[wp-trac] [WordPress Trac] #38653: Trigger a doing it wrong when checking a role name as a capability
WordPress Trac
noreply at wordpress.org
Fri Nov 4 03:35:57 UTC 2016
#38653: Trigger a doing it wrong when checking a role name as a capability
-------------------------+-------------------------------------------------
Reporter: johnbillion | Owner:
Type: enhancement | Status: new
Priority: low | Milestone: Awaiting Review
Component: | Version:
Role/Capability | Keywords: needs-patch needs-unit-tests 2nd-
Severity: normal | opinion
Focuses: |
-------------------------+-------------------------------------------------
Code which checks `current_user_can( 'administrator' )` is essentially
bypassing all the power of fine grained capability checking in the roles
and capabilities API. Let's trigger a call to `_doing_it_wrong()` when a
cap check is performed against any of the built-in roles, in order to
persuade developers to use the capabilities API as it's intended.
There may be valid use cases for checking a user's role in this way. If
there are, let's look at how to address those.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/38653>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list