Allow create_users cap to be used independently of edit_users cap. fixes #12794.

git-svn-id: http://svn.automattic.com/wordpress/trunk@14110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
nacin 2010-04-16 14:54:44 +00:00
parent 5deebd667f
commit ea4934a962
2 changed files with 30 additions and 19 deletions

View File

@ -186,6 +186,7 @@ if ( current_user_can('edit_users') ) {
} else {
$_wp_real_parent_file['users.php'] = 'profile.php';
$submenu['profile.php'][5] = array(__('Your Profile'), 'read', 'profile.php');
$submenu['profile.php'][10] = array(__('Add New User'), 'create_users', 'user-new.php');
}
$menu[75] = array( __('Tools'), 'edit_posts', 'tools.php', '', 'menu-top menu-icon-tools', 'menu-tools', 'div' );

View File

@ -45,9 +45,13 @@ if ( isset($_REQUEST['action']) && 'adduser' == $_REQUEST['action'] ) {
if ( is_wp_error( $user_id ) ) {
$add_user_errors = $user_id;
} else {
if ( current_user_can('edit_users') ) {
$new_user_login = apply_filters('pre_user_login', sanitize_user(stripslashes($_REQUEST['user_login']), true));
$redirect = 'users.php?usersearch='. urlencode($new_user_login) . '&update=add';
wp_redirect( $redirect . '#user-' . $user_id );
$redirect = 'users.php?usersearch='. urlencode($new_user_login) . '&update=add' . '#user-' . $user_id;
} else {
$redirect = add_query_arg( 'update', 'add', 'user-new.php' );
}
wp_redirect( $redirect );
die();
}
} else {
@ -110,21 +114,27 @@ wp_enqueue_script('password-strength-meter');
require_once ('admin-header.php');
if ( isset($_GET[ 'update' ]) && is_multisite() ) {
if ( isset($_GET['update']) ) {
$messages = array();
if ( is_multisite() ) {
switch ( $_GET['update'] ) {
case "newuserconfimation":
$messages[] = '<div id="message" class="updated"><p>' . __('Invitation email sent to new user. A confirmation link must be clicked before their account is created.') . '</p></div>';
$messages[] = __('Invitation email sent to new user. A confirmation link must be clicked before their account is created.');
break;
case "add":
$messages[] = '<div id="message" class="updated"><p>' . __('Invitation email sent to user. A confirmation link must be clicked for them to be added to your blog.') . '</p></div>';
$messages[] = __('Invitation email sent to user. A confirmation link must be clicked for them to be added to your site.');
break;
case "addnoconfirmation":
$messages[] = '<div id="message" class="updated"><p>' . __('User has been added to your blog.') . '</p></div>';
$messages[] = __('User has been added to your site.');
break;
case "addexisting":
$messages[] = '<div id="message" class="updated"><p>' . __('That user is already a member of this blog.') . '</p></div>';
$messages[] = __('That user is already a member of this site.');
break;
}
} else {
if ( 'add' == $_GET['update'] )
$messages[] = __('User added.');
}
}
?>
<div class="wrap">
@ -144,7 +154,7 @@ if ( isset($_GET[ 'update' ]) && is_multisite() ) {
if ( ! empty( $messages ) ) {
foreach ( $messages as $msg )
echo $msg;
echo '<div id="message" class="updated"><p>' . $msg . '</p></div>';
} ?>
<?php if ( isset($add_user_errors) && is_wp_error( $add_user_errors ) ) : ?>