Privacy: Un-map privacy capabilities to make them available to be assigned for custom roles:
* `erase_others_personal_data` * `export_others_personal_data` * `manage_privacy_options` Previously mapped to `manage_options` or `manage_network` (on Multisite), these are now added to the Administrator role separately. Additionally, `manage_privacy_options` is added to the Editor role. Props garrett-eclipse, xkon, pbiron, desrosj, johnbillion, flixos90, juliobox, lakenh, Ov3rfly, ianatkins. Fixes #44176. git-svn-id: https://develop.svn.wordpress.org/trunk@47269 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
49b145c23f
commit
0911aecf36
@ -695,6 +695,7 @@ function populate_roles() {
|
||||
populate_roles_270();
|
||||
populate_roles_280();
|
||||
populate_roles_300();
|
||||
populate_roles_540();
|
||||
}
|
||||
|
||||
/**
|
||||
@ -923,6 +924,27 @@ function populate_roles_300() {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Create and modify WordPress roles for WordPress 5.4.0.
|
||||
*
|
||||
* @since 5.4.0
|
||||
*/
|
||||
function populate_roles_540() {
|
||||
// Add the privacy caps to the Administrators.
|
||||
$role = get_role( 'administrator' );
|
||||
|
||||
if ( ! empty( $role ) ) {
|
||||
$role->add_cap( 'export_others_personal_data' );
|
||||
$role->add_cap( 'erase_others_personal_data' );
|
||||
$role->add_cap( 'manage_privacy_options' );
|
||||
}
|
||||
|
||||
$role = get_role( 'editor' );
|
||||
if ( ! empty( $role ) ) {
|
||||
$role->add_cap( 'manage_privacy_options' );
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! function_exists( 'install_network' ) ) :
|
||||
/**
|
||||
* Install Network.
|
||||
|
@ -834,6 +834,10 @@ function upgrade_all() {
|
||||
upgrade_530();
|
||||
}
|
||||
|
||||
if ( $wp_current_db_version < 47269 ) {
|
||||
upgrade_540();
|
||||
}
|
||||
|
||||
maybe_disable_link_manager();
|
||||
|
||||
maybe_disable_automattic_widgets();
|
||||
@ -2154,6 +2158,22 @@ function upgrade_530() {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Executes changes made in WordPress 5.4.0.
|
||||
*
|
||||
* @ignore
|
||||
* @since 5.4.0
|
||||
*
|
||||
* @global int $wp_current_db_version The old (current) database version.
|
||||
*/
|
||||
function upgrade_540() {
|
||||
global $wp_current_db_version;
|
||||
|
||||
if ( $wp_current_db_version < 47269 ) {
|
||||
populate_roles_540();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Executes network-level upgrade routines.
|
||||
*
|
||||
|
@ -289,6 +289,10 @@ if ( ! is_multisite() && defined( 'WP_ALLOW_MULTISITE' ) && WP_ALLOW_MULTISITE )
|
||||
}
|
||||
|
||||
$menu[80] = array( __( 'Settings' ), 'manage_options', 'options-general.php', '', 'menu-top menu-icon-settings', 'menu-settings', 'dashicons-admin-settings' );
|
||||
if ( current_user_can( 'manage_privacy_options' ) && ! current_user_can( 'manage_options' ) ) {
|
||||
$menu[80] = array( __( 'Settings' ), 'manage_privacy_options', 'options-privacy.php', '', 'menu-top menu-icon-settings', 'menu-settings', 'dashicons-admin-settings' );
|
||||
}
|
||||
|
||||
$submenu['options-general.php'][10] = array( _x( 'General', 'settings screen' ), 'manage_options', 'options-general.php' );
|
||||
$submenu['options-general.php'][15] = array( __( 'Writing' ), 'manage_options', 'options-writing.php' );
|
||||
$submenu['options-general.php'][20] = array( __( 'Reading' ), 'manage_options', 'options-reading.php' );
|
||||
|
@ -132,7 +132,7 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
|
||||
* so deleting it should require that too.
