Edit File by line
/home/zeestwma/richards.../wp-inclu...
File: capabilities.php
*
[500] Fix | Delete
* @since 3.3.0 As `auth_post_meta_{$meta_key}`.
[501] Fix | Delete
* @since 4.6.0
[502] Fix | Delete
*
[503] Fix | Delete
* @param bool $allowed Whether the user can add the object meta. Default false.
[504] Fix | Delete
* @param string $meta_key The meta key.
[505] Fix | Delete
* @param int $object_id Object ID.
[506] Fix | Delete
* @param int $user_id User ID.
[507] Fix | Delete
* @param string $cap Capability name.
[508] Fix | Delete
* @param string[] $caps Array of the user's capabilities.
[509] Fix | Delete
*/
[510] Fix | Delete
$allowed = apply_filters( "auth_{$object_type}_meta_{$meta_key}", $allowed, $meta_key, $object_id, $user_id, $cap, $caps );
[511] Fix | Delete
}
[512] Fix | Delete
[513] Fix | Delete
if ( ! empty( $object_subtype ) ) {
[514] Fix | Delete
[515] Fix | Delete
/**
[516] Fix | Delete
* Filters whether the user is allowed to edit meta for specific object types/subtypes.
[517] Fix | Delete
*
[518] Fix | Delete
* Return true to have the mapped meta caps from `edit_{$object_type}` apply.
[519] Fix | Delete
*
[520] Fix | Delete
* The dynamic portion of the hook name, `$object_type` refers to the object type being filtered.
[521] Fix | Delete
* The dynamic portion of the hook name, `$object_subtype` refers to the object subtype being filtered.
[522] Fix | Delete
* The dynamic portion of the hook name, `$meta_key`, refers to the meta key passed to map_meta_cap().
[523] Fix | Delete
*
[524] Fix | Delete
* @since 4.6.0 As `auth_post_{$post_type}_meta_{$meta_key}`.
[525] Fix | Delete
* @since 4.7.0 Renamed from `auth_post_{$post_type}_meta_{$meta_key}` to
[526] Fix | Delete
* `auth_{$object_type}_{$object_subtype}_meta_{$meta_key}`.
[527] Fix | Delete
* @deprecated 4.9.8 Use {@see 'auth_{$object_type}_meta_{$meta_key}_for_{$object_subtype}'} instead.
[528] Fix | Delete
*
[529] Fix | Delete
* @param bool $allowed Whether the user can add the object meta. Default false.
[530] Fix | Delete
* @param string $meta_key The meta key.
[531] Fix | Delete
* @param int $object_id Object ID.
[532] Fix | Delete
* @param int $user_id User ID.
[533] Fix | Delete
* @param string $cap Capability name.
[534] Fix | Delete
* @param string[] $caps Array of the user's capabilities.
[535] Fix | Delete
*/
[536] Fix | Delete
$allowed = apply_filters_deprecated(
[537] Fix | Delete
"auth_{$object_type}_{$object_subtype}_meta_{$meta_key}",
[538] Fix | Delete
array( $allowed, $meta_key, $object_id, $user_id, $cap, $caps ),
[539] Fix | Delete
'4.9.8',
[540] Fix | Delete
"auth_{$object_type}_meta_{$meta_key}_for_{$object_subtype}"
[541] Fix | Delete
);
[542] Fix | Delete
}
[543] Fix | Delete
[544] Fix | Delete
if ( ! $allowed ) {
[545] Fix | Delete
$caps[] = $cap;
[546] Fix | Delete
}
[547] Fix | Delete
}
[548] Fix | Delete
break;
[549] Fix | Delete
case 'edit_comment':
[550] Fix | Delete
if ( ! isset( $args[0] ) ) {
[551] Fix | Delete
/* translators: %s: Capability name. */
[552] Fix | Delete
$message = __( 'When checking for the %s capability, you must always check it against a specific comment.' );
[553] Fix | Delete
[554] Fix | Delete
_doing_it_wrong(
[555] Fix | Delete
__FUNCTION__,
[556] Fix | Delete
sprintf( $message, '<code>' . $cap . '</code>' ),
[557] Fix | Delete
'6.1.0'
[558] Fix | Delete
);
[559] Fix | Delete
[560] Fix | Delete
$caps[] = 'do_not_allow';
[561] Fix | Delete
break;
[562] Fix | Delete
}
[563] Fix | Delete
[564] Fix | Delete
$comment = get_comment( $args[0] );
[565] Fix | Delete
if ( ! $comment ) {
[566] Fix | Delete
$caps[] = 'do_not_allow';
[567] Fix | Delete
break;
[568] Fix | Delete
}
[569] Fix | Delete
[570] Fix | Delete
$post = get_post( $comment->comment_post_ID );
[571] Fix | Delete
[572] Fix | Delete
/*
[573] Fix | Delete
* If the post doesn't exist, we have an orphaned comment.
