Commit Graph

172 Commits

Author SHA1 Message Date
Andrew Nacin f3b332e9bb Use meta caps edit_post, read_post, and delete_post directly, rather than consulting the post type object. map_meta_cap() handles that for us. props markjaquith, kovshenin. fixes #23226.
git-svn-id: https://develop.svn.wordpress.org/trunk@24593 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-08 20:05:42 +00:00
Sergey Biryukov de2951b057 Correct return value for get_role() and WP_Roles::get_role(). props tivnet. fixes #24607.
git-svn-id: https://develop.svn.wordpress.org/trunk@24491 602fd350-edb4-49c9-b593-d223f7449a82
2013-06-21 13:01:55 +00:00
Ryan Boren df26a7f97e In WP_User::get_data_by(), don't abs int negative IDs. Instead, return false when an ID less than 1 is passed.
Props nacin, mordauk
fixes #23480


git-svn-id: https://develop.svn.wordpress.org/trunk@24316 602fd350-edb4-49c9-b593-d223f7449a82
2013-05-22 18:14:37 +00:00
Sergey Biryukov 78b69ff012 Pass old roles to set_user_role action. props awellis13. fixes #19134.
git-svn-id: https://develop.svn.wordpress.org/trunk@23358 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-31 01:15:25 +00:00
Ryan Boren 9575d68a6a Make current_user_can_for_blog() safe to run single site.
Props nacin, MarkJaquith
fixes #22803


git-svn-id: https://develop.svn.wordpress.org/trunk@23117 602fd350-edb4-49c9-b593-d223f7449a82
2012-12-07 09:53:27 +00:00
Andrew Nacin 5aac5cb3de Use the create_posts post type cap in more places. Remove the janky create_posts meta cap. see #16714.
git-svn-id: https://develop.svn.wordpress.org/trunk@22908 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-28 22:28:20 +00:00
Ryan Boren 62b6474e77 When using WP_User::set_role() to set the role, don't unset all caps when the requested role matches the current role.
Props scribu, jammitch
fixes #18932


git-svn-id: https://develop.svn.wordpress.org/trunk@22418 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-07 17:16:37 +00:00
Dion Hulse 3d40fbad80 Fix a PHP Notice when attempting to Add or remove capabilities from nonexistant roles. Props SergeyBiryukov. Fixes #18461
git-svn-id: https://develop.svn.wordpress.org/trunk@22354 602fd350-edb4-49c9-b593-d223f7449a82
2012-10-31 23:18:33 +00:00
Ryan Boren 1d02d4bf27 Return WP_User objects when querying 'all' fields with WP_User_Query.
Allow passing stdClass or WP_User to the WP_User constructor.

fixes #22057


git-svn-id: https://develop.svn.wordpress.org/trunk@22248 602fd350-edb4-49c9-b593-d223f7449a82
2012-10-16 20:05:40 +00:00
Ryan Boren 7ba5099795 Objects no longer need to be explicitly passed by ref to call_user_func*() to be callable. Props wonderboymusic. fixes #21865
git-svn-id: https://develop.svn.wordpress.org/trunk@22118 602fd350-edb4-49c9-b593-d223f7449a82
2012-10-04 20:00:16 +00:00
Ryan Boren 48484428a2 Introduce create_posts meta capability. Props scribu, nacin, casben79. see #16714
git-svn-id: https://develop.svn.wordpress.org/trunk@22060 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-27 15:33:19 +00:00
Ryan Boren 9d798e26d4 Add publish_post meta cap. Props nacin. fixes #21288
git-svn-id: https://develop.svn.wordpress.org/trunk@22056 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-27 12:48:59 +00:00
Ryan Boren ad535df32e Allow remove_cap() to unset a negative capability. Props johnjamesjacoby. fixes #21786
git-svn-id: https://develop.svn.wordpress.org/trunk@21940 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-21 13:41:43 +00:00
Andrew Nacin fee76161e3 Don't use hard-coded indexes when dealing with an array of roles. props elyobo. fixes #19222.
git-svn-id: https://develop.svn.wordpress.org/trunk@21866 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-16 16:24:33 +00:00
Andrew Nacin d41d58d128 Move the optimization done to get_user_by() in [21376] higher up the stack, into map_meta_cap() and is_super_admin().
This provides nearly the same benefits without possibly receiving a stale object from get_userdata(),
which could affect authentication, and introduce side effects for plugins.

