Drew Jaynes
9daf7a88a3
Docs: Add a note to the DocBlock for `current_user_can()` to explain that it will always return true for super admins, unless specifically denied.
...
Props finnj.
Fixes #35551 .
Built from https://develop.svn.wordpress.org/trunk@36492
git-svn-id: http://core.svn.wordpress.org/trunk@36459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-07 01:27:26 +00:00
Eric Lewis
22467e840f
Networks and sites: Replace "blog" usage with "site" in docs.
...
Multisite functions use the term "blog" to refer to what we now call a "site," e.g. `get_current_blog_id()`. These functions are here to stay because of our commitment to backwards compatibility. What we can do is set the documentation straight.
See #35417 .
Built from https://develop.svn.wordpress.org/trunk@36416
git-svn-id: http://core.svn.wordpress.org/trunk@36383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-28 03:35:27 +00:00
Pascal Birchler
68f12521c8
Post Types: Introduce `unregister_post_type()`.
...
This new function can be used to completely unregister non built-in post types.
Fixes #14761 .
Built from https://develop.svn.wordpress.org/trunk@36316
git-svn-id: http://core.svn.wordpress.org/trunk@36283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 12:20:27 +00:00
John Blackbourn
6f37afb6ec
When a post is scheduled for publication, treat it the same as a published post when calculating the capabilities required to edit or delete it.
...
Fixes #33694
Built from https://develop.svn.wordpress.org/trunk@35747
git-svn-id: http://core.svn.wordpress.org/trunk@35711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-29 02:27:18 +00:00
Andrew Nacin
1579e45d41
Simplify the include graph after work to split out classes.
...
see #33413 . More details there.
Built from https://develop.svn.wordpress.org/trunk@35718
git-svn-id: http://core.svn.wordpress.org/trunk@35682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 07:24:30 +00:00
Drew Jaynes
4ddb22bd09
Docs: The Users subpackage is plural.
...
See #33701 .
Built from https://develop.svn.wordpress.org/trunk@34412
git-svn-id: http://core.svn.wordpress.org/trunk@34376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 13:46:25 +00:00
Drew Jaynes
b0749a1a06
Docs: Clarify the file header summary for wp-includes/capabilities.php, which was broken up into multiple files in [33752].
...
Also adds inline DocBlocks for files now brought in via `require_once()` from this file.
See #33413 . See #33701 .
Built from https://develop.svn.wordpress.org/trunk@34398
git-svn-id: http://core.svn.wordpress.org/trunk@34362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 13:06:25 +00:00
Scott Taylor
df1c0c2363
Roles: move classes into their own file. `capbilities.php` loads the new files, so this is 100% BC if someone is loading `capbilities.php` directly. New files created using `svn cp`.
...
Creates:
`class-wp-roles.php`
`class-wp-role.php`
`class-wp-user.php`
`capbilities-functions.php`
`capbilities.php` contains only top-level code. Class files only contains classes. Functions file only contains functions.
See #33413 .
Built from https://develop.svn.wordpress.org/trunk@33752
git-svn-id: http://core.svn.wordpress.org/trunk@33720 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-26 04:58:21 +00:00
Dominik Schilling
f74a907eac
Capabilities: Fall back to the `edit_posts` capability for orphaned comments.
...
Also avoid PHP notices because of orphaned comments in the comments list table.
Includes unit test.
props pento, dd32.
fixes #33154 .
Built from https://develop.svn.wordpress.org/trunk@33614
git-svn-id: http://core.svn.wordpress.org/trunk@33581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-13 22:31:24 +00:00
Gary Pendergast
fe5a844be5
Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so.
...
Built from https://develop.svn.wordpress.org/trunk@33357
git-svn-id: http://core.svn.wordpress.org/trunk@33329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-22 04:02:25 +00:00
Drew Jaynes
665c3936d4
Fix summaries for for `WP_User->__call()` and `wp_roles()`, both added in 4.3.
...
See [32731], [32548]. See #32891 .
Built from https://develop.svn.wordpress.org/trunk@33214
git-svn-id: http://core.svn.wordpress.org/trunk@33186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 20:01:25 +00:00
John Blackbourn
4ad1dc2a1b
Ensure the `create_users` capability check checks the super admin status of the user in question, rather than the current user.
