[wp-trac] [WordPress Trac] #25395: Potential bug of uploading images using media-upload
WordPress Trac
noreply at wordpress.org
Mon Feb 17 09:13:51 UTC 2014
#25395: Potential bug of uploading images using media-upload
--------------------------+-----------------------
Reporter: alucard001 | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone:
Component: Upload | Version: 3.6.1
Severity: normal | Resolution:
Keywords: close | Focuses:
--------------------------+-----------------------
Changes (by dd32):
* keywords: => close
Comment:
> Your reason about post and attachment is understood, what I am going
after is the name: there is no such right as "edit_post", only
"edit_posts".
'edit_post' is a meta capability which is mapped to edit_posts and/or
edit_private_posts and/or edit_others_posts here:
https://core.trac.wordpress.org/browser/trunk/src/wp-
includes/capabilities.php#L1104
The actual caps it maps to are found here:
https://core.trac.wordpress.org/browser/trunk/src/wp-
includes/post.php#L1396
It's hard to explain how the latter is setup, to truly understand it
reading the Documentation in the file around that area, and adding some
debugging cases in is really needed.
basically what I'm saying, is that 'edit_post' is a special "Meta"
capability which is mapped onto another "real" capability during the cap
checks, checking for edit_post with a context of $post_id will check for
'edit_posts' for an administrator, and for another user would check
'edit_others_posts'.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/25395#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list