Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-15 07:05:37 +01:00
Code Issues Projects Releases Wiki Activity

Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways.

Browse Source 
Merge of [39968] to the 4.7 branch.
Built from https://develop.svn.wordpress.org/branches/4.7@39969


git-svn-id: http://core.svn.wordpress.org/branches/4.7@39906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Dominik Schilling 2017-01-26 14:01:34 +00:00
parent 599e703836
commit ad0f68291a
2 changed files with 68 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
wp-admin/includes/class-wp-press-this.php
View File

@ -119,10 +119,28 @@ class WP_Press_This {
'post_type' => 'post', 'post_type' => 'post',
'post_status' => 'draft', 'post_status' => 'draft',
'post_format' => ( ! empty( $_POST['post_format'] ) ) ? sanitize_text_field( $_POST['post_format'] ) : '', 'post_format' => ( ! empty( $_POST['post_format'] ) ) ? sanitize_text_field( $_POST['post_format'] ) : '',
'tax_input' => ( ! empty( $_POST['tax_input'] ) ) ? $_POST['tax_input'] : array(),
'post_category' => ( ! empty( $_POST['post_category'] ) ) ? $_POST['post_category'] : array(),
); );
// Only accept categories if the user actually can assign
$category_tax = get_taxonomy( 'category' );
if ( current_user_can( $category_tax->cap->assign_terms ) ) {
$post_data['post_category'] = ( ! empty( $_POST['post_category'] ) ) ? $_POST['post_category'] : array();
}
// Only accept taxonomies if the user can actually assign
if ( ! empty( $_POST['tax_input'] ) ) {
$tax_input = $_POST['tax_input'];
foreach ( $tax_input as $tax => $_ti ) {
$tax_object = get_taxonomy( $tax );
if ( ! $tax_object || ! current_user_can( $tax_object->cap->assign_terms ) ) {
unset( $tax_input[ $tax ] );
}
}
$post_data['tax_input'] = $tax_input;
}
// Toggle status to pending if user cannot actually publish
if ( ! empty( $_POST['post_status'] ) && 'publish' === $_POST['post_status'] ) { if ( ! empty( $_POST['post_status'] ) && 'publish' === $_POST['post_status'] ) {
if ( current_user_can( 'publish_posts' ) ) { if ( current_user_can( 'publish_posts' ) ) {
$post_data['post_status'] = 'publish'; $post_data['post_status'] = 'publish';
@ -453,7 +471,7 @@ class WP_Press_This {
* @since 4.2.0 * @since 4.2.0
* *
* @param string $src Embed source URL. * @param string $src Embed source URL.
* @return string If not from a supported provider, an empty string. Otherwise, a reformattd embed URL. * @return string If not from a supported provider, an empty string. Otherwise, a reformatted embed URL.
*/ */
private function _limit_embed( $src ) { private function _limit_embed( $src ) {
$src = $this->_limit_url( $src ); $src = $this->_limit_url( $src );
@ -853,6 +871,12 @@ class WP_Press_This {
public function categories_html( $post ) { public function categories_html( $post ) {
$taxonomy = get_taxonomy( 'category' ); $taxonomy = get_taxonomy( 'category' );
// Bail if user cannot assign terms
if ( ! current_user_can( $taxonomy->cap->assign_terms ) ) {
return;
}
// Only show "add" if user can edit terms
if ( current_user_can( $taxonomy->cap->edit_terms ) ) { if ( current_user_can( $taxonomy->cap->edit_terms ) ) {
?> ?>
<button type="button" class="add-cat-toggle button-link" aria-expanded="false"> <button type="button" class="add-cat-toggle button-link" aria-expanded="false">
@ -1272,6 +1296,12 @@ class WP_Press_This {
wp_enqueue_script( 'json2' ); wp_enqueue_script( 'json2' );
wp_enqueue_script( 'editor' ); wp_enqueue_script( 'editor' );
$categories_tax = get_taxonomy( 'category' );
$show_categories = current_user_can( $categories_tax->cap->assign_terms ) || current_user_can( $categories_tax->cap->edit_terms );
$tag_tax = get_taxonomy( 'post_tag' );
$show_tags = current_user_can( $tag_tax->cap->assign_terms );
$supports_formats = false; $supports_formats = false;
$post_format = 0; $post_format = 0;
@ -1423,17 +1453,21 @@ class WP_Press_This {
</button> </button>
<?php endif; ?> <?php endif; ?>
<button type="button" class="button-link post-option"> <?php if ( $show_categories ) : ?>
<span class="dashicons dashicons-category"></span> <button type="button" class="button-link post-option">
<span class="post-option-title"><?php _e( 'Categories' ); ?></span> <span class="dashicons dashicons-category"></span>
<span class="dashicons post-option-forward"></span> <span class="post-option-title"><?php _e( 'Categories' ); ?></span>
</button> <span class="dashicons post-option-forward"></span>
</button>
<?php endif; ?>
<button type="button" class="button-link post-option"> <?php if ( $show_tags ) : ?>
<span class="dashicons dashicons-tag"></span> <button type="button" class="button-link post-option">
<span class="post-option-title"><?php _e( 'Tags' ); ?></span> <span class="dashicons dashicons-tag"></span>
<span class="dashicons post-option-forward"></span> <span class="post-option-title"><?php _e( 'Tags' ); ?></span>
</button> <span class="dashicons post-option-forward"></span>
</button>
<?php endif; ?>
</div> </div>
<?php if ( $supports_formats ) : ?> <?php if ( $supports_formats ) : ?>
@ -1447,23 +1481,27 @@ class WP_Press_This {
</div> </div>
<?php endif; ?> <?php endif; ?>
<div class="setting-modal is-off-screen is-hidden"> <?php if ( $show_categories ) : ?>
<button type="button" class="button-link modal-close"> <div class="setting-modal is-off-screen is-hidden">
<span class="dashicons post-option-back"></span> <button type="button" class="button-link modal-close">
<span class="setting-title" aria-hidden="true"><?php _e( 'Categories' ); ?></span> <span class="dashicons post-option-back"></span>
<span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span> <span class="setting-title" aria-hidden="true"><?php _e( 'Categories' ); ?></span>
</button> <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span>
<?php $this->categories_html( $post ); ?> </button>
</div> <?php $this->categories_html( $post ); ?>
</div>
<?php endif; ?>
<div class="setting-modal tags is-off-screen is-hidden"> <?php if ( $show_tags ) : ?>
<button type="button" class="button-link modal-close"> <div class="setting-modal tags is-off-screen is-hidden">
<span class="dashicons post-option-back"></span> <button type="button" class="button-link modal-close">
<span class="setting-title" aria-hidden="true"><?php _e( 'Tags' ); ?></span> <span class="dashicons post-option-back"></span>
<span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span> <span class="setting-title" aria-hidden="true"><?php _e( 'Tags' ); ?></span>
</button> <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span>
<?php $this->tags_html( $post ); ?> </button>
</div> <?php $this->tags_html( $post ); ?>
</div>
<?php endif; ?>
</div><!-- .options-panel --> </div><!-- .options-panel -->
</div><!-- .wrapper --> </div><!-- .wrapper -->

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.7.2-alpha-39957'; $wp_version = '4.7.2-alpha-39969';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.