Commit Graph

101 Commits

Author SHA1 Message Date
Andrew Nacin
43d4f742b9 Some sanity checks -- make sure we have a valid post author user object before checking if the current user is the author.
git-svn-id: https://develop.svn.wordpress.org/trunk@14782 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-21 15:15:32 +00:00
Andrew Nacin
323342deec Move post type object capabilities to a 'cap' object. Allow them to be initialized via the 'capabilities' key (an array) when registering support for the post type. Caps are now referred to by the name of the cap as if it was a post, i.e. ->cap->edit_post. see #13358.
git-svn-id: https://develop.svn.wordpress.org/trunk@14585 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-12 20:45:18 +00:00
Ryan Boren
d783952469 Strip trailing whites.
git-svn-id: https://develop.svn.wordpress.org/trunk@14404 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-03 20:26:11 +00:00
Andrew Nacin
e2e2836ad5 Explicitly set the capability required in edit_users map_meta_cap branch, so we don't accidentally pass edit_user. props TheDeadMedic. fixes #13074, fixes #13137
git-svn-id: https://develop.svn.wordpress.org/trunk@14256 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-27 20:39:39 +00:00
Ryan Boren
981960fa09 Introduce DISALLOW_UNFILTERED_HTML
git-svn-id: https://develop.svn.wordpress.org/trunk@14244 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-26 21:42:42 +00:00
Ryan Boren
8d9073103c Introduce get_super_admins(). Allow hard-coding a global super_admins array and bypassing site options. fixes #12815
git-svn-id: https://develop.svn.wordpress.org/trunk@14206 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-23 20:34:03 +00:00
Joseph Scott
cae7b3b275 New 'list_users' cap to provide more controls over listing users vs. editing
users.

Apply this new cap to the 'Authors & Users' menu item and 'Users' page in
wp-admin.

Bump db version to 14139 to pick up the new cap.