see #21120.



git-svn-id: https://develop.svn.wordpress.org/trunk@21563 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-20 21:58:34 +00:00
Andrew Nacin 9931c1a45d Hide the link manager from the UI on upgrade, if the site has no links. New DB option, link_manager_enabled.
Enforce this by denying the 'manage_links' capability, which hides the All Links, Add New Link, and Link Categories screens. Hide WP_Widget_Links and the UI for the default_link_category as well.

Convert all references to 'posts and links' when handling reassignment on user deletion to just 'posts'.

see #21307.



git-svn-id: https://develop.svn.wordpress.org/trunk@21501 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-13 16:18:42 +00:00
Ryan Boren 9580f65af6 Allow passing stdClass and WP_User to wp_insert_user() and wp_update_user(). Introduce WP_User::to_array(). Eliminate uses of get_object_vars() when passing to wp_*_user(). fixes #21429
git-svn-id: https://develop.svn.wordpress.org/trunk@21496 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-10 15:36:54 +00:00
Ryan Boren 20a1def1c0 switch_to_blog() and restore_current_blog() housekeeping.
wp-includes/admin-bar.php:

* Replace get_admin_url() and get_home_url() with admin_url() and home_url() and place them inside a switch/restore. Likewise replace current_user_can_for_blog() with current_user_can(). This avoids doing multiple switch restores.

wp-includes/ms-blogs.php:

* Deprecate the $validate argument to switch_to_blog(). This avoids a not very necessary call to get_blog_details(), possibly saving a few queries.
* Use $_wp_switched and $_wp_switched_stack instead of $switched and $switched_stack to make it less likely these globals will be stomped.
* Use GLOBALS to access blog_id and other globals. I've preferred this style lately since it makes it obvious a global is being used and avoids global blog_id being stomped by a local variable.
* Lose some is_object() checks. wp_get_current_user() always returns an object, for example.
* Call the new WP_Roles::reinit() method.

wp-includes/class-wp-xmlrpc-server.php:

* Replace current_user_can_for_blog() with current_user_can() and move it inside the switch/restore pair. This eliminates a switch/restore.

wp-includes/capabilities.php:

* Use array_keys() instead of $role => $data since $data is unused. I *think* this is a bit faster.
* Introduce WP_Roles::reinit(). This reinitializes WP_Roles and is used after switch_to_blog() has already update the blog ID in the wpdb object. If a global roles array is being used instead of the db, reinit is skipped.
* current_user_can_for_blog() now does a switch/restore. It didn't before meaning it could be reinitializing the user with the wrong role information for the current blog.

wp-includes/ms-settings.php:

* Define $_wp_switched_stack and $_wp_switched. This way switch_to_blog() and restore_current_blog() can rely on it being set.

wp-settings.php:

* Instantiate the WP_Roles global. This was it is always defined during init. To remove the WP_Roles checks from WP_Role and WP_User this would probably have to move before plugins are loaded, which might not be a good thing.

wp-includes/functions.php:

* Update wp_upload_dir() to reference _wp_switched.



