[wp-trac] [WordPress Trac] #33306: Only Query for author ID if user is member of blog
WordPress Trac
noreply at wordpress.org
Fri Sep 4 23:07:03 UTC 2015
#33306: Only Query for author ID if user is member of blog
-------------------------+-------------------------------------
Reporter: sboisvert | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Query | Version: 4.3
Severity: normal | Resolution:
Keywords: | Focuses: multisite, performance
-------------------------+-------------------------------------
Comment (by jeremyfelt):
Replying to [comment:6 boonebgorges]:
> I'm having a hard time concocting a concrete case like the "far out" one
that you sketched. But, just to be clear, in this case the worst that will
happen is that certain users with changed roles will not see their legacy
content, right?
Poking some more, I'm not sure that `edit_posts` is low enough of a
capability because of how post authors can be assigned when extending the
core UI.
I started exploring with an example of private feedback from an instructor
to students. The instructor writes the feedback (post), sets the student
(post_author, role of subscriber), and sets the status as private so that
an individual student has access to only their feedback.
Currently, the student would have access to the individual post and to
those posts via an archive display. With the patch provided by @sboisvert,
this would stay the same as the student is recognized as a member of the
site. If we switch to a more restrictive cap check, the individual private
post would be readable, but the archive display would no longer show the
private posts.
Sticking with `is_member_of_blog()` seems to make more sense. Of course,
the trade off is then running `get_blogs_of_user()` instead of the OR. A
comparison of numbers would help here.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/33306#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list