sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Privacy: Return a more accurate error message when the user cannot perform the requested action.

Browse Source 
Props mmuhsin, jplojohn, garrett-eclipse, desrosj.
Fixes #44833.

git-svn-id: https://develop.svn.wordpress.org/trunk@44777 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov 2019-02-28 11:48:46 +00:00
parent 010cdb3ce6
commit 9074c8dd94
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/wp-admin/includes/ajax-actions.php
View File

@ -4452,7 +4452,7 @@ function wp_ajax_wp_privacy_export_personal_data() {
}
if ( ! current_user_can( 'export_others_personal_data' ) ) {
wp_send_json_error( __( 'Invalid request.' ) );
wp_send_json_error( __( 'Sorry, you are not allowed to perform this action.' ) );
}
check_ajax_referer( 'wp-privacy-export-personal-data-' . $request_id, 'security' );
@ -4634,7 +4634,7 @@ function wp_ajax_wp_privacy_erase_personal_data() {
// Both capabilities are required to avoid confusion, see `_wp_personal_data_removal_page()`.
if ( ! current_user_can( 'erase_others_personal_data' ) || ! current_user_can( 'delete_users' ) ) {
wp_send_json_error( __( 'Invalid request.' ) );
wp_send_json_error( __( 'Sorry, you are not allowed to perform this action.' ) );
}
check_ajax_referer( 'wp-privacy-erase-personal-data-' . $request_id, 'security' );