[wp-trac] [WordPress Trac] #47024: (Comments REST API) Contributor can't update/delete own comment
WordPress Trac
noreply at wordpress.org
Wed Apr 24 08:30:05 UTC 2019
#47024: (Comments REST API) Contributor can't update/delete own comment
--------------------------+-----------------------------
Reporter: meloniq | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: 5.1.1
Severity: normal | Keywords: has-patch
Focuses: rest-api |
--------------------------+-----------------------------
Affected API: https://developer.wordpress.org/rest-
api/reference/comments/#update-a-comment
Endpoints: `POST /wp/v2/comments/<id>` and `DELETE /wp/v2/comments/<id>`
Case: As a user with Contributor or Author role I'm not able to
update/delete a comment that I previously added.
Due to a logical bug in the method `check_edit_permission()`, a users
without the `moderate_comments` capability aren't able to update or delete
own comments as the part of code which checks permission on individual
comment is never reached.
Patch correcting mentioned above part has been attached to the ticket.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47024>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list