[wp-trac] [WordPress Trac] #37616: Replace `is_super_admin()` calls with real capability checks
WordPress Trac
noreply at wordpress.org
Mon Dec 12 21:41:46 UTC 2016
#37616: Replace `is_super_admin()` calls with real capability checks
-----------------------------+------------------------
Reporter: flixos90 | Owner:
Type: task (blessed) | Status: reviewing
Priority: normal | Milestone: 4.8
Component: Role/Capability | Version:
Severity: normal | Resolution:
Keywords: needs-patch | Focuses: multisite
-----------------------------+------------------------
Comment (by flixos90):
In [changeset:"39588"]:
{{{
#!CommitTicketReference repository="" revision="39588"
Multisite: Handle capability check for removing oneself via
`map_meta_cap()`.
Site administrators should not be able to remove themselves from a site.
This moves the enforcement of this rule from `wp-admin/users.php` to
`remove_user_from_blog()` via the `remove_user` capability, which
furthermore allows us to get rid of two additional clauses and their
`is_super_admin()` checks in `wp-admin/users.php`. A unit test for the new
behavior has been added.
Fixes #39063. See #37616.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37616#comment:46>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list