[wp-trac] [WordPress Trac] #43709: Fix or remove the "delete revision" endpoint
WordPress Trac
noreply at wordpress.org
Fri Oct 19 14:20:21 UTC 2018
#43709: Fix or remove the "delete revision" endpoint
--------------------------------------+------------------------------
Reporter: azaozz | Owner: danielbachhuber
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 5.1
Component: REST API | Version:
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests | Focuses: rest-api
--------------------------------------+------------------------------
Changes (by azaozz):
* milestone: 5.0 => 5.1
Comment:
Replying to [comment:5 danielbachhuber]:
> always applying `do_not_allow` in `map_meta_cap()` will be a breaking
change...
Seems this needs another look as it will trip plugins that want to delete
revisions (and are checking user caps).
How about introducing another capability: `delete_revisions`? It would
need to be overridden when a (parent) post is deleted, all revisions
should be deleted with it. Then it could be true for admins by default (so
we don't break existing plugins) but false for editors, authors, and
anybody else that can delete a post. Then installs with many editors and
authors may want to grant it to other roles or remove it completely.
In any case, this has a potential to introduce regressions in plugins,
lets look at it again after 5.0 :)
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43709#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list