Commit Graph

278 Commits

Author SHA1 Message Date
Sergey Biryukov
46951e0b17 Posts, Post Types: Fail gracefully when checking mapped cap against unregistered post status.
With `map_meta_cap` enabled for a post type, the `read_post` capability for posts with a public status is supposed to be mapped to the post type's `read` capability.

When a post is left in the database after the post status is no longer present, and WP does a `read_post` check against it, a PHP notice was thrown, and the cap check always failed.

As a more graceful fallback, the cap is now mapped onto `edit_others_posts`, which allows highly privileged users to be able to access orphaned content.

A `_doing_it_wrong()` notice is also added, so that developers and site administrators are aware that the cap mapping is failing in the absence of the registered post status.

Follow-up to [34091], which introduced a similar approach to checking mapped caps against an unregistered post type.

Props roytanck, SergeyBiryukov.
Fixes #48653.
Built from https://develop.svn.wordpress.org/trunk@47178


git-svn-id: http://core.svn.wordpress.org/trunk@46978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-04 22:15:08 +00:00
Sergey Biryukov
001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov
1f816ad18d Docs: Use the {@see ...} tag for the replacement in @deprecated tags, so that Developer Reference could automatically link to the replacement.
Props jrf.
See #48255.
Built from https://develop.svn.wordpress.org/trunk@46685


git-svn-id: http://core.svn.wordpress.org/trunk@46485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-09 13:05:02 +00:00
John Blackbourn
9ac1d82f23 Docs: Further improve documentation of known return types, plus other docs fixes.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46661


git-svn-id: http://core.svn.wordpress.org/trunk@46461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-05 21:27:02 +00:00
John Blackbourn
3caaa40fc6 Docs: Switch more docs over to typed array notation, plus some fixes.
See #48303, #41756

Built from https://develop.svn.wordpress.org/trunk@46596


git-svn-id: http://core.svn.wordpress.org/trunk@46393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-26 21:09:04 +00:00
Sergey Biryukov
8d1e51e9c7 Docs: Add a @since note about new parameters with the spread operator added to function signatures.
Props jrf.
See #47678.
Built from https://develop.svn.wordpress.org/trunk@46451


git-svn-id: http://core.svn.wordpress.org/trunk@46249 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-09 04:28:02 +00:00
Sergey Biryukov
d55f1f81c7 Code Modernisation: Replace call_user_func_array() in wp-includes/capabilities.php with a direct function call.
Props jrf.
See #47678.
Built from https://develop.svn.wordpress.org/trunk@46132


git-svn-id: http://core.svn.wordpress.org/trunk@45944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-15 11:23:56 +00:00
Sergey Biryukov
e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
K. Adam White
00cb4c7dbd REST API: Prevent deletion of post revisions.
Allowing the client to delete revisions breaks the "audit trail" functionality. This is not allowed in WordPress and shouldn't be allowed through the API.
While not recommended, a plugin may opt-in to the previous behavior by setting a custom 'delete_post' capability for the revisions post type.

Props dlh, danielbachhuber, TimothyBlynJacobs, azaozz, kadamwhite.
Fixes #43709.


Built from https://develop.svn.wordpress.org/trunk@45812


git-svn-id: http://core.svn.wordpress.org/trunk@45623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 22:01:55 +00:00
Sergey Biryukov
29b072e706 Docs: Add missing description for $wpdb, $wp_db_version, and $wp_current_db_version globals.
Props mukesh27, utsav72640, immeet94, SergeyBiryukov.
See #45604.
Built from https://develop.svn.wordpress.org/trunk@45734


git-svn-id: http://core.svn.wordpress.org/trunk@45545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:12:56 +00:00
Gary Pendergast
5d658427a8 Code Modernisation: Introduce the spread operator in capabilities.php.
Rather than relying `func_get_args()` to retrieve arbitrary function arguments, we can now use the spread operator to assign them directly to a variable.

Props jrf.
See #47678.

Built from https://develop.svn.wordpress.org/trunk@45622


git-svn-id: http://core.svn.wordpress.org/trunk@45433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-11 23:46:56 +00:00
Gary Pendergast
4803fc405e Coding Standards: Fix the Squiz.PHP.DisallowMultipleAssignments violations in wp-includes.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45590


git-svn-id: http://core.svn.wordpress.org/trunk@45401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-02 23:42:58 +00:00
Peter Wilson
a5e57d7245 Site health: Introduce view_site_health_checks capability.
Introduces the faux primitive capability `view_site_health_checks` available to single site admins and multisite super-admin to view the site health page within the admin.

