[wp-trac] [WordPress Trac] #50260: Multisite - Getting actual user capabilities with get_role_caps() different with current_user_can()
WordPress Trac
noreply at wordpress.org
Fri Aug 4 07:46:46 UTC 2023
#50260: Multisite - Getting actual user capabilities with get_role_caps() different
with current_user_can()
-------------------------------------+------------------------------
Reporter: Mahesh901122 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Role/Capability | Version: 5.4.1
Severity: normal | Resolution:
Keywords: dev-feedback needs-docs | Focuses: multisite
-------------------------------------+------------------------------
Comment (by vgstudios):
Thank you for your reply. I misread the first post partially and assumed
current_user_can would be the one being wrong, while it's get_role_caps as
you and the first person said. Sorry. So I guess there's a valid reason to
have non-super admins not have unfiltered_html on MultiSites by default
(which makes sense if they can't be trusted at all, so they can't destroy
the domain reputation e.g. with malicious script content).
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50260#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list