[wp-trac] Re: [WordPress Trac] #8234: Users with upload_files
capability
should be able to edit and delete uploaded files without having
the edit_post/delete_post capability
WordPress Trac
wp-trac at lists.automattic.com
Sat Nov 15 22:50:26 GMT 2008
#8234: Users with upload_files capability should be able to edit and delete
uploaded files without having the edit_post/delete_post capability
-----------------------+----------------------------------------------------
Reporter: olethomas | Owner:
Type: defect | Status: new
Priority: normal | Milestone: 2.7
Component: Upload | Version: 2.7
Severity: normal | Resolution:
Keywords: |
-----------------------+----------------------------------------------------
Comment (by mrmist):
I believe this behaviour was introduced in [9686] to fix an issue where
users could delete media they shouldn't be able to (I.E. belonging to
others).
I wouldn't want that reverted completely.
Of course if the checks can be made more specific, then that's great.
Though you'd have to watch out because if you are talking about deleting /
editing media that's attached to a post then effectively you are editing a
post and it should be checking for edit post ability.
--
Ticket URL: <http://trac.wordpress.org/ticket/8234#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list