Add 'edit_posts' capability check to metaWeblog.newPost. Props Joseph Scott and Wei-Yeh Lee. fixes #4404 for 2.3

git-svn-id: http://svn.automattic.com/wordpress/trunk@5651 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-06-04 18:31:32 +00:00 · 2007-06-04 18:31:32 +00:00 · f904142767
parent e515401912
commit f904142767
1 changed files with 2 additions and 1 deletions
--- a/xmlrpc.php
+++ b/xmlrpc.php
@ -925,8 +925,9 @@ class wp_xmlrpc_server extends IXR_Server {
 	    return $this->error;
 	  }

+      $cap = ($publish) ? 'publish_posts' : 'edit_posts';
 	  $user = set_current_user(0, $user_login);
-	  if ( !current_user_can('publish_posts') )
+	  if ( !current_user_can($cap) )
 	    return new IXR_Error(401, __('Sorry, you can not post on this weblog or category.'));

 		// The post_type defaults to post, but could also be page.