|
||||
*/
|
||||
if ( (int) get_option( 'wp_page_for_privacy_policy' ) === $post->ID ) {
|
||||
$caps = array_merge( $caps, map_meta_cap( 'manage_privacy_options', $user_id ) );
|
||||
$caps[] = 'manage_privacy_options';
|
||||
}
|
||||
|
||||
break;
|
||||
@ -203,7 +203,7 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
|
||||
* so editing it should require that too.
|
||||
*/
|
||||
if ( (int) get_option( 'wp_page_for_privacy_policy' ) === $post->ID ) {
|
||||
$caps = array_merge( $caps, map_meta_cap( 'manage_privacy_options', $user_id ) );
|
||||
$caps[] = 'manage_privacy_options';
|
||||
}
|
||||
|
||||
break;
|
||||
@ -580,11 +580,6 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
|
||||
$caps[] = 'update_core';
|
||||
}
|
||||
break;
|
||||
case 'export_others_personal_data':
|
||||
case 'erase_others_personal_data':
|
||||
case 'manage_privacy_options':
|
||||
$caps[] = is_multisite() ? 'manage_network' : 'manage_options';
|
||||
break;
|
||||
default:
|
||||
// Handle meta capabilities for custom post types.
|
||||
global $post_type_meta_caps;
|
||||
|
@ -20,7 +20,7 @@ $wp_version = '5.4-alpha-46582-src';
|
||||
*
|
||||
* @global int $wp_db_version
|
||||
*/
|
||||
$wp_db_version = 47018;
|
||||
$wp_db_version = 47269;
|
||||
|
||||
/**
|
||||
* Holds the TinyMCE version.
|
||||
|
@ -105,6 +105,10 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
|
||||
'resume_themes' => array( 'administrator' ),
|
||||
'view_site_health_checks' => array( 'administrator' ),
|
||||
|
||||
'manage_privacy_options' => array( 'administrator', 'editor' ),
|
||||
'export_others_personal_data' => array( 'administrator' ),
|
||||
'erase_others_personal_data' => array( 'administrator' ),
|
||||
|
||||
'moderate_comments' => array( 'administrator', 'editor' ),
|
||||
'manage_categories' => array( 'administrator', 'editor' ),
|
||||
'edit_others_posts' => array( 'administrator', 'editor' ),
|
||||
@ -176,6 +180,10 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
|
||||
'update_themes' => array(),
|
||||
'view_site_health_checks' => array(),
|
||||
|
||||
'manage_privacy_options' => array( 'administrator', 'editor' ),
|
||||
'export_others_personal_data' => array( 'administrator' ),
|
||||
'erase_others_personal_data' => array( 'administrator' ),
|
||||
|
||||
'edit_theme_options' => array( 'administrator' ),
|
||||
'export' => array( 'administrator' ),
|
||||
'import' => array( 'administrator' ),
|
||||
@ -260,9 +268,6 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
|
||||
'update_languages' => array( 'administrator' ),
|
||||
'deactivate_plugins' => array( 'administrator' ),
|
||||
'update_php' => array( 'administrator' ),
|
||||
'export_others_personal_data' => array( 'administrator' ),
|
||||
'erase_others_personal_data' => array( 'administrator' ),
|
||||
'manage_privacy_options' => array( 'administrator' ),
|
||||
|
||||
'edit_categories' => array( 'administrator', 'editor' ),
|
||||
'delete_categories' => array( 'administrator', 'editor' ),
|
||||
@ -295,9 +300,6 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
|
||||
'update_languages' => array(),
|
||||
'deactivate_plugins' => array(),
|
||||
'update_php' => array(),
|
||||
'export_others_personal_data' => array( '' ),
|
||||
'erase_others_personal_data' => array( '' ),
|
||||
'manage_privacy_options' => array(),
|
||||
|
||||
'customize' => array( 'administrator' ),
|
||||
'delete_site' => array( 'administrator' ),
|
||||
|
Loading…
Reference in New Issue
Block a user