git-svn-id: https://develop.svn.wordpress.org/trunk@21485 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-09 16:28:15 +00:00
Andrew Nacin a5c7405975 Move most instances of new WP_User to get_userdata(). see #21120.
git-svn-id: https://develop.svn.wordpress.org/trunk@21413 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-03 01:06:05 +00:00
Andrew Nacin d69dda48ec Use get_userdata() rather than new WP_User in is_super_admin(), to take advantage of the performance improvements in [21376]. see #21120.
git-svn-id: https://develop.svn.wordpress.org/trunk@21377 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-31 17:47:08 +00:00
Andrew Nacin cd7e3f097d Don't call get_userdata() every time for the current user in map_meta_cap()'s read_post, edit_post, and delete_post branches. see #21120.
git-svn-id: https://develop.svn.wordpress.org/trunk@21375 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-31 17:39:14 +00:00
Andrew Nacin 4a23ebe03d Enforce multisite plugins menu preference in map_meta_cap(). This means a simple current_user_can('activate_plugins') check will handle the 'Enable administration menus' setting.
Remove bogus checks for enabling/disabling the 'themes' menu (something core does not handle out of the box) when in the network admin.

fixes #21123.



git-svn-id: https://develop.svn.wordpress.org/trunk@21198 602fd350-edb4-49c9-b593-d223f7449a82
2012-06-30 12:40:25 +00:00
Andrew Nacin ffababf000 Remove 'fall through' points in map_meta_cap() as they can hide bugs.
git-svn-id: https://develop.svn.wordpress.org/trunk@21152 602fd350-edb4-49c9-b593-d223f7449a82
2012-06-27 19:27:54 +00:00
Ryan Boren 257e455a50 Fix warning when processing read_post cap. Props duck_. fixes #20917
git-svn-id: https://develop.svn.wordpress.org/trunk@21060 602fd350-edb4-49c9-b593-d223f7449a82
2012-06-12 13:50:51 +00:00
Ryan Boren e61ac6e607 Make read_post more useful. Map read_post to edit_post for posts with protected post states. This makes read_post work naturally for draft, future, and pending posts belonging to other users. If the current user cannot edit these non-public posts then the user should not be able to read them either.
git-svn-id: https://develop.svn.wordpress.org/trunk@21046 602fd350-edb4-49c9-b593-d223f7449a82
2012-06-10 16:21:44 +00:00
Andrew Nacin fa3427a99a Update phpdoc for WP_User::has_cap(). props nunomorgadinho. see #19756.
git-svn-id: https://develop.svn.wordpress.org/trunk@20683 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-02 14:17:04 +00:00
Andrew Nacin 29ca3e321a Do not block file mod/edit caps when DISALLOW_UNFILTERED_HTML is set. There are separate constants (DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS for those). fixes #20488.
git-svn-id: https://develop.svn.wordpress.org/trunk@20534 602fd350-edb4-49c9-b593-d223f7449a82
2012-04-19 14:05:05 +00:00
Ryan Boren 6f9ceb2326 Introduce WP_User::exists(). see #20372
git-svn-id: https://develop.svn.wordpress.org/trunk@20378 602fd350-edb4-49c9-b593-d223f7449a82
2012-04-06 19:18:45 +00:00
Ryan Boren 2b186b0c45 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: https://develop.svn.wordpress.org/trunk@19712 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-08 17:01:11 +00:00
Ryan Boren 54067a5f20 Remove extraneous spaces. Props kenan3008, dimadin. fixes #19501 #19433
git-svn-id: https://develop.svn.wordpress.org/trunk@19596 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-14 17:36:38 +00:00
Ryan Boren 676ba7043e Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: https://develop.svn.wordpress.org/trunk@19593 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-13 23:45:31 +00:00
Jon Cave bde6461ff4 Provide back compat mapping for user_level, wp_usersettings and wp_usersettingstime properties of WP_User objects. Fixes #19265.
git-svn-id: https://develop.svn.wordpress.org/trunk@19325 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-17 20:40:24 +00:00
Andrew Nacin f1bbad5d5b Remove dead code. empty() will catch anything that equals false.