...
Built from https://develop.svn.wordpress.org/trunk@32811
git-svn-id: http://core.svn.wordpress.org/trunk@32782 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-17 00:03:27 +00:00
Andrew Nacin
748b3763cb
Add add_user_role and remove_user_role actions for WP_User::add_role() and remove_role().
...
props shooper.
fixes #32060 .
Built from https://develop.svn.wordpress.org/trunk@32771
git-svn-id: http://core.svn.wordpress.org/trunk@32742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-14 19:26:25 +00:00
Scott Taylor
3b1e434c3b
Add the proper access modifier to `_init_caps()` in `WP_User`. Add `__call()` for BC.
...
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32731
git-svn-id: http://core.svn.wordpress.org/trunk@32702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-12 17:26:25 +00:00
Scott Taylor
19a3aacc94
Add `@static*` annotations where they are missing.
...
Initialize all static vars that are not, most to `null`.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32650
git-svn-id: http://core.svn.wordpress.org/trunk@32620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 15:43:29 +00:00
Scott Taylor
bd8fafea54
Use `void` instead of `null` where appropriate when pipe-delimiting `@return` types. If a `@return` only contains `void`, remove it.
...
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32568
git-svn-id: http://core.svn.wordpress.org/trunk@32538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-24 05:40:25 +00:00
Drew Jaynes
e90a327694
Add a missing `@since` version to a function introduced in [32541].
...
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32548
git-svn-id: http://core.svn.wordpress.org/trunk@32518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-22 17:38:25 +00:00
Scott Taylor
1b52916239
Create a function, `wp_roles()`, to DRY the inline instantiation of the `$wp_roles` global.
...
Add missing doc blocks for `capabilities.php`.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32541
git-svn-id: http://core.svn.wordpress.org/trunk@32511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-22 04:47:24 +00:00
Scott Taylor
e724ed2b04
In `capabilities.php`, clarify/add some `return` docs.
...
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32530
git-svn-id: http://core.svn.wordpress.org/trunk@32500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-21 20:47:26 +00:00
Gary Pendergast
2bb5d8529f
In Multisite, prevent plugins from unintentionally switching sites.
...
Props mdawaffe.
Built from https://develop.svn.wordpress.org/trunk@32173
git-svn-id: http://core.svn.wordpress.org/trunk@32148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 07:27:27 +00:00
Jeremy Felt
b5b5c98e0a
Introduce delete_site meta capability.
...
Map `delete_site` as a meta capability to `manage_options` so that the ability to delete sites can be more granularly managed for individual site administrators on a multisite network.
Props thomaswm.
Fixes #30470 .
Built from https://develop.svn.wordpress.org/trunk@31673
git-svn-id: http://core.svn.wordpress.org/trunk@31654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-08 02:10:30 +00:00
Scott Taylor
4ce271ea86
Cleanup the `@property` annotations for `WP_User`.
...
See #30799 .
Built from https://develop.svn.wordpress.org/trunk@31555
git-svn-id: http://core.svn.wordpress.org/trunk@31536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-26 05:54:24 +00:00
Scott Taylor
cde4c83091
[31210] broke Supportflow on dotorg, which declares these methods as `protected`. Switch to `protected` for the noop methods. The subclasses can make them more visible using `public`.
...
See #30799 .
Built from https://develop.svn.wordpress.org/trunk@31211
git-svn-id: http://core.svn.wordpress.org/trunk@31192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 18:37:24 +00:00
Scott Taylor
6f8e01adf2
In `WP_User`, `->get_role_caps()` and `->update_user_level_from_caps()` must be called inside `->add_cap()` and `->remove_cap()` after updating user meta. `->has_cap()` checks are currently failing directly after calling `->add_cap()`.
...
Adds unit test.
Props rachelbaker.
Fixes #28374 .
Built from https://develop.svn.wordpress.org/trunk@31190
git-svn-id: http://core.svn.wordpress.org/trunk@31171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 01:49:25 +00:00
Scott Taylor
fe6b5983df
In PHP 5.0.0, `is_a()` became deprecated in favour of the `instanceof` operator. Calling `is_a()` would result in an `E_STRICT` warning.
