[wp-trac] [WordPress Trac] #22417: _wp_translate_postdata() should use current_user_can( $ptype->cap->edit_post, $post_id )
WordPress Trac
noreply at wordpress.org
Thu Nov 15 09:45:19 UTC 2012
#22417: _wp_translate_postdata() should use current_user_can(
$ptype->cap->edit_post, $post_id )
-----------------------------+------------------
Reporter: danielbachhuber | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.5
Component: Role/Capability | Version:
Severity: normal | Resolution:
Keywords: |
-----------------------------+------------------
Changes (by nacin):
* milestone: Awaiting Review => 3.5
Comment:
I imagine this is in place for _wp_translate_postdata( false ), as in —
when it is not used for an update.
wp_write_post() uses this, but this code is actually dead now and has been
since auto-drafts are introduced, because edit_post() gets called right
before it. For more on removing wp_write_post() and making this code more
sane, see #21963.
If $update, we should be able to make the more informed capability checks
you are proposing.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/22417#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list