[wp-trac] [WordPress Trac] #12455: Options.php cleanup
WordPress Trac
wp-trac at lists.automattic.com
Tue Mar 2 14:21:15 UTC 2010
#12455: Options.php cleanup
--------------------------+-------------------------------------------------
Reporter: dd32 | Owner: dd32
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: 3.0
Component: General | Version: 3.0
Severity: normal | Keywords: has-patch needs-testing
--------------------------+-------------------------------------------------
Comment(by nacin):
Replying to [comment:3 Denis-de-Bernardy]:
> I'd like to suggest an additional enhancement: if the site is not
multisite, only the user whose email corresponds to the admin email can
browse that screen.
-1 for two reasons. One, this should be handled by capabilities. If
manage_options isn't specific enough, then we can come up with another
that can be removed by a plugin for certain users. Even then, a plugin
should be able to deny options.php for certain holders of a manage_options
cap.
Two, there's zero guarantee that there is a matching account to the admin
email. If we ever start thinking about an owner/super-admin role that can
be linked directly to the admin email, then this perhaps comes into play,
but otherwise, you can't make that assumption.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12455#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list