...
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.
To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.
`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.
Props markoheijnen, wonderboymusic.
Fixes #25672 .
Built from https://develop.svn.wordpress.org/trunk@31188
git-svn-id: http://core.svn.wordpress.org/trunk@31169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 01:06:24 +00:00
Scott Taylor
a4092e90f0
In `WP_Roles`, only allow `__call()` to run against `->_init()`.
...
See #30891 .
Built from https://develop.svn.wordpress.org/trunk@31147
git-svn-id: http://core.svn.wordpress.org/trunk@31128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 22:23:23 +00:00
Scott Taylor
5547115dc2
Fix some `@param` docs that have chars too close them.
...
Add `@property` annotations to `WP_User` and `WP_Post`.
Remove erroneous `@param`s from image editor class methods.
Officially add the property `$_column_headers` to `WP_List_Table`.
See #30799 .
Built from https://develop.svn.wordpress.org/trunk@31127
git-svn-id: http://core.svn.wordpress.org/trunk@31108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 06:57:22 +00:00
Scott Taylor
e029005847
Access Modifiers:
...
* In `WP_Plugin_Install_List_Table`, use `public` instead of `var`
* In `WP_User`, `->data` is accessed directly on an instance if the constructor receives it: make it `public`
* In `WP_Locale`, every property is exported to a global and is already `public` via `var`, half of the properties are accessed directly already, make them all `public`
* In `WP_Rewrite`, several properties are accessed publicly in functions via the `$wp_rewrite` global, make those props `public`.
* In `WP_Rewrite`, the property `->comment_feed_structure` was misspelled as `->comments_feed_structure`
See #30799 .
Built from https://develop.svn.wordpress.org/trunk@31078
git-svn-id: http://core.svn.wordpress.org/trunk@31059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 05:44:23 +00:00
Dion Hulse
c975c8eeb0
Preinitialize WP_User::$data to an object in the event an empty user object is created. Avoids a "Creating default object from empty value" PHP Warning.
...
Fixes #28019
Built from https://develop.svn.wordpress.org/trunk@31049
git-svn-id: http://core.svn.wordpress.org/trunk@31030 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-05 01:41:23 +00:00
Scott Taylor
586c1ac7bc
Fix docs for `WP_User::allcaps`:
...
The `allcaps` property of the `WP_User` class represents all of the caps of the user, not the caps of the user's role. Introduced in [26126].
Props dlh.
Fixes #30852 .
Built from https://develop.svn.wordpress.org/trunk@31013
git-svn-id: http://core.svn.wordpress.org/trunk@30994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-31 18:15:23 +00:00
Scott Taylor
42f5acd869
Improve some docs for `@param`. Remove an unneeded `$wpdb` global import.
...
See #30799 .
Built from https://develop.svn.wordpress.org/trunk@30979
git-svn-id: http://core.svn.wordpress.org/trunk@30965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-20 20:56:22 +00:00
Scott Taylor
e619abda6e
Improve various `@param` docs for `src/wp-includes/*`.
...
See #30224 .
Built from https://develop.svn.wordpress.org/trunk@30681
git-svn-id: http://core.svn.wordpress.org/trunk@30671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-01 01:34:24 +00:00
Drew Jaynes
bffe95d34c
Docs Formatting: Backtick-escape inline code for all remaining dynamic hook docs in wp-includes/*.
...
Affects DocBlocks for the following hooks:
* `auth_post_meta_{$meta_key}`
* `term_links-$taxonomy`
* `customize_render_control_ . $this->id`
* `customize_render_panel_{$this->id}`
* `customize_render_section_{$this->id}`
* `customize_preview_{$this->id}`
* `customize_save_ . $this->id_data[ 'base' ]`
* `customize_update_ . $this->type`
* `customize_value_ . $this->id_data[ 'base' ]`
* `customize_sanitize_js_{$this->id}`
* `comment_form_field_{$name}`
* `comment_{$old_status}_to_{$new_status}`
* `comment_{$new_status}_{$comment->comment_type}`
* `extra_{$context}_headers`
* `get_template_part_{$slug}`
* `get_the_generator_{$type}`
* `get_{$adjacent}_post_join`
* `get_{$adjacent}_post_where`
* `get_{$adjacent}_post_sort`
* `{$adjacent}_post_rel_link`
* `{$adjacent}_post_link`
* `{$adjacent}_image_link`
* `blog_option_{$option}`
* `$permastructname . _rewrite_rules`
* `{$type}_template`
* `theme_mod_{$name}`
* `pre_set_theme_mod_$name`
* `current_theme_supports-{$feature}`
* `get_user_option_{$option}`
* `edit_user_{$field}`
* `pre_user_{$field}`
* `user_{$field}`
See #30552 .
