[buddypress-trac] [BuddyPress Trac] #8070: Missing 'edit_users' check in member_can_edit()
buddypress-trac
noreply at wordpress.org
Sun Sep 5 08:14:55 UTC 2021
#8070: Missing 'edit_users' check in member_can_edit()
----------------------------------------+---------------------
Reporter: Venutius | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 10.0.0
Component: Members | Version: 4.2.0
Severity: normal | Resolution:
Keywords: needs-patch good-first-bug |
----------------------------------------+---------------------
Changes (by imath):
* keywords: => needs-patch good-first-bug
* milestone: Awaiting Review => 10.0.0
Comment:
Hi @Venutius
Thanks for your feedback. I believe the `bp_moderate` cap should include
in a way the `edit_users` cap as it is dynamically added to Administrators
or Super Administrators on multisite. See
https://wordpress.org/support/article/roles-and-capabilities/
I guess the need for the `edit_users` check is linked to custom roles?
I'd like to see a patch about it, if this can happen, I'm fine with
including it into 10.0.0
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/8070#comment:1>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list