[wp-trac] [WordPress Trac] #17668: wp_post_revision_title capabilities

WordPress Trac wp-trac at lists.automattic.com
Tue Jun 7 07:16:06 UTC 2011


#17668: wp_post_revision_title capabilities
--------------------------+------------------
 Reporter:  ejdanderson   |       Owner:
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  3.2
Component:  Revisions     |     Version:  3.2
 Severity:  minor         |  Resolution:
 Keywords:  2nd-opinion   |
--------------------------+------------------

Comment (by ejdanderson):

 Replying to [comment:4 aaroncampbell]:
 > The issue is deeper than just `get_edit_post_link`.  The truth is that
 you can edit a revision even if you don't have the rights to edit it's
 parent.

 Perhaps a solution resides in map_meta_cap() with checking the parent's
 capabilities on the 'edit_post', 'delete_post', and 'read_post' cases?
 Shouldn't revisions always inherit all of their parent post type's
 relevant capabilities?

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/17668#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list