Built from https://develop.svn.wordpress.org/trunk@30656
git-svn-id: http://core.svn.wordpress.org/trunk@30646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 12:10:23 +00:00
Drew Jaynes
8f6188ae53
Ensure inline code is markdown-escaped as such, and that code snippets in descriptions are properly indented.
...
Affects DocBlocks for the following core elements:
* Two arguments in `_walk_bookmarks()`
* A code snippet in the class header for `WP_Roles`
* A code snippet in the class header for `WP_HTTP_Proxy`
* Inline code fixes in the summary and a parameter description for `WP_oEmbed::discover()`
* An argument description in `_WP_Editors::parse_settings()`
* Inline code fixes in the summary and a parameter description the `embed_oembed_discover` hook.
Props rarst.
See #30473 .
Built from https://develop.svn.wordpress.org/trunk@30536
git-svn-id: http://core.svn.wordpress.org/trunk@30525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-24 04:42:22 +00:00
Drew Jaynes
66c47f29bb
Correct references of `@uses $wpdb` in core documentation to use `@global`.
...
See #30191 , [30105].
Fixes #30217 .
Built from https://develop.svn.wordpress.org/trunk@30122
git-svn-id: http://core.svn.wordpress.org/trunk@30122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-31 17:56:22 +00:00
Andrew Nacin
ac3dd27737
Plugin/Theme Uploads: New capabilities; unify UIs; ensure compatibility with old filters.
...
Introduce upload_plugins and upload_themes capabilities to allow blocking of plugin and theme uploads, versus the old hacky (and not secure) ways of just hiding UI tabs. These are simply meta capabilities that map to install_plugins and install_themes.
Also:
* Use the same nice design for the plugin upload screen as the theme upload screen.
* Better compatibility for the old install_themes_tabs filter added in [29002]. see #28578 .
* Ensure using the install_plugins_tabs filter to remove the upload tab removes the new button.
* Use 'Add Plugins' instead of 'Install Plugins' to match 'Add Themes'.
fixes #29236 .
Built from https://develop.svn.wordpress.org/trunk@29634
git-svn-id: http://core.svn.wordpress.org/trunk@29408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-27 01:32:18 +00:00
Dominik Schilling
57c914f75a
Customizer: Add meta capability `customize` which is mapped to `edit_theme_options`.
...
You can now allow users to access the Customizer, say for any user who can `edit_posts`, via `map_meta_cap` or `user_has_cap` filter. See ticket for examples.
props westonruter, nacin.
fixes #28605 .
Built from https://develop.svn.wordpress.org/trunk@29170
git-svn-id: http://core.svn.wordpress.org/trunk@28954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-14 19:01:16 +00:00
Drew Jaynes
52a8488a96
Fill out inline documentation for the `__call()` magic method added to the `WP_Roles` class in [28503].
...
See #22234 and #28885 .
Built from https://develop.svn.wordpress.org/trunk@29153
git-svn-id: http://core.svn.wordpress.org/trunk@28937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-14 00:12:14 +00:00
Scott Taylor
b8d469600b
These functions import `$wpdb` but do not use it.
...
See #27882 .
Built from https://develop.svn.wordpress.org/trunk@28539
git-svn-id: http://core.svn.wordpress.org/trunk@28365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-22 17:37:14 +00:00
Scott Taylor
7de0b2b2c8
Upgrade `_WP_List_Table_Compat` to PHP5-style constructor.
...
Add `public` to methods/members of `WP_Role`.
Add `public` to methods/members of `WP_User` where appropriate. Don't set `private` where indicated until more study has occurred and tests have been written for compatibiliy with existing magic methods.
