[wp-trac] [WordPress Trac] #41326: current_user_can('Administrator') does not return true in multisite if user is Administrator but NOT Super Admin

WordPress Trac noreply at wordpress.org
Mon Jul 17 06:53:48 UTC 2017


#41326: current_user_can('Administrator') does not return true in multisite if user
is Administrator but NOT Super Admin
------------------------------+--------------------------------------------
 Reporter:  subrataemfluence  |       Owner:
     Type:  defect (bug)      |      Status:  new
 Priority:  normal            |   Milestone:  Awaiting Review
Component:  Networks and      |     Version:  4.8
  Sites                       |  Resolution:
 Severity:  normal            |     Focuses:  ui, administration, multisite
 Keywords:  close             |
------------------------------+--------------------------------------------

Comment (by subrataemfluence):

 Replying to [comment:1 SergeyBiryukov]:

 Oh! I was wrong about the the concept of is_super_admin. Thought it is
 Network Admin! Thank you.

 > In Multisite, `current_user_can()` always returns true for super admins,
 regardless of the capability being checked. Even `current_user_can(
 'create_unicorns' )` would return true :)
 >
 > See #35007 and the [source:tags/4.8/src/wp-includes/class-wp-
 user.php?marks=728-733#L718 comment in WP_User::has_cap()].
 >
 > > Admin should have default access to everything unless otherwise
 specified, but this is not happening here.
 >
 > You should add a `! is_super_admin()` check to your function.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/41326#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list