The capability is mapped to the `install_plugins` capability without being dependent on the file system being writable. This fixes a bug where the feature couldn't be used by sites unable to write to the file system or managed through version control.

The capability is granted on the `user_has_cap` filter.

Props birgire, Clorith, palmiak, peterwilsoncc, spacedmonkey.
Fixes #46957.


Built from https://develop.svn.wordpress.org/trunk@45507


git-svn-id: http://core.svn.wordpress.org/trunk@45318 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-10 07:42:52 +00:00
John Blackbourn
26d5e05b75 Docs: Standardise documentation for capability-related variadic functions.
See #37402

Built from https://develop.svn.wordpress.org/trunk@45419


git-svn-id: http://core.svn.wordpress.org/trunk@45230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-25 22:27:51 +00:00
Sergey Biryukov
8dcd3a09a8 I18N: Move the strings for default user roles to wp-includes/capabilities.php, to make the translations available on the front end as well.
Props keraweb, ocean90.
Fixes #37539.
Built from https://develop.svn.wordpress.org/trunk@44976


git-svn-id: http://core.svn.wordpress.org/trunk@44807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:23:52 +00:00
Felix Arntz
3a77265148 Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.

When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.

A link in the admin bar allows the client to exit recovery mode.

Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.

Built from https://develop.svn.wordpress.org/trunk@44973


git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 21:53:51 +00:00
Felix Arntz
92c3c46abe Bootstrap/Load: Revert fatal error recovery mechanism from 5.1 to polish for 5.2.
Due to the high number of follow-up tickets and associated security concerns, it was decided to reschedule the fatal error recovery feature for WordPress 5.2, in order to address these issues properly. The feature will continue to be developed, with iterations being merged into trunk early in the 5.2 release cycle.

Fixes #46141. See #44458, #45932, #45940, #46038, #46047, #46068.

Built from https://develop.svn.wordpress.org/trunk@44717


git-svn-id: http://core.svn.wordpress.org/trunk@44548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-30 11:01:52 +00:00
Felix Arntz
1e4088fc98 Bootstrap/Load: Introduce fatal error recovery mechanism allowing users to still log in to their admin dashboard.
This changeset introduces a `WP_Shutdown_Handler` class that detects fatal errors and which extension (plugin or theme) causes them. Such an error is then recorded, and an error message is displayed. Subsequently, in certain protected areas, for example the admin, the broken extension will be paused, ensuring that the website is still usable in the respective area. The major benefit is that this mechanism allows site owners to still log in to their website, to fix the problem by either disabling the extension or solving the bug and then resuming the extension.

Extensions are only paused in certain designated areas. The frontend for example stays unaffected, as it is impossible to know what pausing the extension would cause to be missing, so it might be preferrable to clearly see that the website is temporarily not accessible instead.

The fatal error recovery is especially important in scope of encouraging the switch to a maintained PHP version, as not necessarily every WordPress extension is compatible with all PHP versions. If problems occur now, non-technical site owners that do not have immediate access to the codebase are not locked out of their site and can at least temporarily solve the problem quickly.

Websites that have custom requirements in that regard can implement their own shutdown handler by adding a `shutdown-handler.php` drop-in that returns the handler instance to use, which must be based on a class that inherits `WP_Shutdown_Handler`. That handler will then be used in place of the default one.

Websites that would like to modify specifically the error template displayed in the frontend can add a `php-error.php` drop-in that works similarly to the existing `db-error.php` drop-in.

Props afragen, bradleyt, flixos90, ocean90, schlessera, SergeyBiryukov, spacedmonkey.
Fixes #44458.

Built from https://develop.svn.wordpress.org/trunk@44524


git-svn-id: http://core.svn.wordpress.org/trunk@44355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 20:05:49 +00:00
Jeremy Felt
3af9743b81 Blocks: Add the reusable block post type, wp_block.
Merges [43804] from the 5.0 branch to trunk.

See #45098.

