nacin
f9783ba838
Some sanity checks -- make sure we have a valid post author user object before checking if the current user is the author.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14782 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-21 15:15:32 +00:00
nacin
7734a07cb2
Move post type object capabilities to a 'cap' object. Allow them to be initialized via the 'capabilities' key (an array) when registering support for the post type. Caps are now referred to by the name of the cap as if it was a post, i.e. ->cap->edit_post. see #13358 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-12 20:45:18 +00:00
ryan
7b7243d94a
Strip trailing whites.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-03 20:26:11 +00:00
nacin
d5f61d9db3
Explicitly set the capability required in edit_users map_meta_cap branch, so we don't accidentally pass edit_user. props TheDeadMedic. fixes #13074 , fixes #13137
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14256 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-27 20:39:39 +00:00
ryan
ffd9a036cd
Introduce DISALLOW_UNFILTERED_HTML
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-26 21:42:42 +00:00
ryan
bc0947b075
Introduce get_super_admins(). Allow hard-coding a global super_admins array and bypassing site options. fixes #12815
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-23 20:34:03 +00:00
josephscott
e26aed0ac4
New 'list_users' cap to provide more controls over listing users vs. editing
...
users.
Apply this new cap to the 'Authors & Users' menu item and 'Users' page in
wp-admin.
Bump db version to 14139 to pick up the new cap.
See #13074
git-svn-id: http://svn.automattic.com/wordpress/trunk@14189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-22 19:48:13 +00:00
ryan
fda80bc7f6
Separate user deletion and removal. Add promote_users cap so that multisite Admins (not supes) can promote. see #13074
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14176 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-21 17:43:53 +00:00
ryan
c4a677dea9
Introduce DISALLOW_FILE_MOD for disabling all ops that modify core, theme, or plugins files. see #13000
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14088 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-14 17:22:11 +00:00
nacin
c5c47b4b20
Make remove_user a meta capability. see #12793
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-03 05:14:34 +00:00
wpmuguru
fbf3ee6abc
delete user cap in remove_all_caps(), props ocean90, see #12711
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-29 20:35:06 +00:00
nacin
a7feaed0e6
Change @since 3.0 to @since 3.0.0.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13827 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-26 19:13:36 +00:00
dd32
68445ab030
Use correct cap checks and nonces for custom post_type's
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13786 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-21 02:29:11 +00:00
dd32
6ff82f54e7
Fix WP_User::remove_role(). See #10285
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-21 01:36:54 +00:00
markjaquith
58d47426cc
More pedantry. "Setup" is not a verb. http://notaverb.com/setup
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-17 04:39:50 +00:00
nacin
52979cc4d5
Fix assignment in WP_User::for_blog(). props prettyboymp, fixes #12587
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-11 18:24:37 +00:00
dd32
65b22dcf9c
Strip delete_themes from Multisite non-super-admins. Props Denis-de-Bernardy. Fixes #11802
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-02 11:42:15 +00:00
nacin
8bcc5969dc
Spelling and grammar fun. Fixes #11875 props cnorris23
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-24 20:13:23 +00:00
nacin
2ce7dc4dac
Don't use deprecated *_usermeta() functions. Props technosailor fixes #10837
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-22 21:25:32 +00:00
wpmuguru
be4fb62b25
use map_meta_cap for multisite superadmins, props dd32, fixes #12109
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13270 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-21 00:19:05 +00:00
ryan
6aabfcb1a8
Introduce DISALLOW_FILE_EDIT flag for enabling/disabling the theem and plugin editors. Props nacin. see #11306
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13034 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-09 00:07:52 +00:00
ryan
92bf8d124c
Introduce WP_User::for_blog() and current_user_can_for_blog() to avoid calls to WP_User::_init_caps(). fixes #11781
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-22 17:27:28 +00:00
ryan
c679e65c9c
Add email and login dupe checking down into wp_insert_user(). Tidy up user-new.php. see #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12778 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-20 21:58:13 +00:00