See #13074



git-svn-id: https://develop.svn.wordpress.org/trunk@14189 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-22 19:48:13 +00:00
Ryan Boren
0e3d10f5ac Separate user deletion and removal. Add promote_users cap so that multisite Admins (not supes) can promote. see #13074
git-svn-id: https://develop.svn.wordpress.org/trunk@14176 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-21 17:43:53 +00:00
Ryan Boren
8e25b7d538 Introduce DISALLOW_FILE_MOD for disabling all ops that modify core, theme, or plugins files. see #13000
git-svn-id: https://develop.svn.wordpress.org/trunk@14088 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-14 17:22:11 +00:00
Andrew Nacin
0684fcffda Make remove_user a meta capability. see #12793
git-svn-id: https://develop.svn.wordpress.org/trunk@13956 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-03 05:14:34 +00:00
Ron Rennick
049fcf5b46 delete user cap in remove_all_caps(), props ocean90, see #12711
git-svn-id: https://develop.svn.wordpress.org/trunk@13883 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-29 20:35:06 +00:00
Andrew Nacin
e34ca97ae0 Change @since 3.0 to @since 3.0.0.
git-svn-id: https://develop.svn.wordpress.org/trunk@13827 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-26 19:13:36 +00:00
Dion Hulse
6f62362b96 Use correct cap checks and nonces for custom post_type's
git-svn-id: https://develop.svn.wordpress.org/trunk@13786 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-21 02:29:11 +00:00
Dion Hulse
f24da9abad Fix WP_User::remove_role(). See #10285
git-svn-id: https://develop.svn.wordpress.org/trunk@13784 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-21 01:36:54 +00:00
Mark Jaquith
8bca8131a6 More pedantry. "Setup" is not a verb. http://notaverb.com/setup
git-svn-id: https://develop.svn.wordpress.org/trunk@13725 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-17 04:39:50 +00:00
Andrew Nacin
781cbf67d8 Fix assignment in WP_User::for_blog(). props prettyboymp, fixes #12587
git-svn-id: https://develop.svn.wordpress.org/trunk@13666 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-11 18:24:37 +00:00
Dion Hulse
535f50f4ab Strip delete_themes from Multisite non-super-admins. Props Denis-de-Bernardy. Fixes #11802
git-svn-id: https://develop.svn.wordpress.org/trunk@13547 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-02 11:42:15 +00:00
Andrew Nacin
c9dfb91763 Spelling and grammar fun. Fixes #11875 props cnorris23
git-svn-id: https://develop.svn.wordpress.org/trunk@13382 602fd350-edb4-49c9-b593-d223f7449a82
2010-02-24 20:13:23 +00:00
Andrew Nacin
670b8d8bfb Don't use deprecated *_usermeta() functions. Props technosailor fixes #10837
git-svn-id: https://develop.svn.wordpress.org/trunk@13311 602fd350-edb4-49c9-b593-d223f7449a82
2010-02-22 21:25:32 +00:00
Ron Rennick
8f7ed98113 use map_meta_cap for multisite superadmins, props dd32, fixes #12109
git-svn-id: https://develop.svn.wordpress.org/trunk@13270 602fd350-edb4-49c9-b593-d223f7449a82
2010-02-21 00:19:05 +00:00
Ryan Boren
6d37a4c8f1 Introduce DISALLOW_FILE_EDIT flag for enabling/disabling the theem and plugin editors. Props nacin. see #11306
git-svn-id: https://develop.svn.wordpress.org/trunk@13034 602fd350-edb4-49c9-b593-d223f7449a82
2010-02-09 00:07:52 +00:00
Ryan Boren
57577592b6 Introduce WP_User::for_blog() and current_user_can_for_blog() to avoid calls to WP_User::_init_caps(). fixes #11781
git-svn-id: https://develop.svn.wordpress.org/trunk@12796 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-22 17:27:28 +00:00
Ryan Boren
d6ea7c7bde Add email and login dupe checking down into wp_insert_user(). Tidy up user-new.php. see #11644
git-svn-id: https://develop.svn.wordpress.org/trunk@12778 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-20 21:58:13 +00:00
Ryan Boren
21c4d151e2 Use API to set the user's role. see #11781
git-svn-id: https://develop.svn.wordpress.org/trunk@12770 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-19 20:12:04 +00:00
Ryan Boren
f260b32d25 Use cap checks instead of multisite and super admin checks. Add some new caps. Merge cleanup. see #11644.
git-svn-id: https://develop.svn.wordpress.org/trunk@12753 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-18 22:21:36 +00:00
Ryan Boren
8ef8b7bad5 Trailing whitespace cleanup
git-svn-id: https://develop.svn.wordpress.org/trunk@12733 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-15 22:11:12 +00:00
Ryan Boren
37d1acae71 Mainstream things that don't need to be multisite only. Formatting cleanups. see #11644
git-svn-id: https://develop.svn.wordpress.org/trunk@12699 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-11 22:23:58 +00:00
Ron Rennick
8b4fbdb503 merge in multisite login, wp-includes, See #11644
git-svn-id: https://develop.svn.wordpress.org/trunk@12697 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-11 21:49:40 +00:00
Ryan Boren
d93a81bd35 Assume current user of user ID is not passed. Props filosofo. fixes #11808