Built from https://develop.svn.wordpress.org/trunk@44146


git-svn-id: http://core.svn.wordpress.org/trunk@43976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 02:15:37 +00:00
K. Adam White
a7735117b6 Docs: Update @since version to 4.9.8 for meta registration subtype handling.
This feature has been backported to 4.9.8 so 5.0.0 is inaccurate.

See #38323.

Built from https://develop.svn.wordpress.org/trunk@43520


git-svn-id: http://core.svn.wordpress.org/trunk@43349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-23 17:02:25 +00:00
Felix Arntz
e350e822f8 Role/Capability: Rename upgrade_php capability to more suitable update_php.
This brings the name in line with user-facing language and similar names of existing related capabilities. Since the capability has not been part of any WordPress release, it can be renamed without any backward-compatibility implications.

Also missing props benhuberman for [43006].

Fixes #44457.

Built from https://develop.svn.wordpress.org/trunk@43381


git-svn-id: http://core.svn.wordpress.org/trunk@43209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:44:38 +00:00
K. Adam White
a89c86c711 REST API: Support meta registration for specific object subtypes.
Introduce an `object_subtype` argument to the args array for `register_meta()` which can be used to limit meta registration to a single subtype (e.g. a custom post type or taxonomy, vs all posts or taxonomies).

Introduce `register_post_meta()` and `register_term_meta()` wrapper methods for `register_meta` to provide a convenient interface for the common case of registering meta for a specific taxonomy or post type. These methods work the way plugin developers have often expected `register_meta` to function, and should be used in place of direct `register_meta` where possible.

Props flixos90, tharsheblows, spacedmonkey.
Fixes #38323.


Built from https://develop.svn.wordpress.org/trunk@43378


git-svn-id: http://core.svn.wordpress.org/trunk@43206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:43:21 +00:00
iandunn
461d17576c Privacy: Require manage_privacy_options to edit policy page.
A user is required to have the `manage_privacy_options` capability in order to determine which page is set as the privacy policy (the `wp_page_for_privacy_policy`). Given that, it doesn't make sense to allow users without that capability to edit or delete the page. 

A similar situation exists with the `page_for_posts` and `page_on_front` options, but Editors are allowed to edit those pages. The reason that this situation is different is because it is more likely that an administrator will want to restrict modifications to the privacy policy, than it is that they will want to allow modifications. Modifications to the policy often require specialized knowledge of local laws, and can have implications for compliance with those laws.

Props dlh, desrosj.
Fixes #44079.

Built from https://develop.svn.wordpress.org/trunk@43286


git-svn-id: http://core.svn.wordpress.org/trunk@43115 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-15 20:44:21 +00:00
Andrew Ozz
fbc98b8e75 Privacy: rename manage_privacy_policy to manage_privacy_options.
Props desrosj.
FIxes #43935.
Built from https://develop.svn.wordpress.org/trunk@43155


git-svn-id: http://core.svn.wordpress.org/trunk@42984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 19:31:21 +00:00
iandunn
9faae413dc Privacy: Limit Privacy Settings screen to Super Admins in Multisite.
In many common Multisite use cases, the network administrator will want to set a network-wide privacy policy -- via the `privacy_policy_url` filter -- for consistency and convenience. When that's done, the Privacy Settings screen on individual sites becomes unnecessary, and may confuse administrators of those sites when they see that their changes don't have any effect on the policy link in the footer.

Since we can't programatically determine which behavior the network admins would like, the safest default setting is to restrict the ability to super admins, and let them delegate it to individual site owners via a plugin, if they'd like to.

Fixes #43935.

Built from https://develop.svn.wordpress.org/trunk@43147


git-svn-id: http://core.svn.wordpress.org/trunk@42976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 17:25:21 +00:00
iandunn
93a90a9aa4 Privacy: Limit export and erasure to super admins on Multisite.
Multisite networks have a variety of use cases, and in many of them single-site administrators are not trusted to take actions that affect the whole network, require making decisions about legal compliance, etc. By default, those actions should require super admin capabilities. Plugins can be used to override that behavior if a particular site's use case calls for it.

Props allendav, jeremyfelt, iandunn.
Fixes #43919.

