Users: Limit the scope of admin files required in WP_REST_Users_Controller.

This requires only `wp-admin/includes/user.php` for `get_editable_roles()`, instead of `wp-admin/includes/admin.php`. Follow-up to [43589]. Props johnwatkins0. Fixes #49450. git-svn-id: https://develop.svn.wordpress.org/trunk@47299 602fd350-edb4-49c9-b593-d223f7449a82
2020-02-17 05:31:18 +00:00 · 2020-02-17 05:31:18 +00:00 · 9ac7fca92b
commit 9ac7fca92b
parent b8993b72bd
1 changed files with 2 additions and 2 deletions
--- a/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
+++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
@ -1210,8 +1210,8 @@ class WP_REST_Users_Controller extends WP_REST_Controller {
 				);
 			}

-			// Include admin functions to get access to get_editable_roles().
-			require_once ABSPATH . 'wp-admin/includes/admin.php';
+			// Include user admin functions to get access to get_editable_roles().
+			require_once ABSPATH . 'wp-admin/includes/user.php';

 			// The new role must be editable by the logged-in user.
 			$editable_roles = get_editable_roles();