[wp-hackers] Breaking down the Edit_Pages capability
Owen Winkler
ringmaster at midnightcircus.com
Sun Jan 22 14:31:32 GMT 2006
Andy Skelton wrote:
> On 1/21/06, Chris Casciano <chris at placenamehere.com> wrote:
>> If there are new pages to be created that would be the call and
>> responsibility of someone higher up the food chain.
http://trac.wordpress.org/ticket/2301
Includes a plugin for 2.0 and a potential patch on 2.0 to add a new
capability "edit_others_pages" that might interest you. Specifically,
if you do not have this capability, then you can't edit the pages of others.
It might not be exactly the solution, but I would be interested in
seeing any alterations that allowed users with "edit_others_pages" to
edit existing pages without allowing them to create new ones themselves.
Also, you can easily remove menus from the admin without buffering by
hooking admin_menu, using $menu/$submenu as a global, checking for the
conditions of display, then unset() the appropriate core menu item.
add_action('admin_menu', 'my_admin_menu');
function my_admin_menu() {
global $submenu;
if(!current_user_can('some_new_capability')) {
unset($submenu['post.php'][10]);
}
}
And finally, a rule of thumb: NEVER check anything against a role name.
ALWAYS use a capability. Why? Capability names are not translated
(__('Administrator') != 'Administrator'), and are not designed to be
potentially deleted.
Owen
More information about the wp-hackers
mailing list