WordPress.org

Making WordPress.org


Ignore:
Timestamp:
05/06/2016 06:56:40 PM (3 years ago)
Author:
obenland
Message:

Plugin Directory: Allow Committers and Reviewers to edit_others_posts.

WordPress seems to require users to have that capability globally for a post
type, in order to make changes to others posts, even if it's only certain
others posts.

This switches to using plugin_review and plugin_approve capabilities to
control Reviewers and Committers access to certain plugins. It also improves
the logic for displaying links to the various post status views in the plugins
list table.

See #1570.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/admin/class-customizations.php

    r3091 r3093  
    170170        }
    171171
    172         if ( ! current_user_can( 'plugin_edit_others' ) || ( isset( $query->query['author'] ) && $query->query['author'] == get_current_user_id() ) ) {
    173             $query->query_vars['author'] = get_current_user_id();
    174 
    175             $plugins = Tools::get_users_write_access_plugins( get_current_user_id() );
     172        $user = wp_get_current_user();
     173
     174        if ( ! current_user_can( 'plugin_approve' ) && empty( $query->query['post_status']) || ( isset( $query->query['author'] ) && $query->query['author'] == $user->ID ) ) {
     175            $plugins = Tools::get_users_write_access_plugins( $user );
    176176            if ( $plugins ) {
    177177                $query->query_vars['post_name__in'] = $plugins;
     
    201201
    202202        // Allow reviewers to also see all pending plugins.
    203         if ( current_user_can( 'plugin_edit_pending' ) && ( ! isset( $_GET['author'] ) || ( isset( $_GET['post_status'] ) && 'pending' === $_GET['post_status'] ) ) ) {
    204             $where .= " OR {$wpdb->posts}.post_status = 'pending'";
     203        if ( current_user_can( 'plugin_edit_pending' ) && ( ! isset( $_GET['author'] ) || ( isset( $_GET['post_status'] ) && in_array( $_GET['post_status'], array( 'draft', 'pending' ) ) ) ) ) {
     204            $where .= " OR {$wpdb->posts}.post_status IN ('draft', 'pending')";
    205205        }
    206206
Note: See TracChangeset for help on using the changeset viewer.