[buddypress-trac] [BuddyPress Trac] #8355: Site Admins cannot edit BP emails

buddypress-trac noreply at wordpress.org
Tue Sep 8 06:11:34 UTC 2020

#8355: Site Admins cannot edit BP emails
 Reporter:  shanebp                |       Owner:  DJPaul
     Type:  defect (bug)           |      Status:  new
 Priority:  normal                 |   Milestone:  7.0.0
Component:  Emails                 |     Version:  6.2.0
 Severity:  normal                 |  Resolution:
 Keywords:  has-patch 2nd-opinion  |

Comment (by imath):

 8355.tests.patch contains unit tests for regular an multisite WordPress

 8355.3.patch is improving 8355.2.patch adding `isset` checks for the
 administrator role and making sure only Super Admins can `bp_moderate`
 when BuddyPress is network activated. With 8355.3.patch applied tests are
 all successful, without 1 test is failing (Administrator should be able to
 edit others emails)

 > is it possible that WordPress core is checking the incorrect capability
 in this location?

 I don't think so, WordPress checks for `edit_post` and the `bp_moderate`
 capability is added to `caps` to check the user against. The specific
 problem here is `_bp_enforce_bp_moderate_cap_for_admins()` checks for the
 requested cap and not for the allowed caps. 8355.patch is a way to fix
 this into `_bp_enforce_bp_moderate_cap_for_admins()` including specific
 emails caps, I guess another easier way could be to do:

 $caps = array_unique( array_merge( $caps, array( $cap ) ) );

 if ( ! in_array( 'bp_moderate', $caps, true ) ) {
     return $caps.

Ticket URL: <https://buddypress.trac.wordpress.org/ticket/8355#comment:13>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac

More information about the buddypress-trac mailing list