From c5c47b4b209eeda627ae6506d56a67454fc1a4ca Mon Sep 17 00:00:00 2001 From: nacin Date: Sat, 3 Apr 2010 05:14:34 +0000 Subject: [PATCH] Make remove_user a meta capability. see #12793 git-svn-id: http://svn.automattic.com/wordpress/trunk@13956 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/includes/schema.php | 1 - wp-admin/includes/upgrade.php | 7 +++++++ wp-admin/users.php | 22 +++++++++++++--------- wp-includes/capabilities.php | 3 +++ wp-includes/version.php | 2 +- 5 files changed, 24 insertions(+), 11 deletions(-) diff --git a/wp-admin/includes/schema.php b/wp-admin/includes/schema.php index 01770e66e..f704f6b9e 100644 --- a/wp-admin/includes/schema.php +++ b/wp-admin/includes/schema.php @@ -607,7 +607,6 @@ function populate_roles_300() { if ( !empty( $role ) ) { $role->add_cap( 'update_core' ); - $role->add_cap( 'remove_user' ); $role->add_cap( 'remove_users' ); } } diff --git a/wp-admin/includes/upgrade.php b/wp-admin/includes/upgrade.php index 5184eb257..ece1eb587 100644 --- a/wp-admin/includes/upgrade.php +++ b/wp-admin/includes/upgrade.php @@ -1126,6 +1126,13 @@ function upgrade_300() { $wpdb->update( $wpdb->postmeta, array( 'meta_key' => '_menu_item_xfn' ), array( 'meta_key' => 'menu_item_xfn' ) ); $wpdb->update( $wpdb->postmeta, array( 'meta_key' => '_menu_item_url' ), array( 'meta_key' => 'menu_item_url' ) ); } + + // 3.0-beta1 remove_user primitive->meta cap. can be removed before release + if ( $wp_current_db_version >= 12751 && $wp_current_db_version < 12751 ) { + $role =& get_role( 'administrator' ); + if ( ! empty( $role ) ) + $role->remove_cap( 'remove_user' ); + } } /** diff --git a/wp-admin/users.php b/wp-admin/users.php index 5c202d38c..fb7e24f12 100644 --- a/wp-admin/users.php +++ b/wp-admin/users.php @@ -15,9 +15,13 @@ require_once( ABSPATH . WPINC . '/registration.php'); if ( !current_user_can('edit_users') ) wp_die(__('Cheatin’ uh?')); -$del_cap_type = 'remove'; -if ( !is_multisite() && current_user_can('delete_users') ) - $del_cap_type = 'delete'; +if ( ! is_multisite() && current_user_can('delete_users') ) { + $del_cap_user = 'delete_user'; + $del_cap_users = 'delete_users'; +} else { + $del_cap_user = 'remove_user'; + $del_cap_users = 'remove_users'; +} $title = __('Users'); $parent_file = 'users.php'; @@ -85,16 +89,16 @@ case 'dodelete': exit(); } - if ( !current_user_can($del_cap_type . '_users') ) - wp_die(__('You can’t delete users.')); + if ( ! current_user_can($del_cap_users ) ) + wp_die(__('You can’t remove users.')); $userids = $_REQUEST['users']; $update = 'del'; $delete_count = 0; foreach ( (array) $userids as $id) { - if ( ! current_user_can($del_cap_type . '_user', $id) ) - wp_die(__('You can’t delete that user.')); + if ( ! current_user_can( $del_cap_user, $id ) ) + wp_die(__( 'You can’t remove that user.' ) ); if ( $id == $current_user->ID ) { $update = 'err_admin_del'; @@ -132,8 +136,8 @@ case 'delete': exit(); } - if ( !current_user_can($del_cap_type . '_users') ) - $errors = new WP_Error('edit_users', __('You can’t delete users.')); + if ( ! current_user_can( $del_cap_users ) ) + $errors = new WP_Error( 'edit_users', __( 'You can’t delete users.' ) ); if ( empty($_REQUEST['users']) ) $userids = array(intval($_REQUEST['user'])); diff --git a/wp-includes/capabilities.php b/wp-includes/capabilities.php index f19d4fbf1..5b79ab8ed 100644 --- a/wp-includes/capabilities.php +++ b/wp-includes/capabilities.php @@ -796,6 +796,9 @@ function map_meta_cap( $cap, $user_id ) { $caps = array(); switch ( $cap ) { + case 'remove_user': + $caps[] = 'remove_users'; + break; case 'delete_user': $caps[] = 'delete_users'; break; diff --git a/wp-includes/version.php b/wp-includes/version.php index 0011771ea..0286a2961 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -15,7 +15,7 @@ $wp_version = '3.0-beta1'; * * @global int $wp_db_version */ -$wp_db_version = 13803; +$wp_db_version = 13956; /** * Holds the TinyMCE version