[wp-trac] [WordPress Trac] #14460: New Permission for no_user_edit so users with edit_users can't edit it
WordPress Trac
wp-trac at lists.automattic.com
Sat Dec 24 18:44:09 UTC 2011
#14460: New Permission for no_user_edit so users with edit_users can't edit it
-------------------------------------+-----------------------------
Reporter: brandon.wamboldt | Owner:
Type: feature request | Status: new
Priority: normal | Milestone: Future Release
Component: Users | Version: 3.0
Severity: major | Resolution:
Keywords: has-patch needs-testing |
-------------------------------------+-----------------------------
Changes (by linuxologos):
* keywords: user, role, delete, immune => has-patch needs-testing
Comment:
If we were to use a new capability to fix this, it seems rather simple (at
first look at least).
If for example the administrator was given a "Self protect" capability,
then (edit|delete)_user could be checked against this new cap. If another
user could edit/delete users, he could do so only for users without the
"self protect" cap, unless he himself has the same cap (the administrator
in this example).
[attachment:14460.patch] tries to implement this through
{{{map_meta_cap()}}}. It's a first pass. Please give an user or role the
"self_protect" cap and test.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/14460#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list