Skip to content

Commit

Permalink
Update capabilities.php
Browse files Browse the repository at this point in the history
Update capabilities.php based on discussions at WordPress/gutenberg#27597
  • Loading branch information
carlomanf authored Jun 28, 2022
1 parent e6b539b commit c8bb158
Showing 1 changed file with 39 additions and 71 deletions.
110 changes: 39 additions & 71 deletions src/wp-includes/capabilities.php
Original file line number Diff line number Diff line change
Expand Up @@ -97,22 +97,6 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
break;
}

// Handle templates and template parts.
if ( in_array( $post_type->name, array( 'wp_template', 'wp_template_part' ), true ) ) {
$terms = get_the_terms( $post, 'wp_theme' );

if ( ! is_wp_error( $terms ) && $terms ) {
// Can be handled with the template capabilities.
$template_cap = str_replace( 'wp', 'delete', $post_type->name );
$template_id = $terms[0]->name . '//' . $post->post_name;
return map_meta_cap( $template_cap, $user_id, $template_id );
} else {
// Template without a theme, fall back to edit_theme_options.
$caps[] = 'edit_theme_options';
break;
}
}

if ( ! $post_type->map_meta_cap ) {
$caps[] = $post_type->cap->$cap;
// Prior to 3.1 we would re-call map_meta_cap here.
Expand Down Expand Up @@ -184,22 +168,6 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
break;
}

// Handle templates and template parts.
if ( in_array( $post_type->name, array( 'wp_template', 'wp_template_part' ), true ) ) {
$terms = get_the_terms( $post, 'wp_theme' );

if ( ! is_wp_error( $terms ) && $terms ) {
// Can be handled with the template capabilities.
$template_cap = str_replace( 'wp', 'edit', $post_type->name );
$template_id = $terms[0]->name . '//' . $post->post_name;
return map_meta_cap( $template_cap, $user_id, $template_id );
} else {
// Template without a theme, fall back to edit_theme_options.
$caps[] = 'edit_theme_options';
break;
}
}

if ( ! $post_type->map_meta_cap ) {
$caps[] = $post_type->cap->$cap;
// Prior to 3.1 we would re-call map_meta_cap here.
Expand Down Expand Up @@ -269,22 +237,6 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
break;
}

// Handle templates and template parts.
if ( in_array( $post_type->name, array( 'wp_template', 'wp_template_part' ), true ) ) {
$terms = get_the_terms( $post, 'wp_theme' );

if ( ! is_wp_error( $terms ) && $terms ) {
// Can be handled with the template capabilities.
$template_cap = str_replace( 'wp', 'read', $post_type->name );
$template_id = $terms[0]->name . '//' . $post->post_name;
return map_meta_cap( $template_cap, $user_id, $template_id );
} else {
// Template without a theme, fall back to edit_theme_options.
$caps[] = 'edit_theme_options';
break;
}
}

if ( ! $post_type->map_meta_cap ) {
$caps[] = $post_type->cap->$cap;
// Prior to 3.1 we would re-call map_meta_cap here.
Expand Down Expand Up @@ -330,22 +282,6 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
break;
}

// Handle templates and template parts.
if ( in_array( $post_type->name, array( 'wp_template', 'wp_template_part' ), true ) ) {
$terms = get_the_terms( $post, 'wp_theme' );

if ( ! is_wp_error( $terms ) && $terms ) {
// Can be handled with the template capabilities.
$template_cap = str_replace( 'wp', 'edit', $post_type->name );
$template_id = $terms[0]->name . '//' . $post->post_name;
return map_meta_cap( $template_cap, $user_id, $template_id );
} else {
// Template without a theme, fall back to edit_theme_options.
$caps[] = 'edit_theme_options';
break;
}
}

$caps[] = $post_type->cap->publish_posts;
break;
case 'edit_post_meta':
Expand Down Expand Up @@ -681,7 +617,8 @@ function map_meta_cap( $cap, $user_id, ...$args ) {
break;
case 'create_template':
case 'create_template_part':
$template = get_block_template( $args[0], 'wp' . substr( $cap, 6 ) );
$post_type = str_replace( 'create', 'wp', $cap );
$template = get_block_template( $args[0], $post_type );
if ( $template ) {
// Template can't be created because it already exists.
$caps[] = 'do_not_allow';
Expand All @@ -690,31 +627,62 @@ function map_meta_cap( $cap, $user_id, ...$args ) {

// Template ID needs to be valid to be created.
if ( 2 === count( $parts ) && '' !== $parts[0] && '' !== $parts[1] ) {
$caps[] = 'edit_theme_options';
$post_type_object = get_post_type_object( $post_type );
if ( $post_type_object ) {
$caps[] = $post_type_object->cap->create_posts;
} else {
// If the post type is not registered, there is no mechanism to create templates.
$caps[] = 'do_not_allow';
}
} else {
$caps[] = 'do_not_allow';
}
}
break;
case 'delete_template':
case 'delete_template_part':
$template = get_block_template( $args[0], 'wp' . substr( $cap, 6 ) );
$template = get_block_template( $args[0], str_replace( 'delete', 'wp', $cap ) );
if ( $template && ! $template->has_theme_file ) {
// Templates can only be deleted if they have no theme file.
$caps[] = 'edit_theme_options';
$caps = map_meta_cap( 'delete_post', $user_id, $template->wp_id );
} else {
$caps[] = 'do_not_allow';
}
break;
case 'edit_template':
case 'edit_template_part':
$post_type = str_replace( 'edit', 'wp', $cap );
$template = get_block_template( $args[0], $post_type );
if ( $template ) {
if ( $template->wp_id ) {
$caps = map_meta_cap( 'edit_post', $user_id, $template->wp_id );
} else {
$post_type_object = get_post_type_object( $post_type );
if ( $post_type_object ) {
// Editing a template from the theme means creating a new post.
$caps[] = $post_type_object->cap->create_posts;
} else {
// If the post type is not registered, there is no mechanism to edit templates.
$caps[] = 'do_not_allow';
}
}
} else {
// Template can't be edited if it doesn't exist.
$caps[] = 'do_not_allow';
}
break;
case 'read_template':
case 'read_template_part':
$template = get_block_template( $args[0], 'wp' . substr( $cap, 4 ) );
$template = get_block_template( $args[0], str_replace( 'read', 'wp', $cap ) );
if ( $template ) {
$caps[] = 'edit_theme_options';
if ( $template->wp_id ) {
$caps = map_meta_cap( 'read_post', $user_id, $template->wp_id );
} else {
// Reading a template directly from the theme.
$caps[] = 'edit_theme_options';
}
} else {
// Template can't be read or edited if it doesn't exist.
// Template can't be read if it doesn't exist.
$caps[] = 'do_not_allow';
}
break;
Expand Down

0 comments on commit c8bb158

Please sign in to comment.