See #27881 , #22234 .
Built from https://develop.svn.wordpress.org/trunk@28531
git-svn-id: http://core.svn.wordpress.org/trunk@28357 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-19 17:20:17 +00:00
Scott Taylor
f172ef8ce2
Add access modifiers to methods/members in `WP_Roles`. Add a magic `__call()` method for BC.
...
See #27881 , #22234 .
Built from https://develop.svn.wordpress.org/trunk@28503
git-svn-id: http://core.svn.wordpress.org/trunk@28329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-19 05:20:14 +00:00
Andrew Nacin
c67c9565f1
Don't default to current user for capability checks when dealing with a post without an author (post_author = 0).
...
Undoes [12053]. While it risks breakage, this is a far safer and saner default for these situations.
props danielbachhuber.
fixes #27020 .
Built from https://develop.svn.wordpress.org/trunk@27390
git-svn-id: http://core.svn.wordpress.org/trunk@27238 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-04 03:09:15 +00:00
Sergey Biryukov
1c8b834b0c
Inline documentation for hooks in wp-includes/capabilities.php.
...
props ptahdunbar, kpdesign.
fixes #25531 .
Built from https://develop.svn.wordpress.org/trunk@26126
git-svn-id: http://core.svn.wordpress.org/trunk@26038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 04:39:08 +00:00
Sergey Biryukov
8d659b278c
Fix docblock formatting. fixes #25893 .
...
Built from https://develop.svn.wordpress.org/trunk@26081
git-svn-id: http://core.svn.wordpress.org/trunk@26001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-11 13:32:10 +00:00
Andrew Nacin
d93d8b850d
Reverse the order of roles in wp_dropdown_roles(). Reset to 'subscriber' when the default role is removed and when a save is invalid.
...
props garyc40, wonderboymusic.
fixes #14578 .
Built from https://develop.svn.wordpress.org/trunk@25695
git-svn-id: http://core.svn.wordpress.org/trunk@25610 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-06 10:56:09 +00:00
Scott Taylor
80bac8fe09
`WP_User::get_role_caps()` now returns the caps it was already setting. The method was previously just setting `$allprops` and requiring that property to be read.
...
Props nofearinc.
Fixes #24962 .
Built from https://develop.svn.wordpress.org/trunk@25673
git-svn-id: http://core.svn.wordpress.org/trunk@25589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-02 21:36:09 +00:00
Sergey Biryukov
8bda461ca9
Remove inaccurate @return value from remove_role(). props tivnet. fixes #25450 .
...
Built from https://develop.svn.wordpress.org/trunk@25653
git-svn-id: http://core.svn.wordpress.org/trunk@25570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-01 02:53:11 +00:00
Andrew Nacin
0e620877fd
Use the wpdb method instead of $wpdb->prefix.
...
props hakre.
fixes #16756 .
Built from https://develop.svn.wordpress.org/trunk@25615
git-svn-id: http://core.svn.wordpress.org/trunk@25532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-24 23:41:10 +00:00
Scott Taylor
daa4b531e8
Fix several esoteric errors related to AJAX unit tests for comments:
...
* `wp_ajax_get_comments()` relies on the `$post_id` global - even though `$_POST['p']` is passed to every action in the test methods. If `$post_id` is still lingering in between tests and doesn't match `p` in the request, the cap check might pass while the queries for comments will blow up. I added `unset( $GLOBALS['post_id'] )` to `Tests_Ajax_GetComments::setUp()`.
* If the global `$post_id` is empty, but `$_REQUEST['p']` is not, `$post_id` is now set to `absint( $_REQUEST['p'] )` and sanity-checked in `wp_ajax_get_comments()`.
* `map_meta_cap()` always assumes that `get_comment()` succeeds when checking for the `edit_comment` cap. It doesn't. I added sanity checks in a few places where it will break early if `get_post()` or `get_comment()` are empty.
* `wp_update_comment()` always assumes `get_comment()` succeeds. It doesn't. I added a check for empty.
All AJAX unit tests run and pass in debug mode. All general unit tests pass against these changes.
Fixes #25282 .
