[wp-trac] [WordPress Trac] #40922: Use finer-grained capabilities with `customize_changeset` post type
WordPress Trac
noreply at wordpress.org
Mon Jul 10 03:29:51 UTC 2017
#40922: Use finer-grained capabilities with `customize_changeset` post type
-------------------------+------------------
Reporter: dlh | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: 4.9
Component: Customize | Version: 4.7
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
-------------------------+------------------
Comment (by dlh):
Replying to [comment:6 westonruter]:
> But, will not switching to not use the `customize` meta cap cause
problems for plugins (like Customize Posts) that grant the `customize` cap
to allow users to access the Customizer to edit posts there?
Yes, you're right. Any code checking whether `'customize'` was the
capability passed to `current_user_can()` would break under the approach
in the patch (more specifically, whether `'customize'` was passed to
`WP_User::has_cap()`.
If I'm following correctly, then to maintain compatibility with that code,
we have to continue using `current_user_can( 'customize' )`. I'm not sure
where that leaves us?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/40922#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list