git-svn-id: https://develop.svn.wordpress.org/trunk@19171 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-05 13:35:48 +00:00
Ryan Boren 168e89007c Avoid 'Only variables should be assigned by reference' warning. Props arena. fixes #18867
git-svn-id: https://develop.svn.wordpress.org/trunk@18956 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-12 20:41:06 +00:00
Ryan Boren b412d5f082 Don't stomp meta fields in wp_update_user(). Props scribu. see #15458
git-svn-id: https://develop.svn.wordpress.org/trunk@18909 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-07 02:34:41 +00:00
Jon Cave 205aa5ba5c Fix typos in documentation (wp-includes/[a-h]). See #18560.
git-svn-id: https://develop.svn.wordpress.org/trunk@18633 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-03 16:02:41 +00:00
Ryan Boren 9e2aa32657 Handle null user ID in the WP_User constructor. Props kawauso. fixes #17894
git-svn-id: https://develop.svn.wordpress.org/trunk@18598 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-24 19:47:35 +00:00
Ryan Boren 1d3e616495 Introduce metadata_exists(), WP_User::get_data_by(), WP_User::get(), WP_User::has_prop(). Don't fill user objects with meta. Eliminate data duplication in cache and memory. Props scribu. see #15458
git-svn-id: https://develop.svn.wordpress.org/trunk@18597 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-24 19:32:59 +00:00
Ryan Boren afe083447f Handle id back compat in isset magic method. see #15458
git-svn-id: https://develop.svn.wordpress.org/trunk@18515 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-05 20:54:08 +00:00
Ryan Boren eda7d43e85 Deprecate get_userdatabylogin() and get_user_by_email(). Props scribu. fixes #18333
git-svn-id: https://develop.svn.wordpress.org/trunk@18513 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-05 16:57:31 +00:00
Ryan Boren 15507ec835 Remove first_name and last_name properties. Props scribu. see #15458
git-svn-id: https://develop.svn.wordpress.org/trunk@18512 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-05 16:45:11 +00:00
Ryan Boren 35d92b5e1e Handle deprecation of id in __set(). Props scribu. see #15458
git-svn-id: https://develop.svn.wordpress.org/trunk@18506 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-04 15:42:38 +00:00
Ryan Boren 8eea785bcb Add magic get/set/isset methods to WP_User to avoid data duplication. Standardize on WP_User::ID. Props scribu. see #15458
git-svn-id: https://develop.svn.wordpress.org/trunk@18504 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-04 03:09:27 +00:00
Ryan Boren 58d9d5ea5d Remove return by ref from get_role(). Props scribu, elyobo. fixes #18237
git-svn-id: https://develop.svn.wordpress.org/trunk@18476 602fd350-edb4-49c9-b593-d223f7449a82
2011-07-28 17:12:18 +00:00
Ryan Boren 6b5d8397b0 Introduce register_meta(), get_metadata_by_mid(), and *_post_meta capabilities. fixes #17850
git-svn-id: https://develop.svn.wordpress.org/trunk@18445 602fd350-edb4-49c9-b593-d223f7449a82
2011-07-20 22:04:35 +00:00
Mark Jaquith 9d6bb11571 Check parent caps for revisions. props aaroncampbell. fixes #17668
git-svn-id: https://develop.svn.wordpress.org/trunk@18200 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-08 18:06:43 +00:00
Ryan Boren 9730cb8d15 Constructor cleanup. Props ocean90. fixes #16768
git-svn-id: https://develop.svn.wordpress.org/trunk@17771 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-29 20:05:12 +00:00
Ryan Boren d470b22d59 Remove PHP4 constructors. Props hakre. see #16768
git-svn-id: https://develop.svn.wordpress.org/trunk@17604 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-05 17:25:08 +00:00
Andrew Nacin 3a3d660a6e I have CDO. see #15779.
git-svn-id: https://develop.svn.wordpress.org/trunk@16910 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-14 11:25:11 +00:00
Andrew Nacin 12da6006e0 Ensure the map_meta_cap filter receives the right cap when the map_meta_cap flag is false. fixes #15779.
git-svn-id: https://develop.svn.wordpress.org/trunk@16909 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-14 11:22:32 +00:00