[wp-trac] [WordPress Trac] #41326: current_user_can('Administrator') does not return true in multisite if user is Administrator but NOT Super Admin
WordPress Trac
noreply at wordpress.org
Mon Jul 17 06:53:48 UTC 2017
#41326: current_user_can('Administrator') does not return true in multisite if user
is Administrator but NOT Super Admin
------------------------------+--------------------------------------------
Reporter: subrataemfluence | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Networks and | Version: 4.8
Sites | Resolution:
Severity: normal | Focuses: ui, administration, multisite
Keywords: close |
------------------------------+--------------------------------------------
Comment (by subrataemfluence):
Replying to [comment:1 SergeyBiryukov]:
Oh! I was wrong about the the concept of is_super_admin. Thought it is
Network Admin! Thank you.
> In Multisite, `current_user_can()` always returns true for super admins,
regardless of the capability being checked. Even `current_user_can(
'create_unicorns' )` would return true :)
>
> See #35007 and the [source:tags/4.8/src/wp-includes/class-wp-
user.php?marks=728-733#L718 comment in WP_User::has_cap()].
>
> > Admin should have default access to everything unless otherwise
specified, but this is not happening here.
>
> You should add a `! is_super_admin()` check to your function.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/41326#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list