Built from https://develop.svn.wordpress.org/trunk@25438
git-svn-id: http://core.svn.wordpress.org/trunk@25360 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-14 18:36:09 +00:00
Scott Taylor
cb70e277af
Add an additional available param (the `WP_User` instance) to the `user_has_cap` filter.
...
Props Viper007Bond.
Fixes #24490 .
Built from https://develop.svn.wordpress.org/trunk@25329
git-svn-id: http://core.svn.wordpress.org/trunk@25291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 22:23:10 +00:00
Andrew Nacin
cbad0048a4
Don't set up $post_author_data in map_meta_cap() as we don't need it.
...
props duck_.
fixes #25177 .
Built from https://develop.svn.wordpress.org/trunk@25177
git-svn-id: http://core.svn.wordpress.org/trunk@25150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-30 04:01:08 +00:00
Andrew Nacin
c2db94d10c
Use meta caps edit_post, read_post, and delete_post directly, rather than consulting the post type object. map_meta_cap() handles that for us. props markjaquith, kovshenin. fixes #23226 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-08 20:05:42 +00:00
Sergey Biryukov
81e2420c0a
Correct return value for get_role() and WP_Roles::get_role(). props tivnet. fixes #24607 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 13:01:55 +00:00
Ryan Boren
982694749b
In WP_User::get_data_by(), don't abs int negative IDs. Instead, return false when an ID less than 1 is passed.
...
Props nacin, mordauk
fixes #23480
git-svn-id: http://core.svn.wordpress.org/trunk@24316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-22 18:14:37 +00:00
Sergey Biryukov
362b41c33a
Pass old roles to set_user_role action. props awellis13. fixes #19134 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@23358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-31 01:15:25 +00:00
Ryan Boren
54ac1d939b
Make current_user_can_for_blog() safe to run single site.
...
Props nacin, MarkJaquith
fixes #22803
git-svn-id: http://core.svn.wordpress.org/trunk@23117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-07 09:53:27 +00:00
Andrew Nacin
61caecfa93
Use the create_posts post type cap in more places. Remove the janky create_posts meta cap. see #16714 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@22908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-28 22:28:20 +00:00
Ryan Boren
fac33f51fa
When using WP_User::set_role() to set the role, don't unset all caps when the requested role matches the current role.
...
Props scribu, jammitch
fixes #18932
git-svn-id: http://core.svn.wordpress.org/trunk@22418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 17:16:37 +00:00
Dion Hulse
f4976f40b3
Fix a PHP Notice when attempting to Add or remove capabilities from nonexistant roles. Props SergeyBiryukov. Fixes #18461
...
git-svn-id: http://core.svn.wordpress.org/trunk@22354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-31 23:18:33 +00:00
Ryan Boren
f9ddde8da6
Return WP_User objects when querying 'all' fields with WP_User_Query.
...
Allow passing stdClass or WP_User to the WP_User constructor.
fixes #22057
git-svn-id: http://core.svn.wordpress.org/trunk@22248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-16 20:05:40 +00:00
Ryan Boren
77518e9c71
Objects no longer need to be explicitly passed by ref to call_user_func*() to be callable. Props wonderboymusic. fixes #21865
...
git-svn-id: http://core.svn.wordpress.org/trunk@22118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-04 20:00:16 +00:00
Ryan Boren
f8f60ac01b
Introduce create_posts meta capability. Props scribu, nacin, casben79. see #16714
...
git-svn-id: http://core.svn.wordpress.org/trunk@22060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 15:33:19 +00:00
Ryan Boren
afe19c7437
Add publish_post meta cap. Props nacin. fixes #21288
...
git-svn-id: http://core.svn.wordpress.org/trunk@22056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 12:48:59 +00:00
Ryan Boren
ba84c90e1b
Allow remove_cap() to unset a negative capability. Props johnjamesjacoby. fixes #21786
...
git-svn-id: http://core.svn.wordpress.org/trunk@21940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-21 13:41:43 +00:00
Andrew Nacin
37537626e3
Don't use hard-coded indexes when dealing with an array of roles. props elyobo. fixes #19222 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-16 16:24:33 +00:00
Andrew Nacin
46eb6f0c26
Move the optimization done to get_user_by() in [21376] higher up the stack, into map_meta_cap() and is_super_admin().