Built from https://develop.svn.wordpress.org/trunk@43085


git-svn-id: http://core.svn.wordpress.org/trunk@42914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:07:22 +00:00
John Blackbourn
b13e73d05c Docs: Document more parameters and properties using typed array notation.
See #41756

Built from https://develop.svn.wordpress.org/trunk@42875


git-svn-id: http://core.svn.wordpress.org/trunk@42705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-25 18:10:32 +00:00
Felix Arntz
ed1df81bba General: Introduce dashboard widget to inform administrators about outdated PHP versions.
This new dashboard widget is shown on WordPress sites which are powered by a PHP version which WordPress considers outdated, in order to inform site owners about the resulting problems and to explain how to upgrade to a supported version. An education page for that purpose has been previously created that the widget links to. The link is translatable so that localized versions of the page can be referred to as they become available.

The nag follows the example of the Browse Happy dashboard widget and is only visible for administrators, or network administrators when using multisite. To determine whether it needs to be displayed, a new wordpress.org API introduced prior is called that handles the version logic in a centralized location.

Props flixos90, hedgefield, schlessera.
Fixes #41191.

Built from https://develop.svn.wordpress.org/trunk@42832


git-svn-id: http://core.svn.wordpress.org/trunk@42662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-12 16:43:31 +00:00
Sergey Biryukov
eaf4f346fd Docs: Improve documentation for meta capability filters.
Remove self-references, correct parameter names and descriptions.

Props milana_cap, ocean90, SergeyBiryukov.
Fixes #43504.
Built from https://develop.svn.wordpress.org/trunk@42809


git-svn-id: http://core.svn.wordpress.org/trunk@42639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-08 23:19:30 +00:00
Sergey Biryukov
1cda7b9667 Role/Capability: Make install_languages capability check less restrictive.
A user should still be able to have the capability, even when language packs cannot be automatically installed. The automatic installation part is separate from that now.

Props flixos90.
Fixes #42697.
Built from https://develop.svn.wordpress.org/trunk@42606


git-svn-id: http://core.svn.wordpress.org/trunk@42435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-24 22:42:30 +00:00
Gary Pendergast
aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Felix Arntz
021afced82 Role/Capability: Prevent a fatal error when checking a language capability early or in the frontend.
The meta capabilities `install_languages` and `update_languages` rely on the admin function `wp_can_install_language_pack()`. That function in turn relies on `request_filesystem_credentials()`, so it needs to be ensured that this function is available as well.

Fixes #42230.

Built from https://develop.svn.wordpress.org/trunk@41885


git-svn-id: http://core.svn.wordpress.org/trunk@41719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-16 22:54:57 +00:00
Adam Silverstein
ca30822541 Docs: add docs for meta authorization filters.
Add filter documentation for `auth_{$object_type}_meta_{$meta_key}` and `auth_{$object_type}_{$sub_type}_meta_{$meta_key}`.

Props ericlewis, johneckman, DrewAPicture.
Fixes #36319.

Built from https://develop.svn.wordpress.org/trunk@41800


git-svn-id: http://core.svn.wordpress.org/trunk@41634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-09 19:14:52 +00:00
John Blackbourn
d611184f4f Docs: Clarify descriptions and parameter types for various user capability checking functions.
See #41017

Built from https://develop.svn.wordpress.org/trunk@41322


git-svn-id: http://core.svn.wordpress.org/trunk@41153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-29 16:43:47 +00:00
John Blackbourn
c7a79b0e6a Plugins: Introduce singular capabilities for activating and deactivating individual plugins.
This introduces the following meta capabilities:

* `activate_plugin`
* `deactivate_plugin`
* `deactivate_plugins`

The singular `activate_plugin` and `deactivate_plugin` capabilities are used along with the corresponding plugin name when
determining whether or not a user can activate or deactivate an individual plugin.

The plural `deactivate_plugins` capability is used in place of the existing `activate_plugins` capability when determining
whether a user can deactivate plugins.

Each of these new meta capabilities map to the existing `activate_plugins` primitive capability, which means there is no
change in existing behaviour, but plugins can now filter the capabilities required to activate and deactivate individual
plugins.

Fixes #38652 

Built from https://develop.svn.wordpress.org/trunk@41290


git-svn-id: http://core.svn.wordpress.org/trunk@41130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-22 14:02:44 +00:00
Felix Arntz
f6ebc1a80c Role/Capability: Introduce capabilities dedicated to installing and updating language files.
The new meta capabilities are called `install_languages` and `update_languages`. Prior to this change, there were no proper capability checks applied. Instead only the filesystem and related constants were checked, and for actual permissions a rather vague fallback was used where a user needed to have at least one of the other updating capabilities. In addition to being generally more verbose, the new capabilities make it possible for example to allow a user to update languages, but nothing else. By default they fall back to the original way of how they were handled.

