Provide more helpful feedback than just "Cheatin' uh?" for permission errors in `wp-admin/users.php`.

props ericlewis, kraftbj, lukecarbis, mrmist.
fixes #33679. see #14530.
Built from https://develop.svn.wordpress.org/trunk@33885


git-svn-id: http://core.svn.wordpress.org/trunk@33854 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-admin/users.php

@@ -9,8 +9,13 @@
 /** WordPress Administration Bootstrap */
 require_once( dirname( __FILE__ ) . '/admin.php' );
 
-if ( ! current_user_can( 'list_users' ) )
-	wp_die( __( 'Cheatin’ uh?' ), 403 );
+if ( ! current_user_can( 'list_users' ) ) {
+	wp_die(
+		'<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
+		'<p>' . __( 'You are not allowed to browse users.' ) . '</p>',
+		403
+	);
+}
 
 $wp_list_table = _get_list_table('WP_Users_List_Table');
 $pagenum = $wp_list_table->get_pagenum();
@@ -127,8 +132,13 @@ case 'promote':
 		}
 
 		// If the user doesn't already belong to the blog, bail.
-		if ( is_multisite() && !is_user_member_of_blog( $id ) )
-			wp_die( __( 'Cheatin&#8217; uh?' ), 403 );
+		if ( is_multisite() && !is_user_member_of_blog( $id ) ) {
+			wp_die(
+				'<h1>' . __( 'Cheatin&#8217; uh?' ) . '</h1>' .
+				'<p>' . __( 'One of the selected users in not a member of this site.' ) . '</p>',
+				403
+			);
+		}
 
 		$user = get_userdata( $id );
 		$user->set_role($_REQUEST['new_role']);

wp-includes/class-wp-xmlrpc-server.php

@@ -2411,7 +2411,7 @@ class wp_xmlrpc_server extends IXR_Server {
 		do_action( 'xmlrpc_call', 'wp.getUsers' );
 
 		if ( ! current_user_can( 'list_users' ) )
-			return new IXR_Error( 401, __( 'Sorry, you cannot list users.' ) );
+			return new IXR_Error( 401, __( 'You are not allowed to browse users.' ) );
 
 		$query = array( 'fields' => 'all_with_meta' );
 

wp-includes/version.php

@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '4.4-alpha-33884';
+$wp_version = '4.4-alpha-33885';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.