Privacy: Limit Privacy Settings screen to Super Admins in Multisite.

In many common Multisite use cases, the network administrator will want to set a network-wide privacy policy -- via the `privacy_policy_url` filter -- for consistency and convenience. When that's done, the Privacy Settings screen on individual sites becomes unnecessary, and may confuse administrators of those sites when they see that their changes don't have any effect on the policy link in the footer.

Since we can't programatically determine which behavior the network admins would like, the safest default setting is to restrict the ability to super admins, and let them delegate it to individual site owners via a plugin, if they'd like to.

Fixes #43935.


git-svn-id: https://develop.svn.wordpress.org/trunk@43147 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ian Dunn 2018-05-03 17:24:35 +00:00
parent 1624143830
commit e4ffde6193
4 changed files with 5 additions and 2 deletions

View File

@ -270,7 +270,7 @@ $menu[80] = array( __( 'Settings' ), 'manage_optio
$submenu['options-general.php'][25] = array( __( 'Discussion' ), 'manage_options', 'options-discussion.php' ); $submenu['options-general.php'][25] = array( __( 'Discussion' ), 'manage_options', 'options-discussion.php' );
$submenu['options-general.php'][30] = array( __( 'Media' ), 'manage_options', 'options-media.php' ); $submenu['options-general.php'][30] = array( __( 'Media' ), 'manage_options', 'options-media.php' );
$submenu['options-general.php'][40] = array( __( 'Permalinks' ), 'manage_options', 'options-permalink.php' ); $submenu['options-general.php'][40] = array( __( 'Permalinks' ), 'manage_options', 'options-permalink.php' );
$submenu['options-general.php'][45] = array( __( 'Privacy' ), 'manage_options', 'privacy.php' ); $submenu['options-general.php'][45] = array( __( 'Privacy' ), 'manage_privacy_policy', 'privacy.php' );
$_wp_last_utility_menu = 80; // The index of the last top-level menu in the utility menu group $_wp_last_utility_menu = 80; // The index of the last top-level menu in the utility menu group

View File

@ -9,7 +9,7 @@
/** WordPress Administration Bootstrap */ /** WordPress Administration Bootstrap */
require_once( dirname( __FILE__ ) . '/admin.php' ); require_once( dirname( __FILE__ ) . '/admin.php' );
if ( ! current_user_can( 'manage_options' ) ) { if ( ! current_user_can( 'manage_privacy_policy' ) ) {
wp_die( __( 'Sorry, you are not allowed to manage privacy on this site.' ) ); wp_die( __( 'Sorry, you are not allowed to manage privacy on this site.' ) );
} }

View File

@ -557,6 +557,7 @@ function map_meta_cap( $cap, $user_id ) {
break; break;
case 'export_others_personal_data': case 'export_others_personal_data':
case 'erase_others_personal_data': case 'erase_others_personal_data':
case 'manage_privacy_policy':
$caps[] = is_multisite() ? 'manage_network' : 'manage_options'; $caps[] = is_multisite() ? 'manage_network' : 'manage_options';
break; break;
default: default:

View File

@ -239,6 +239,7 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
'upgrade_php' => array( 'administrator' ), 'upgrade_php' => array( 'administrator' ),
'export_others_personal_data' => array( 'administrator' ), 'export_others_personal_data' => array( 'administrator' ),
'erase_others_personal_data' => array( 'administrator' ), 'erase_others_personal_data' => array( 'administrator' ),
'manage_privacy_policy' => array( 'administrator' ),
'edit_categories' => array( 'administrator', 'editor' ), 'edit_categories' => array( 'administrator', 'editor' ),
'delete_categories' => array( 'administrator', 'editor' ), 'delete_categories' => array( 'administrator', 'editor' ),
@ -273,6 +274,7 @@ class Tests_User_Capabilities extends WP_UnitTestCase {
'upgrade_php' => array(), 'upgrade_php' => array(),
'export_others_personal_data' => array( '' ), 'export_others_personal_data' => array( '' ),
'erase_others_personal_data' => array( '' ), 'erase_others_personal_data' => array( '' ),
'manage_privacy_policy' => array(),
'customize' => array( 'administrator' ), 'customize' => array( 'administrator' ),
'delete_site' => array( 'administrator' ), 'delete_site' => array( 'administrator' ),