Remove private posts from front page query. Aadd private posts and page caps. fixes #2613

git-svn-id: http://svn.automattic.com/wordpress/trunk@3772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-05-11 23:13:35 +00:00 · 2006-05-11 23:13:35 +00:00 · 2f68889eb6
parent fdab6f4c1e
commit 2f68889eb6
5 changed files with 32 additions and 8 deletions
--- a/wp-admin/upgrade-functions.php
+++ b/wp-admin/upgrade-functions.php
@ -173,7 +173,7 @@ function upgrade_all() {
 	if ( $wp_current_db_version < 3308 )
 		upgrade_160();
-	if ( $wp_current_db_version < 3672 )
+	if ( $wp_current_db_version < 3767 )
 		upgrade_210();
 	$wp_rewrite->flush_rules();
@ -492,7 +492,7 @@ function upgrade_210() {
 		}
 	}
-	if ( $wp_current_db_version < 3513 ) {
+	if ( $wp_current_db_version < 3767 ) {
 		populate_roles_210();
 	}
--- a/wp-admin/upgrade-schema.php
+++ b/wp-admin/upgrade-schema.php
@ -352,6 +352,12 @@ function populate_roles_210() {
 		$role->add_cap('delete_posts');
 		$role->add_cap('delete_others_posts');
 		$role->add_cap('delete_published_posts');
 		$role->add_cap('delete_private_posts');
 		$role->add_cap('edit_private_posts');
 		$role->add_cap('read_private_posts');
 		$role->add_cap('delete_private_pages');
 		$role->add_cap('edit_private_pages');
 		$role->add_cap('read_private_pages');
 	}
 	$role = get_role('author');
--- a/wp-includes/capabilities.php
+++ b/wp-includes/capabilities.php
@ -296,6 +296,8 @@ function map_meta_cap($cap, $user_id) {
 			// The post is published, extra cap required.
 			if ($post->post_status == 'publish')
 				$caps[] = 'delete_published_posts';
 			else if ($post->post_status == 'private')
 				$caps[] = 'delete_private_posts';
 		}
 		break;
 	case 'delete_page':
@ -318,6 +320,8 @@ function map_meta_cap($cap, $user_id) {
 			// The page is published, extra cap required.
 			if ($page->post_status == 'publish')
 				$caps[] = 'delete_published_pages';
 			else if ($page->post_status == 'private')
 				$caps[] = 'delete_private_pages';
 		}
 		break;
 		// edit_post breaks down to edit_posts, edit_published_posts, or
@ -346,6 +350,8 @@ function map_meta_cap($cap, $user_id) {
 			// The post is published, extra cap required.
 			if ($post->post_status == 'publish')
 				$caps[] = 'edit_published_posts';
 			else if ($post->post_status == 'private')
 				$caps[] = 'edit_private_posts';
 		}
 		break;
 	case 'edit_page':
@ -368,6 +374,8 @@ function map_meta_cap($cap, $user_id) {
 			// The page is published, extra cap required.
 			if ($page->post_status == 'publish')
 				$caps[] = 'edit_published_pages';
 			else if ($page->post_status == 'private')
 				$caps[] = 'edit_private_pages';
 		}
 		break;
 	case 'read_post':
--- a/wp-includes/query.php
+++ b/wp-includes/query.php
@ -828,13 +828,23 @@ class WP_Query {
 		} else {
 			$where .= " AND (post_type = '$post_type' AND (post_status = 'publish'";
-			if ( is_admin() )
+			if ( is_admin() ) {
 				$where .= " OR post_status = 'future' OR post_status = 'draft'";
-			if ( is_user_logged_in() )
+				if ( is_user_logged_in() ) {
-				$where .= " OR post_author = $user_ID AND post_status = 'private'))";
+					if ( 'post' == $post_type )
-			else
+						$cap = 'edit_private_posts';
-				$where .= '))';
+					else
 						$cap = 'edit_private_pages';
 					if ( current_user_can($cap) )
 						$where .= "OR post_status = 'private'";
 					else
 					$where .= " OR post_author = $user_ID AND post_status = 'private'";
 				}
 			}
 			$where .= '))';
 		}
 		// Apply filters on where and join prior to paging so that any
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -3,6 +3,6 @@
 // This just holds the version number, in a separate file so we can bump it without cluttering the SVN
 $wp_version = '2.1-alpha1';
-$wp_db_version = 3672;
+$wp_db_version = 3767;
 ?>