[wp-trac] [WordPress Trac] #44648: User creation even though an error is thrown
WordPress Trac
noreply at wordpress.org
Mon Oct 8 13:59:29 UTC 2018
#44648: User creation even though an error is thrown
------------------------------------------+---------------------
Reporter: apermo | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 5.0
Component: REST API | Version: 4.9.7
Severity: normal | Resolution:
Keywords: needs-patch needs-unit-tests | Focuses:
------------------------------------------+---------------------
Comment (by apermo):
I figured out what happens here.
{{{#!php
<?php
protected function update_meta_value( $object_id, $meta_key, $name, $value
) {
$meta_type = $this->get_meta_type();
if ( ! current_user_can( "edit_{$meta_type}_meta", $object_id,
$meta_key ) ) {
...
}}}
Upon creating a new element $object_id is 0 when this function is called,
and thus current_user_can will return false.
This error also applies to setting meta for any other type like
categories, post_tags... With the same impact, the element is created but
a 403 is returned.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44648#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list