...
This provides nearly the same benefits without possibly receiving a stale object from get_userdata(),
which could affect authentication, and introduce side effects for plugins.
see #21120 .
git-svn-id: http://core.svn.wordpress.org/trunk@21563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-20 21:58:34 +00:00
Andrew Nacin
84c3a86036
Hide the link manager from the UI on upgrade, if the site has no links. New DB option, link_manager_enabled.
...
Enforce this by denying the 'manage_links' capability, which hides the All Links, Add New Link, and Link Categories screens. Hide WP_Widget_Links and the UI for the default_link_category as well.
Convert all references to 'posts and links' when handling reassignment on user deletion to just 'posts'.
see #21307 .
git-svn-id: http://core.svn.wordpress.org/trunk@21501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-13 16:18:42 +00:00
Ryan Boren
cbd6a8becd
Allow passing stdClass and WP_User to wp_insert_user() and wp_update_user(). Introduce WP_User::to_array(). Eliminate uses of get_object_vars() when passing to wp_*_user(). fixes #21429
...
git-svn-id: http://core.svn.wordpress.org/trunk@21496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-10 15:36:54 +00:00
ryan
d286875515
switch_to_blog() and restore_current_blog() housekeeping.
...
wp-includes/admin-bar.php:
* Replace get_admin_url() and get_home_url() with admin_url() and home_url() and place them inside a switch/restore. Likewise replace current_user_can_for_blog() with current_user_can(). This avoids doing multiple switch restores.
wp-includes/ms-blogs.php:
* Deprecate the $validate argument to switch_to_blog(). This avoids a not very necessary call to get_blog_details(), possibly saving a few queries.
* Use $_wp_switched and $_wp_switched_stack instead of $switched and $switched_stack to make it less likely these globals will be stomped.
* Use GLOBALS to access blog_id and other globals. I've preferred this style lately since it makes it obvious a global is being used and avoids global blog_id being stomped by a local variable.
* Lose some is_object() checks. wp_get_current_user() always returns an object, for example.
* Call the new WP_Roles::reinit() method.
wp-includes/class-wp-xmlrpc-server.php:
* Replace current_user_can_for_blog() with current_user_can() and move it inside the switch/restore pair. This eliminates a switch/restore.
wp-includes/capabilities.php:
* Use array_keys() instead of $role => $data since $data is unused. I *think* this is a bit faster.
* Introduce WP_Roles::reinit(). This reinitializes WP_Roles and is used after switch_to_blog() has already update the blog ID in the wpdb object. If a global roles array is being used instead of the db, reinit is skipped.
* current_user_can_for_blog() now does a switch/restore. It didn't before meaning it could be reinitializing the user with the wrong role information for the current blog.
wp-includes/ms-settings.php:
* Define $_wp_switched_stack and $_wp_switched. This way switch_to_blog() and restore_current_blog() can rely on it being set.
wp-settings.php:
* Instantiate the WP_Roles global. This was it is always defined during init. To remove the WP_Roles checks from WP_Role and WP_User this would probably have to move before plugins are loaded, which might not be a good thing.
wp-includes/functions.php:
* Update wp_upload_dir() to reference _wp_switched.
git-svn-id: http://core.svn.wordpress.org/trunk@21485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-09 16:28:15 +00:00
nacin
7127ed1197
Move most instances of new WP_User to get_userdata(). see #21120 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-03 01:06:05 +00:00
nacin
fed9492cbc
Use get_userdata() rather than new WP_User in is_super_admin(), to take advantage of the performance improvements in [21376]. see #21120 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-31 17:47:08 +00:00
nacin
fcae3978c3
Don't call get_userdata() every time for the current user in map_meta_cap()'s read_post, edit_post, and delete_post branches. see #21120 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-31 17:39:14 +00:00
nacin
9d20dfc4e1
Enforce multisite plugins menu preference in map_meta_cap(). This means a simple current_user_can('activate_plugins') check will handle the 'Enable administration menus' setting.
...
Remove bogus checks for enabling/disabling the 'themes' menu (something core does not handle out of the box) when in the network admin.
fixes #21123 .
git-svn-id: http://core.svn.wordpress.org/trunk@21198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-30 12:40:25 +00:00
nacin
4add59f0c1
Remove 'fall through' points in map_meta_cap() as they can hide bugs.