ryan
aac0a1230a
Use API to set the user's role. see #11781
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12770 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-19 20:12:04 +00:00
ryan
f7d7bc2dd0
Use cap checks instead of multisite and super admin checks. Add some new caps. Merge cleanup. see #11644 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-18 22:21:36 +00:00
ryan
6da55f7792
Trailing whitespace cleanup
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-15 22:11:12 +00:00
ryan
b4447f9f9c
Mainstream things that don't need to be multisite only. Formatting cleanups. see #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-11 22:23:58 +00:00
wpmuguru
7b64248bc8
merge in multisite login, wp-includes, See #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-11 21:49:40 +00:00
ryan
8c875db5b4
Assume current user of user ID is not passed. Props filosofo. fixes #11808
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12650 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-07 19:45:57 +00:00
ryan
43bfa1a300
Remove certain caps for non super admins when running multisite. see #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-07 04:05:53 +00:00
ryan
68073badbc
Return true for all admin user is multisite is not enabled. see #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-06 23:39:40 +00:00
ryan
5ba4a05d29
Introduce is_super_admin(). see #11644 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-06 23:27:22 +00:00
ryan
da89de4958
More custom post type support. Props scribu. see #9674
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-04 16:58:43 +00:00
westi
bb827e82c6
Mark user levels as Deprecated. Fixes #10805 props nacin.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-30 16:51:32 +00:00
westi
acd41194ff
Ensure we don't destory the $wp_roles->role_objects property when assigning a second role to a WP_User object. Fixes #9128 props dd32.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-22 11:42:46 +00:00
westi
8c791aaf60
Check the correct global in get_page and also ensure that the cap check for deleting pages copes for the default page we edit when adding new. Fixes #11203 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-07 18:01:02 +00:00
westi
5a9f4aabd5
Better documentation on the format of the capabilities when adding a role. Fixes #11106 props simonwheatley.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-11-09 22:15:50 +00:00
westi
5f9ac8a5fd
Ensure we always have author info to check capabilities with. Fixes notice on Add new post page.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-18 12:06:39 +00:00
markjaquith
0a665944e8
Add set_user_role action hook. props jamescollins, usermrpapa. fixes #10716
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-14 02:30:51 +00:00
ryan
18f11f1fbc
Use oEmbed for youtube. Props Viper007Bond. see #10337
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-13 22:36:24 +00:00
ryan
410fcc2e42
Embeds. Props Viper007Bond. see #10337
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-13 17:04:22 +00:00
ryan
aa1e377ede
Filter fields through kses upon display. Introduce sanitize_user_object() and sanitize_user_field(). see #10751
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-14 13:57:48 +00:00
ryan
ba57ce7aba
Add missing break. Props snakefoot. fixes #10692
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-11 13:42:15 +00:00
ryan
40ac59ef2b
Disallow unfiltered uploads for admins by default. fixes #10692
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-28 00:17:53 +00:00
westi
e8b550fd33
Move the storage of the metadata for trashed posts into the post meta table rather than storing it in an option. See #4529 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-25 22:05:15 +00:00
azaozz
8d4223adb3
Don't let contributors to re-publish their trashed posts, props caesarsgrunt, see #4529
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-24 20:48:31 +00:00
azaozz
be026258fa
"Trash" updates, props caesarsgrunt, see #4529
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-19 08:35:24 +00:00
ryan
b692a1f322
Cast to array to fix warning. Props johnkolbert, Denis-de-Bernardy. fixes #9128
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-20 20:03:20 +00:00
westi
8f58c6908e
Let a plugin filter the expanded capabilities returned by map_meta_cap. Fixes #9462 props rmccue.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-05 17:23:04 +00:00
ryan
07f625bc03
Explicitly return ref for the sake of PHP4. Fixes user_level being empty when installing on PHP4. Props Mr Pete. fixes #8317 for trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-12-12 20:47:18 +00:00