Privacy: Un-map privacy capabilities to make them available to be assigned for custom roles:
* `erase_others_personal_data` * `export_others_personal_data` * `manage_privacy_options` Previously mapped to `manage_options` or `manage_network` (on Multisite), these are now added to the Administrator role separately. Additionally, `manage_privacy_options` is added to the Editor role. Props garrett-eclipse, xkon, pbiron, desrosj, johnbillion, flixos90, juliobox, lakenh, Ov3rfly, ianatkins. Fixes #44176. git-svn-id: https://develop.svn.wordpress.org/trunk@47269 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov
parent
49b145c23f
commit
0911aecf36
@ -695,6 +695,7 @@ function populate_roles() {
|
|||||||
populate_roles_270();
|
populate_roles_270();
|
||||||
populate_roles_280();
|
populate_roles_280();
|
||||||
populate_roles_300();
|
populate_roles_300();
|
||||||
|
populate_roles_540();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -923,6 +924,27 @@ function populate_roles_300() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create and modify WordPress roles for WordPress 5.4.0.
|
||||||
|
*
|
||||||
|
* @since 5.4.0
|
||||||
|
*/
|
||||||
|
function populate_roles_540() {
|
||||||
|
// Add the privacy caps to the Administrators.
|
||||||
|
$role = get_role( 'administrator' );
|
||||||
|
|
||||||
|
if ( ! empty( $role ) ) {
|
||||||
|
$role->add_cap( 'export_others_personal_data' );
|
||||||
|
$role->add_cap( 'erase_others_personal_data' );
|
||||||
|
$role->add_cap( 'manage_privacy_options' );
|
||||||
|
}
|
||||||
|
|
||||||
|
$role = get_role( 'editor' );
|
||||||
|
if ( ! empty( $role ) ) {
|
||||||
|
$role->add_cap( 'manage_privacy_options' );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if ( ! function_exists( 'install_network' ) ) :
|
if ( ! function_exists( 'install_network' ) ) :
|
||||||
/**
|
/**
|
||||||
* Install Network.
|
* Install Network.
|
||||||
|
|||||||
@ -834,6 +834,10 @@ function upgrade_all() {
|
|||||||
upgrade_530();
|
upgrade_530();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ( $wp_current_db_version < 47269 ) {
|
||||||
|
upgrade_540();
|
||||||
|
}
|
||||||
|
|
||||||
maybe_disable_link_manager();
|
maybe_disable_link_manager();
|
||||||
|
|
||||||
maybe_disable_automattic_widgets();
|
maybe_disable_automattic_widgets();
|
||||||
@ -2154,6 +2158,22 @@ function upgrade_530() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Executes changes made in WordPress 5.4.0.
|
||||||
|
*
|
||||||
|
* @ignore
|
||||||
|
* @since 5.4.0
|
||||||
|
*
|
||||||
|
* @global int $wp_current_db_version The old (current) database version.
|
||||||
|
*/
|
||||||
|
function upgrade_540() {
|
||||||
|
global $wp_current_db_version;
|
||||||
|
|
||||||
|
if ( $wp_current_db_version < 47269 ) {
|
||||||
|
populate_roles_540();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Executes network-level upgrade routines.
|
* Executes network-level upgrade routines.
|
||||||
*
|
*
|
||||||
|
|||||||
@ -289,6 +289,10 @@ if ( ! is_multisite() && defined( 'WP_ALLOW_MULTISITE' ) && WP_ALLOW_MULTISITE )
|
|||||||
}
|
}
|
||||||
|
|
||||||
$menu[80] = array( __( 'Settings' ), 'manage_options', 'options-general.php', '', 'menu-top menu-icon-settings', 'menu-settings', 'dashicons-admin-settings' );
|
$menu[80] = array( __( 'Settings' ), 'manage_options', 'options-general.php', '', 'menu-top menu-icon-settings', 'menu-settings', 'dashicons-admin-settings' );
|
||||||
|
if ( current_user_can( 'manage_privacy_options' ) && ! current_user_can( 'manage_options' ) ) {
|
||||||
|
$menu[80] = array( __( 'Settings' ), 'manage_privacy_options', 'options-privacy.php', '', 'menu-top menu-icon-settings', 'menu-settings', 'dashicons-admin-settings' );
|
||||||
|
}
|
||||||
|
|
||||||
$submenu['options-general.php'][10] = array( _x( 'General', 'settings screen' ), 'manage_options', 'options-general.php' );
|
$submenu['options-general.php'][10] = array( _x( 'General', 'settings screen' ), 'manage_options', 'options-general.php' );
|
||||||
$submenu['options-general.php'][15] = array( __( 'Writing' ), 'manage_options', 'options-writing.php' );
|
$submenu['options-general.php'][15] = array( __( 'Writing' ), 'manage_options', 'options-writing.php' );
|
||||||
$submenu['options-general.php'][20] = array( __( 'Reading' ), 'manage_options', 'options-reading.php' );
|
$submenu['options-general.php'][20] = array( __( 'Reading' ), 'manage_options', 'options-reading.php' );
|
||||||
|
|||||||
@ -132,7 +132,7 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
|
|||||||
* so deleting it should require that too.
|
* so deleting it should require that too.
