[wp-trac] [WordPress Trac] #37616: Replace `is_super_admin()` calls with real capability checks
WordPress Trac
noreply at wordpress.org
Mon Apr 10 22:05:33 UTC 2017
#37616: Replace `is_super_admin()` calls with real capability checks
-----------------------------+------------------------
Reporter: flixos90 | Owner:
Type: task (blessed) | Status: reviewing
Priority: normal | Milestone: 4.8
Component: Role/Capability | Version:
Severity: normal | Resolution:
Keywords: | Focuses: multisite
-----------------------------+------------------------
Comment (by flixos90):
To-Do:
* Replace check in `wp-includes/ms-load.php` (line 84) with
`current_user_can( 'manage_site', $blog->id )` and move it below the
get_site() call. This relies on #39156 to be completed prior.
* Replace the checks in `wp-admin/options-general.php` (line 147) and `wp-
admin/options.php` (line 185) with capabilities for managing translations.
This relies on #39677 to be completed prior.
* Replace the following checks with `user_can( $user_id, 'manage_network'
)` (these are general checks whether a user is a super admin and therefore
we should use the most basic capability to determine that, which is
`manage_network`):
* `wp-admin/includes/class-wp-ms-users-list-table.php` (line 208)
* `wp-admin/upgrade.php` (lines 265 and 281)
* `wp-admin/network/site-new.php` (line 132)
* `wp-admin/network/users.php` (line 69)
* `wp-admin/user-edit.php` (line 157)
* `wp-includes/ms-functions.php` (line 1188)
* `wp-login.php` (line 835)
No tickets have been opened yet for any of the above three items.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37616#comment:65>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list