...
git-svn-id: http://core.svn.wordpress.org/trunk@21152 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-27 19:27:54 +00:00
ryan
0a22489dc7
Fix warning when processing read_post cap. Props duck_. fixes #20917
...
git-svn-id: http://core.svn.wordpress.org/trunk@21060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-12 13:50:51 +00:00
ryan
d4311fb73e
Make read_post more useful. Map read_post to edit_post for posts with protected post states. This makes read_post work naturally for draft, future, and pending posts belonging to other users. If the current user cannot edit these non-public posts then the user should not be able to read them either.
...
git-svn-id: http://core.svn.wordpress.org/trunk@21046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-10 16:21:44 +00:00
nacin
bd1224eacf
Update phpdoc for WP_User::has_cap(). props nunomorgadinho. see #19756 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@20683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-02 14:17:04 +00:00
nacin
4fae1f64c2
Do not block file mod/edit caps when DISALLOW_UNFILTERED_HTML is set. There are separate constants (DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS for those). fixes #20488 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-19 14:05:05 +00:00
ryan
de41bc288b
Introduce WP_User::exists(). see #20372
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-06 19:18:45 +00:00
ryan
e3b46b25d3
Lose EOF ?>. Clean up EOF newlines. fixes #12307
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
ryan
340e93324c
Remove extraneous spaces. Props kenan3008, dimadin. fixes #19501 #19433
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-14 17:36:38 +00:00
ryan
07ff8b216b
Use one space, not two, after trailing punctuation. fixes #19537
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
duck_
27a55d6459
Provide back compat mapping for user_level, wp_usersettings and wp_usersettingstime properties of WP_User objects. Fixes #19265 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-17 20:40:24 +00:00
nacin
68c443e9ee
Remove dead code. empty() will catch anything that equals false.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-05 13:35:48 +00:00
ryan
c1e7325db6
Avoid 'Only variables should be assigned by reference' warning. Props arena. fixes #18867
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-12 20:41:06 +00:00
ryan
8f50fdf79a
Don't stomp meta fields in wp_update_user(). Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-07 02:34:41 +00:00
duck_
e4ed63fc6f
Fix typos in documentation (wp-includes/[a-h]). See #18560 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18633 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-03 16:02:41 +00:00
ryan
8edd1656f7
Handle null user ID in the WP_User constructor. Props kawauso. fixes #17894
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-24 19:47:35 +00:00
ryan
0f06334e11
Introduce metadata_exists(), WP_User::get_data_by(), WP_User::get(), WP_User::has_prop(). Don't fill user objects with meta. Eliminate data duplication in cache and memory. Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-24 19:32:59 +00:00
ryan
902cbda424
Handle id back compat in isset magic method. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-05 20:54:08 +00:00
ryan
ec4ccf2900
Deprecate get_userdatabylogin() and get_user_by_email(). Props scribu. fixes #18333
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-05 16:57:31 +00:00
ryan
f5a33890bb
Remove first_name and last_name properties. Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-05 16:45:11 +00:00
ryan
8611d30e5e
Handle deprecation of id in __set(). Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-04 15:42:38 +00:00
ryan
6c81d023bb
Add magic get/set/isset methods to WP_User to avoid data duplication. Standardize on WP_User::ID. Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-04 03:09:27 +00:00
ryan
1bea107db4
Remove return by ref from get_role(). Props scribu, elyobo. fixes #18237
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-07-28 17:12:18 +00:00
ryan
4ad0954961
Introduce register_meta(), get_metadata_by_mid(), and *_post_meta capabilities. fixes #17850
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-07-20 22:04:35 +00:00
markjaquith
cfcde41182
Check parent caps for revisions. props aaroncampbell. fixes #17668
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-08 18:06:43 +00:00
ryan
04487fc268
Constructor cleanup. Props ocean90. fixes #16768
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-29 20:05:12 +00:00
ryan
b60c345536
Remove PHP4 constructors. Props hakre. see #16768
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-05 17:25:08 +00:00
nacin
9845ee1fcd
I have CDO. see #15779 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-14 11:25:11 +00:00