[wp-trac] [WordPress Trac] #27020: Use a safer capability default when post_author == 0
WordPress Trac
noreply at wordpress.org
Thu Feb 6 20:33:52 UTC 2014
#27020: Use a safer capability default when post_author == 0
------------------------------------+------------------
Reporter: danielbachhuber | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: 3.9
Component: Role/Capability | Version:
Severity: normal | Resolution:
Keywords: has-patch dev-feedback | Focuses:
------------------------------------+------------------
Changes (by danielbachhuber):
* keywords: needs-patch => has-patch dev-feedback
Comment:
Added patch and tests for `edit_post`, `read_post`, and `delete_post`.
Per westi's comment, `*_post_meta`falls back to `map_meta_cap( 'edit_post'
)`, as does `edit_comment`. For the former, I don't foresee any problems
with this change.
For the latter, an author can view comments on Manage Comments, but not
edit unless they have edit permissions on the post. Editors can view and
edit. Contributors can only view.
This behavior seems expected to me, but open to feedback and direction.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/27020#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list