Props johnbillion, flixos90.
Fixes #39677.

Built from https://develop.svn.wordpress.org/trunk@41268


git-svn-id: http://core.svn.wordpress.org/trunk@41108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-18 18:31:44 +00:00
Boone Gorges
fa2f4b047a Avoid PHP notices when checking termmeta capabilities against a non-existent term.
Previously, checks like `current_user_can( 'edit_term_meta', $term_id )`
returned the proper value, but generated a PHP notice due to the fact
that `get_term( $term_id )` could, in certain instances, return
`WP_Error` objects.

Props caercam.
Fixes #40891.
Built from https://develop.svn.wordpress.org/trunk@40999


git-svn-id: http://core.svn.wordpress.org/trunk@40849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-04 19:59:40 +00:00
Pascal Birchler
33047ba14e Upgrade/Install: After [40394], rename wp_disallow_file_mods() to wp_is_file_mod_allowed().
This makes it more clear what this function is about.

Props Mte90.
Fixes #38673.

Built from https://develop.svn.wordpress.org/trunk@40638


git-svn-id: http://core.svn.wordpress.org/trunk@40499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-11 19:24:41 +00:00
Felix Arntz
9354ea683f Multisite: Introduce an upgrade_network capability.
Prior to this change, a mix of `is_super_admin()` calls and `manage_network` capability checks was used to determine whether the current user could upgrade the network. With this changeset a dedicated capability is introduced that allows more granular handling.

Props dhanendran for the original patch.
Fixes #39205. See #37616.

Built from https://develop.svn.wordpress.org/trunk@40404


git-svn-id: http://core.svn.wordpress.org/trunk@40311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-10 21:11:43 +00:00
Pascal Birchler
8473f9ef66 Upgrade/Install: Introduce wp_disallow_file_mods() helper function.
This is a wrapper around the checks for the `DISALLOW_FILE_MODS` constant to determine whether file modifications are disallowed.

Props MaximeCulea.
Fixes #38673.

Built from https://develop.svn.wordpress.org/trunk@40394


git-svn-id: http://core.svn.wordpress.org/trunk@40301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-07 14:36:50 +00:00
Felix Arntz
00e8704288 Multisite: Introduce a setup_network capability for setting up multisite.
`setup_network` is a new meta capability that brings more granular control over the permissions to setup a multisite environment. In a non-multisite environment it falls back to `manage_options` while in a multisite it falls back to `manage_network_options`. The introduction of this capability furthermore allows replacing an `is_super_admin()` check.

Props ashokkumar24 for the original patch.
Fixes #39206. See #37616.

Built from https://develop.svn.wordpress.org/trunk@40390


git-svn-id: http://core.svn.wordpress.org/trunk@40297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-07 12:53:45 +00:00
Felix Arntz
f704fc808a Multisite: Handle capability check for removing oneself via map_meta_cap().
Site administrators should not be able to remove themselves from a site. This moves the enforcement of this rule from `wp-admin/users.php` to `remove_user_from_blog()` via the `remove_user` capability, which furthermore allows us to get rid of two additional clauses and their `is_super_admin()` checks in `wp-admin/users.php`. A unit test for the new behavior has been added.

Fixes #39063. See #37616.

Built from https://develop.svn.wordpress.org/trunk@39588


git-svn-id: http://core.svn.wordpress.org/trunk@39528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 21:42:42 +00:00
John Blackbourn
597627fb92 Role/Capability: Don't assign the delete_site capability to anyone on single site installs.
This capability is not relevant on single site installs; it only applies to deleting a site on a multisite installation.

Fixes #38326

Built from https://develop.svn.wordpress.org/trunk@39494


git-svn-id: http://core.svn.wordpress.org/trunk@39434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-04 22:07:39 +00:00
Gary Pendergast
cc214a219b REST API: Capability check for editing a single term should use the singular form.
As an extra level of sanity checking, the term ID should be cast as an int in `map_meta_cap()`.

Props johnbillion, nacin, dd32, pento.
See #35614.
Fixes #39012.


