[buddypress-trac] [BuddyPress Trac] #5465: About BuddyPress in WP Admin Bar and multisite config !!

buddypress-trac noreply at wordpress.org
Sun Mar 16 19:43:43 UTC 2014

#5465: About BuddyPress in WP Admin Bar and multisite config !!
 Reporter:  imath                  |       Owner:
     Type:  defect (bug)           |      Status:  new
 Priority:  highest                |   Milestone:  1.9.3
Component:  Administration         |     Version:  1.9
 Severity:  blocker                |  Resolution:
 Keywords:  has-patch 2nd-opinion  |

Comment (by imath):

 Replying to [comment:4 boonebgorges]:
 > The real issue is not that we're showing the link to About BuddyPress to
 non-super-admins, it's that we're allowing people to see screens and
 change info that they shouldn't be allowed to change.

 I agree. The cause that opens the problem is the "About BuddyPress" WP
 Admin Bar link. So a quick fix is to hide it.

 A real fix might be to use a capability so that we're sure using it for a
 menu (for example) will ensure the menu would only be showed to allowed
 users. It could be 'bp_moderate' if the mapping function was more strict,
 else a new capability ( 'bp_admin' or 'bp_manage' or
 'manage_buddypress'...) that would allow 'manage_options' if single config
 and 'manage_network_options' if on multisite would be interesting, i

Ticket URL: <https://buddypress.trac.wordpress.org/ticket/5465#comment:5>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac

More information about the buddypress-trac mailing list