git-svn-id: https://develop.svn.wordpress.org/trunk@12650 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-07 19:45:57 +00:00
Ryan Boren
435053b040 Remove certain caps for non super admins when running multisite. see #11644
git-svn-id: https://develop.svn.wordpress.org/trunk@12630 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-07 04:05:53 +00:00
Ryan Boren
03f8d8996d Return true for all admin user is multisite is not enabled. see #11644
git-svn-id: https://develop.svn.wordpress.org/trunk@12612 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-06 23:39:40 +00:00
Ryan Boren
8a5d801117 Introduce is_super_admin(). see #11644.
git-svn-id: https://develop.svn.wordpress.org/trunk@12611 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-06 23:27:22 +00:00
Ryan Boren
9ef2cb198f More custom post type support. Props scribu. see #9674
git-svn-id: https://develop.svn.wordpress.org/trunk@12597 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-04 16:58:43 +00:00
Peter Westwood
12cc58c227 Mark user levels as Deprecated. Fixes #10805 props nacin.
git-svn-id: https://develop.svn.wordpress.org/trunk@12585 602fd350-edb4-49c9-b593-d223f7449a82
2009-12-30 16:51:32 +00:00
Peter Westwood
4e0adefa76 Ensure we don't destory the $wp_roles->role_objects property when assigning a second role to a WP_User object. Fixes #9128 props dd32.
git-svn-id: https://develop.svn.wordpress.org/trunk@12479 602fd350-edb4-49c9-b593-d223f7449a82
2009-12-22 11:42:46 +00:00
Peter Westwood
4701dd33f6 Check the correct global in get_page and also ensure that the cap check for deleting pages copes for the default page we edit when adding new. Fixes #11203.
git-svn-id: https://develop.svn.wordpress.org/trunk@12332 602fd350-edb4-49c9-b593-d223f7449a82
2009-12-07 18:01:02 +00:00
Peter Westwood
ebe702a851 Better documentation on the format of the capabilities when adding a role. Fixes #11106 props simonwheatley.
git-svn-id: https://develop.svn.wordpress.org/trunk@12160 602fd350-edb4-49c9-b593-d223f7449a82
2009-11-09 22:15:50 +00:00
Peter Westwood
94a2054bf5 Ensure we always have author info to check capabilities with. Fixes notice on Add new post page.
git-svn-id: https://develop.svn.wordpress.org/trunk@12053 602fd350-edb4-49c9-b593-d223f7449a82
2009-10-18 12:06:39 +00:00
Mark Jaquith
529e336c1e Add set_user_role action hook. props jamescollins, usermrpapa. fixes #10716
git-svn-id: https://develop.svn.wordpress.org/trunk@12028 602fd350-edb4-49c9-b593-d223f7449a82
2009-10-14 02:30:51 +00:00
Ryan Boren
05458bb414 Use oEmbed for youtube. Props Viper007Bond. see #10337
git-svn-id: https://develop.svn.wordpress.org/trunk@12027 602fd350-edb4-49c9-b593-d223f7449a82
2009-10-13 22:36:24 +00:00
Ryan Boren
e71f15a979 Embeds. Props Viper007Bond. see #10337
git-svn-id: https://develop.svn.wordpress.org/trunk@12023 602fd350-edb4-49c9-b593-d223f7449a82
2009-10-13 17:04:22 +00:00
Ryan Boren
b7f82a38b5 Filter fields through kses upon display. Introduce sanitize_user_object() and sanitize_user_field(). see #10751
git-svn-id: https://develop.svn.wordpress.org/trunk@11929 602fd350-edb4-49c9-b593-d223f7449a82
2009-09-14 13:57:48 +00:00
Ryan Boren
d098dfcd59 Add missing break. Props snakefoot. fixes #10692
git-svn-id: https://develop.svn.wordpress.org/trunk@11912 602fd350-edb4-49c9-b593-d223f7449a82
2009-09-11 13:42:15 +00:00
Ryan Boren
d9c6047a27 Disallow unfiltered uploads for admins by default. fixes #10692
git-svn-id: https://develop.svn.wordpress.org/trunk@11887 602fd350-edb4-49c9-b593-d223f7449a82
2009-08-28 00:17:53 +00:00
Peter Westwood
80e4f72f72 Move the storage of the metadata for trashed posts into the post meta table rather than storing it in an option. See #4529.
git-svn-id: https://develop.svn.wordpress.org/trunk@11878 602fd350-edb4-49c9-b593-d223f7449a82
2009-08-25 22:05:15 +00:00
Andrew Ozz
ca608e336a Don't let contributors to re-publish their trashed posts, props caesarsgrunt, see #4529
git-svn-id: https://develop.svn.wordpress.org/trunk@11873 602fd350-edb4-49c9-b593-d223f7449a82
2009-08-24 20:48:31 +00:00
Andrew Ozz
782977afbf "Trash" updates, props caesarsgrunt, see #4529
git-svn-id: https://develop.svn.wordpress.org/trunk@11841 602fd350-edb4-49c9-b593-d223f7449a82
2009-08-19 08:35:24 +00:00
Ryan Boren
66ab91564b Cast to array to fix warning. Props johnkolbert, Denis-de-Bernardy. fixes #9128
git-svn-id: https://develop.svn.wordpress.org/trunk@11019 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-20 20:03:20 +00:00
Peter Westwood
16ab2e1302 Let a plugin filter the expanded capabilities returned by map_meta_cap. Fixes #9462 props rmccue.
git-svn-id: https://develop.svn.wordpress.org/trunk@10874 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-05 17:23:04 +00:00
Ryan Boren
cc77e573b6 Explicitly return ref for the sake of PHP4. Fixes user_level being empty when installing on PHP4. Props Mr Pete. fixes #8317 for trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@10200 602fd350-edb4-49c9-b593-d223f7449a82
2008-12-12 20:47:18 +00:00