[wp-trac] [WordPress Trac] #50260: Multisite - Getting actual user capabilities with get_role_caps() different with current_user_can()
WordPress Trac
noreply at wordpress.org
Thu Aug 3 23:08:59 UTC 2023
#50260: Multisite - Getting actual user capabilities with get_role_caps() different
with current_user_can()
-------------------------------------+------------------------------
Reporter: Mahesh901122 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Role/Capability | Version: 5.4.1
Severity: normal | Resolution:
Keywords: dev-feedback needs-docs | Focuses: multisite
-------------------------------------+------------------------------
Changes (by manfcarlo):
* keywords: dev-feedback => dev-feedback needs-docs
Comment:
The current behaviour is correct in my view, because it gives the ability
to discern capabilities between declared and forced where there is a need
to do so. If the two functions behave the same, what is the point of
having both of them?
I do think a warning should be added to the docblock for `get_role_caps`
about the super admin discrepancies and others, but no need for code
changes.
Regarding the Elementor issue, it looks like `current_user_can` is the
function being used, not `get_role_caps`, so amending `get_role_caps`
would not have any impact on it anyway. Frankly, the Elementor issue is
not even related to multisite at all and looks more related to kses.
In response to the question about working around core bugs, I have a
personal view that I could share. On the other hand, I don't think it
would be relevant to share, since the issue seems the responsibility of
Elementor and not core, and I don't know how promptly bugs tend to get
fixed with Elementor.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50260#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list