e71be6
Better handling of users with no role. Props Mark Jaquith. #2809
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-06-10 20:26:26 +00:00
ryan
dac809b5a4
Add more fine grained user management caps. Part 1. #2775
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-06-05 16:52:21 +00:00
ryan
2f68889eb6
Remove private posts from front page query. Aadd private posts and page caps. fixes #2613
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-05-11 23:13:35 +00:00
ryan
b1af79fb05
Add wp_revoke_user() and WP_User::remove_all_caps() to help those doing multi blog stuff.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-04-13 04:49:38 +00:00
ryan
9046cdf77b
Move DB prefix dependent code to separate init routines that can be called independently when the prefix changes. These methods are for internal use only.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3668 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-03-30 23:35:42 +00:00
ryan
eaea1c6e70
prefix not table_prefix. Props Kafkaesqui. fixes #2528
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-03-03 20:36:40 +00:00
ryan
df35b1041b
Use table prefix from wpdb. Props Mark J. #2524
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-03-03 17:19:05 +00:00
ryan
ca92bb4311
Move deprecated functions to deprecated.php. #2520
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-03-02 03:27:48 +00:00
ryan
5322fc2faa
current user cleanup
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-02-22 19:08:55 +00:00