[wp-trac] [WordPress Trac] #37616: Replace `is_super_admin()` calls with real capability checks

WordPress Trac noreply at wordpress.org
Fri Apr 7 14:39:00 UTC 2017 

#37616: Replace `is_super_admin()` calls with real capability checks
-----------------------------+------------------------
 Reporter:  flixos90         |       Owner:
     Type:  task (blessed)   |      Status:  reviewing
 Priority:  normal           |   Milestone:  4.8
Component:  Role/Capability  |     Version:
 Severity:  normal           |  Resolution:
 Keywords:                   |     Focuses:  multisite
-----------------------------+------------------------
Changes (by flixos90):

 * keywords:  needs-patch =>


Comment:

 Just an update on the current state:

 Out of the original list, #39205 is almost done; #39676 is still open for
 other reasons, but the `is_super_admin()` check has already been removed.

 Still to-do:
 * Replace check in `wp-includes/ms-load.php` (line 84) with
 `current_user_can( 'manage_site', $blog->id )` and move it below the
 `get_site()` call. This relies on #39156 to be completed prior.
 * Replace the checks in `wp-admin/options-general.php` (line 147) and `wp-
 admin/options.php` (line 185) with capabilities for managing translations.
 This relies on #39677 to be completed prior.

 Unfortunately I found further occurrences of `is_super_admin()` that we
 missed before (apparently we didn't look for occurrences of
 `is_super_admin( $user_id )`). Individual tickets will need to be opened
 for those as well, but I'll list them here including suggestions on how to
 get rid of them:
 * Remove check in `wp-admin/includes/schema.php` (line 957) and instead
 only query users with the 'administrator' role in the above query. This
 usage only occurs on non-multisite, so it is essentially the same as
 looking for site administrators.
 * Replace the following checks with `user_can( $user_id, 'manage_network'
 )` (these are general checks whether a user is a super admin and therefore
 we should use the most basic capability to determine that, which is
 `manage_network`):
     * `wp-admin/includes/class-wp-ms-users-list-table.php` (line 208)
     * `wp-admin/upgrade.php` (lines 265 and 281)
     * `wp-admin/network/site-new.php` (line 132)
     * `wp-admin/network/users.php` (line 69)
     * `wp-admin/user-edit.php` (line 157)
     * `wp-includes/ms-functions.php` (line 1188)
     * `wp-login.php` (line 835)

--
Ticket URL: <https://core.trac.wordpress.org/ticket/37616#comment:62>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list