From ca608e336aca8b2a7be911aa4f180a56a55e7905 Mon Sep 17 00:00:00 2001 From: Andrew Ozz Date: Mon, 24 Aug 2009 20:48:31 +0000 Subject: [PATCH] Don't let contributors to re-publish their trashed posts, props caesarsgrunt, see #4529 git-svn-id: https://develop.svn.wordpress.org/trunk@11873 602fd350-edb4-49c9-b593-d223f7449a82 --- wp-includes/capabilities.php | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/wp-includes/capabilities.php b/wp-includes/capabilities.php index 54e497a86e..43a12e8366 100644 --- a/wp-includes/capabilities.php +++ b/wp-includes/capabilities.php @@ -773,11 +773,16 @@ function map_meta_cap( $cap, $user_id ) { // If the user is the author... if ( $user_id == $post_author_data->ID ) { // If the post is published... - if ( 'publish' == $post->post_status ) + if ( 'publish' == $post->post_status ) { $caps[] = 'delete_published_posts'; - else + } elseif ( 'trash' == $post->post_status ) { + $trash_meta = get_option('wp_trash_meta'); + if (is_array($trash_meta) && isset($trash_meta['posts'][$post->ID]['status']) && $trash_meta['posts'][$post->ID]['status'] == 'publish') + $caps[] = 'delete_published_posts'; + } else { // If the post is draft... $caps[] = 'delete_posts'; + } } else { // The user is trying to edit someone else's post. $caps[] = 'delete_others_posts'; @@ -797,11 +802,16 @@ function map_meta_cap( $cap, $user_id ) { // If the user is the author... if ( $user_id == $page_author_data->ID ) { // If the page is published... - if ( $page->post_status == 'publish' ) + if ( $page->post_status == 'publish' ) { $caps[] = 'delete_published_pages'; - else + } elseif ( 'trash' == $page->post_status ) { + $trash_meta = get_option('wp_trash_meta'); + if (is_array($trash_meta) && isset($trash_meta['posts'][$page->ID]['status']) && $trash_meta['posts'][$page->ID]['status'] == 'publish') + $caps[] = 'delete_published_pages'; + } else { // If the page is draft... $caps[] = 'delete_pages'; + } } else { // The user is trying to edit someone else's page. $caps[] = 'delete_others_pages';