sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Customize: Prevent PHP notice and JS error caused by widgets and nav menus components if user only has customize capability.

Browse Source 
Short-circuits components from initializing their hooks needlessly if current user lacks required capability.

Fixes #35895.


git-svn-id: https://develop.svn.wordpress.org/trunk@36611 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Weston Ruter 2016-02-22 05:30:30 +00:00
parent bd09cddfc1
commit 56598b5f90
3 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/wp-includes/class-wp-customize-nav-menus.php
View File

@ -48,6 +48,11 @@ final class WP_Customize_Nav_Menus {
$this->previewed_menus = array();
$this->manager = $manager;
// Skip useless hooks when the user can't manage nav menus anyway.
if ( ! current_user_can( 'edit_theme_options' ) ) {
return;
}
add_filter( 'customize_refresh_nonces', array( $this, 'filter_nonces' ) );
add_action( 'wp_ajax_load-available-menu-items-customizer', array( $this, 'ajax_load_available_items' ) );
add_action( 'wp_ajax_search-available-menu-items-customizer', array( $this, 'ajax_search_available_items' ) );

5
src/wp-includes/class-wp-customize-widgets.php
View File

@ -84,6 +84,11 @@ final class WP_Customize_Widgets {
public function __construct( $manager ) {
$this->manager = $manager;
// Skip useless hooks when the user can't manage widgets anyway.
if ( ! current_user_can( 'edit_theme_options' ) ) {
return;
}
add_filter( 'customize_dynamic_setting_args', array( $this, 'filter_customize_dynamic_setting_args' ), 10, 2 );
add_action( 'after_setup_theme', array( $this, 'register_settings' ) );
add_action( 'wp_loaded', array( $this, 'override_sidebars_widgets_for_theme_switch' ) );

6
tests/phpunit/tests/customize/widgets.php
View File

@ -23,6 +23,9 @@ class Tests_WP_Customize_Widgets extends WP_UnitTestCase {
function setUp() {
parent::setUp();
require_once( ABSPATH . WPINC . '/class-wp-customize-manager.php' );
$user_id = self::factory()->user->create( array( 'role' => 'administrator' ) );
wp_set_current_user( $user_id );
$GLOBALS['wp_customize'] = new WP_Customize_Manager();
$this->manager = $GLOBALS['wp_customize'];
@ -41,9 +44,6 @@ class Tests_WP_Customize_Widgets extends WP_UnitTestCase {
remove_action( 'after_setup_theme', 'twentysixteen_setup' );
remove_action( 'customize_register', 'twentysixteen_customize_register', 11 );
$user_id = self::factory()->user->create( array( 'role' => 'administrator' ) );
wp_set_current_user( $user_id );
$this->backup_registered_sidebars = $GLOBALS['wp_registered_sidebars'];
}