[wp-trac] [WordPress Trac] #12109: map_meta_cap doesnt work for multisite superadmins
WordPress Trac
wp-trac at lists.automattic.com
Mon Feb 1 08:22:50 UTC 2010
#12109: map_meta_cap doesnt work for multisite superadmins
-----------------------------+----------------------------------------------
Reporter: dd32 | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.0
Component: Role/Capability | Version:
Severity: normal | Keywords: multisite
-----------------------------+----------------------------------------------
I noticed that Users -> Add New was being shown for Multisite when the Add
New page was disabled on the MS options page.
The current logic is that map_meta_cap will remove the create_users
capability for when this option is disabled.
However, Thats not always the case, Take the 'create_users' value for
example, It'll exist for super admin. you see, Theres a slight issue in
that map_meta_cap is never run for Multisite super admins, super admins
have ALL caps, even 'cap_doesnt_exist'
IMO, this is something that should probably be removed, super admins
should only have caps if their role has the cap. I believe this is
currently a work around due to the lack of a "Super admin" role as such.
Code in question: http://core.trac.wordpress.org/browser/trunk/wp-
includes/capabilities.php#L725
{{{
719 function has_cap( $cap ) {
720 if ( is_numeric( $cap ) ) {
721 _deprecated_argument( __FUNCTION__, '2.0',
__('Usage of user levels by plugins and themes is deprecated. Use roles
and capabilities instead.') );
722 $cap = $this->translate_level_to_cap( $cap
);
723 }
724
725 // Multisite super admin has all caps by
definition.
726 if ( is_multisite() && is_super_admin() )
727 return true;
}}}
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12109>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list