|
||||||
*/
|
*/
|
||||||
if ( (int) get_option( 'wp_page_for_privacy_policy' ) === $post->ID ) {
|
if ( (int) get_option( 'wp_page_for_privacy_policy' ) === $post->ID ) {
|
||||||
$caps = array_merge( $caps, map_meta_cap( 'manage_privacy_options', $user_id ) );
|
$caps[] = 'manage_privacy_options';
|
||||||
}
|
}
|
||||||
|
|
||||||
break;
|
break;
|
||||||
@ -203,7 +203,7 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
|
|||||||
* so editing it should require that too.
|
* so editing it should require that too.
|
||||||
*/
|
*/
|
||||||
if ( (int) get_option( 'wp_page_for_privacy_policy' ) === $post->ID ) {
|
if ( (int) get_option( 'wp_page_for_privacy_policy' ) === $post->ID ) {
|
||||||
$caps = array_merge( $caps, map_meta_cap( 'manage_privacy_options', $user_id ) );
|
$caps[] = 'manage_privacy_options';
|
||||||
}
|
}
|
||||||
|
|
||||||
break;
|
break;
|
||||||
@ -580,11 +580,6 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
|
|||||||
$caps[] = 'update_core';
|
$caps[] = 'update_core';
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'export_others_personal_data':
|
|
||||||
case 'erase_others_personal_data':
|
|
||||||
case 'manage_privacy_options':
|
|
||||||
$caps[] = is_multisite() ? 'manage_network' : 'manage_options';
|
|
||||||
break;
|
|
||||||
default:
|
default:
|
||||||
// Handle meta capabilities for custom post types.
|
// Handle meta capabilities for custom post types.
|
||||||
global $post_type_meta_caps;
|
global $post_type_meta_caps;
|
||||||
|
|||||||
@ -20,7 +20,7 @@ $wp_version = '5.4-alpha-46582-src';
|
|||||||
*
|
*
|
||||||
* @global int $wp_db_version
|
* @global int $wp_db_version
|
||||||
*/
|
*/
|
||||||
$wp_db_version = 47018;
|
$wp_db_version = 47269;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds the TinyMCE version.
|
* Holds the TinyMCE version.
|
||||||
|
|||||||
@ -105,6 +105,10 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
|
|||||||
'resume_themes' => array( 'administrator' ),
|
'resume_themes' => array( 'administrator' ),
|
||||||
'view_site_health_checks' => array( 'administrator' ),
|
'view_site_health_checks' => array( 'administrator' ),
|
||||||
|
|
||||||
|
'manage_privacy_options' => array( 'administrator', 'editor' ),
|
||||||
|
'export_others_personal_data' => array( 'administrator' ),
|
||||||
|
'erase_others_personal_data' => array( 'administrator' ),
|
||||||
|
|
||||||
'moderate_comments' => array( 'administrator', 'editor' ),
|
'moderate_comments' => array( 'administrator', 'editor' ),
|
||||||
'manage_categories' => array( 'administrator', 'editor' ),
|
'manage_categories' => array( 'administrator', 'editor' ),
|
||||||
'edit_others_posts' => array( 'administrator', 'editor' ),
|
'edit_others_posts' => array( 'administrator', 'editor' ),
|
||||||
@ -176,6 +180,10 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
|
|||||||
'update_themes' => array(),
|
'update_themes' => array(),
|
||||||
'view_site_health_checks' => array(),
|
'view_site_health_checks' => array(),
|
||||||
|
|
||||||
|
'manage_privacy_options' => array( 'administrator', 'editor' ),
|
||||||
|
'export_others_personal_data' => array( 'administrator' ),
|
||||||
|
'erase_others_personal_data' => array( 'administrator' ),
|
||||||
|
|
||||||
'edit_theme_options' => array( 'administrator' ),
|
'edit_theme_options' => array( 'administrator' ),
|
||||||
'export' => array( 'administrator' ),
|
'export' => array( 'administrator' ),
|
||||||
'import' => array( 'administrator' ),
|
'import' => array( 'administrator' ),
|
||||||
@ -260,9 +268,6 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
|
|||||||
'update_languages' => array( 'administrator' ),
|
'update_languages' => array( 'administrator' ),
|
||||||
'deactivate_plugins' => array( 'administrator' ),
|
'deactivate_plugins' => array( 'administrator' ),
|
||||||
'update_php' => array( 'administrator' ),
|
'update_php' => array( 'administrator' ),
|
||||||
'export_others_personal_data' => array( 'administrator' ),
|
|
||||||
'erase_others_personal_data' => array( 'administrator' ),
|
|
||||||
'manage_privacy_options' => array( 'administrator' ),
|
|
||||||
|
|
||||||
'edit_categories' => array( 'administrator', 'editor' ),
|
'edit_categories' => array( 'administrator', 'editor' ),
|
||||||
'delete_categories' => array( 'administrator', 'editor' ),
|
'delete_categories' => array( 'administrator', 'editor' ),
|
||||||
@ -295,9 +300,6 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
|
|||||||
'update_languages' => array(),
|
'update_languages' => array(),
|
||||||
'deactivate_plugins' => array(),
|
'deactivate_plugins' => array(),
|
||||||
'update_php' => array(),
|
'update_php' => array(),
|
||||||
'export_others_personal_data' => array( '' ),
|
|
||||||
'erase_others_personal_data' => array( '' ),
|
|
||||||
'manage_privacy_options' => array(),
|
|
||||||
|
|
||||||
'customize' => array( 'administrator' ),
|
'customize' => array( 'administrator' ),
|
||||||
'delete_site' => array( 'administrator' ),
|
'delete_site' => array( 'administrator' ),
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user