Changeset 5573 for sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/admin/class-status-transitions.php
- Timestamp:
- 06/15/2017 02:05:54 PM (7 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/admin/class-status-transitions.php
r5460 r5573 32 32 33 33 /** 34 * Get the list of allowed status transitions for a given plugin. 35 * 36 * @param string $post_status Plugin post status. 37 * @return array An array of allowed post status transitions. 38 */ 39 public static function get_allowed_transitions( $post_status ) { 40 switch ( $post_status ) { 41 case 'new': 42 $transitions = array( 'pending', 'approved', 'rejected' ); 43 break; 44 case 'pending': 45 $transitions = array( 'approved', 'rejected' ); 46 break; 47 case 'approved': 48 // Plugins move from 'approved' to 'publish' on first commit, but cannot be published manually. 49 $transitions = array( 'disabled', 'closed' ); 50 break; 51 case 'rejected': 52 // Rejections cannot be recovered. 53 $transitions = array(); 54 break; 55 case 'publish': 56 $transitions = array( 'disabled', 'closed' ); 57 break; 58 case 'disabled': 59 $transitions = array( 'publish', 'closed' ); 60 break; 61 case 'closed': 62 $transitions = array( 'publish', 'disabled' ); 63 break; 64 default: 65 $transitions = array( 'new', 'pending' ); 66 break; 67 } 68 69 return $transitions; 70 } 71 72 /** 34 73 * Checks permissions before allowing a post_status change for plugins. 35 74 * … … 52 91 53 92 // ...or it's a plugin admin... 54 if ( current_user_can( 'plugin_approve', $postarr['ID'] ) ) {93 if ( current_user_can( 'plugin_approve', $postarr['ID'] ) && in_array( $postarr['post_status'], self::get_allowed_transitions( $old_status ) ) ) { 55 94 return $data; 56 95 }
Note: See TracChangeset
for help on using the changeset viewer.