Built from https://develop.svn.wordpress.org/trunk@39464


git-svn-id: http://core.svn.wordpress.org/trunk@39404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-03 05:08:41 +00:00
Ryan McCue
3a449ea543 Roles/Capabilities: Add meta-caps for comment, term, and user meta.
Additionally, use these meta-caps in the REST API endpoints.

Previously, register_meta()'s auth_callback had no effect for non-post meta. This introduces `{add,edit,delete}_{comment,term,user}_meta` meta-caps to match the existing post meta capabilities. These are currently only used in the REST API.

Props tharsheblows, boonebgorges.
Fixes #38303, fixes #38412.

Built from https://develop.svn.wordpress.org/trunk@39179


git-svn-id: http://core.svn.wordpress.org/trunk@39119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-09 03:42:30 +00:00
Weston Ruter
08712b4baa Customize: Rename unfiltered_css meta capability to edit_css; add revisions support to custom_css post type.
Props lukecavanagh, georgestephanis, westonruter.
See #38672, #35395.

Built from https://develop.svn.wordpress.org/trunk@39175


git-svn-id: http://core.svn.wordpress.org/trunk@39115 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-09 01:12:30 +00:00
John Blackbourn
2b6ceeb465 Customize: Correct the capability mapping and associated tests for the unfiltered_css capability.
Fixes #35395

Built from https://develop.svn.wordpress.org/trunk@39016


git-svn-id: http://core.svn.wordpress.org/trunk@38958 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 12:47:31 +00:00
Weston Ruter
1ccd9e7a6c Customize: Introduce custom CSS for extending theme styles.
* Custom CSS is associated with a given theme and is displayed in an inline `style` element at the `wp_head` hook after the `wp_print_styles` is called so that it overrides any enqueued stylesheets.
* A `wp_get_custom_css()` function is used for accessing the CSS associated with the current theme (or another theme) and a `wp_get_custom_css` filter for manipulating it.
* CSS is managed in customizer via a new "Additional CSS" section with a single `textarea` control. 
* `WP_Customize_Section::$description_hidden` is introduced for hiding extended descriptions in customizer sections behind a help toggle as done with panels.
* CSS is stored in a `custom_css` post type with the theme (stylesheet) slug as the `post_name`.
* `WP_Customize_Custom_CSS_Setting` is introduced to handle validation of CSS, previewing, and persisting the CSS to the `custom_css` post type.
* The `custom_css` setting is tied to a new `unfiltered_css` capability which maps to `unfiltered_html` by default.
* Escaping the message in the notification template is removed to allow markup (`code` tags) to be rendered.

See https://make.wordpress.org/core/2016/10/11/feature-proposal-better-theme-customizations-via-custom-css-with-live-previews/

Props johnregan3, celloexpressions, folletto, westonruter.
Fixes #35395.

Built from https://develop.svn.wordpress.org/trunk@38829


git-svn-id: http://core.svn.wordpress.org/trunk@38772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-19 18:15:31 +00:00
John Blackbourn
b84023ea33 Taxonomy: Introduce more fine grained capabilities for managing taxonomy terms.
This introduces the singular `edit_term`, `delete_term`, and `assign_term` meta capabilities for terms, and switches the base capability name for tags from `manage_categories` to `manage_post_tags` and the corresponding `edit_post_tags`, `delete_post_tags`, and `assign_post_tags`.

All of these capabilities ultimately map to `manage_categories` so by default there is no change in the behaviour of the capabilities for categories, tags, or custom taxonomies. The `map_meta_cap` filter and the `capabilities` argument when registering a taxonomy now allow for control over editing, deleting, and assigning individual terms, as well as a separation of capabilities for tags from those of categories.

Fixes #35614
Props johnjamesjacoby for feedback

Built from https://develop.svn.wordpress.org/trunk@38698


git-svn-id: http://core.svn.wordpress.org/trunk@38641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-30 22:40:28 +00:00
John Blackbourn
52cf3d3d0f Role/Capability: Add explicit cases to map_meta_cap() for various meta capabilities that are used in core. This will allow more complete meta and primitive capability unit tests in #38191.
Fixes #38201

Built from https://develop.svn.wordpress.org/trunk@38695


git-svn-id: http://core.svn.wordpress.org/trunk@38638 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-30 22:06:28 +00:00