[574] Fix | Delete
* Fall back to the edit_posts capability, instead.
[575] Fix | Delete
*/
[576] Fix | Delete
if ( $post ) {
[577] Fix | Delete
$caps = map_meta_cap( 'edit_post', $user_id, $post->ID );
[578] Fix | Delete
} else {
[579] Fix | Delete
$caps = map_meta_cap( 'edit_posts', $user_id );
[580] Fix | Delete
}
[581] Fix | Delete
break;
[582] Fix | Delete
case 'unfiltered_upload':
[583] Fix | Delete
if ( defined( 'ALLOW_UNFILTERED_UPLOADS' ) && ALLOW_UNFILTERED_UPLOADS && ( ! is_multisite() || is_super_admin( $user_id ) ) ) {
[584] Fix | Delete
$caps[] = $cap;
[585] Fix | Delete
} else {
[586] Fix | Delete
$caps[] = 'do_not_allow';
[587] Fix | Delete
}
[588] Fix | Delete
break;
[589] Fix | Delete
case 'edit_css':
[590] Fix | Delete
case 'unfiltered_html':
[591] Fix | Delete
// Disallow unfiltered_html for all users, even admins and super admins.
[592] Fix | Delete
if ( defined( 'DISALLOW_UNFILTERED_HTML' ) && DISALLOW_UNFILTERED_HTML ) {
[593] Fix | Delete
$caps[] = 'do_not_allow';
[594] Fix | Delete
} elseif ( is_multisite() && ! is_super_admin( $user_id ) ) {
[595] Fix | Delete
$caps[] = 'do_not_allow';
[596] Fix | Delete
} else {
[597] Fix | Delete
$caps[] = 'unfiltered_html';
[598] Fix | Delete
}
[599] Fix | Delete
break;
[600] Fix | Delete
case 'edit_files':
[601] Fix | Delete
case 'edit_plugins':
[602] Fix | Delete
case 'edit_themes':
[603] Fix | Delete
// Disallow the file editors.
[604] Fix | Delete
if ( defined( 'DISALLOW_FILE_EDIT' ) && DISALLOW_FILE_EDIT ) {
[605] Fix | Delete
$caps[] = 'do_not_allow';
[606] Fix | Delete
} elseif ( ! wp_is_file_mod_allowed( 'capability_edit_themes' ) ) {
[607] Fix | Delete
$caps[] = 'do_not_allow';
[608] Fix | Delete
} elseif ( is_multisite() && ! is_super_admin( $user_id ) ) {
[609] Fix | Delete
$caps[] = 'do_not_allow';
[610] Fix | Delete
} else {
[611] Fix | Delete
$caps[] = $cap;
[612] Fix | Delete
}
[613] Fix | Delete
break;
[614] Fix | Delete
case 'update_plugins':
[615] Fix | Delete
case 'delete_plugins':
[616] Fix | Delete
case 'install_plugins':
[617] Fix | Delete
case 'upload_plugins':
[618] Fix | Delete
case 'update_themes':
[619] Fix | Delete
case 'delete_themes':
[620] Fix | Delete
case 'install_themes':
[621] Fix | Delete
case 'upload_themes':
[622] Fix | Delete
case 'update_core':
[623] Fix | Delete
/*
[624] Fix | Delete
* Disallow anything that creates, deletes, or updates core, plugin, or theme files.
[625] Fix | Delete
* Files in uploads are excepted.
[626] Fix | Delete
*/
[627] Fix | Delete
if ( ! wp_is_file_mod_allowed( 'capability_update_core' ) ) {
[628] Fix | Delete
$caps[] = 'do_not_allow';
[629] Fix | Delete
} elseif ( is_multisite() && ! is_super_admin( $user_id ) ) {
[630] Fix | Delete
$caps[] = 'do_not_allow';
[631] Fix | Delete
} elseif ( 'upload_themes' === $cap ) {
[632] Fix | Delete
$caps[] = 'install_themes';
[633] Fix | Delete
} elseif ( 'upload_plugins' === $cap ) {
[634] Fix | Delete
$caps[] = 'install_plugins';
[635] Fix | Delete
} else {
[636] Fix | Delete
$caps[] = $cap;
[637] Fix | Delete
}
[638] Fix | Delete
break;
[639] Fix | Delete
case 'install_languages':
[640] Fix | Delete
case 'update_languages':
[641] Fix | Delete
if ( ! wp_is_file_mod_allowed( 'can_install_language_pack' ) ) {
[642] Fix | Delete
$caps[] = 'do_not_allow';
[643] Fix | Delete
} elseif ( is_multisite() && ! is_super_admin( $user_id ) ) {
[644] Fix | Delete
$caps[] = 'do_not_allow';
[645] Fix | Delete
} else {
[646] Fix | Delete
$caps[] = 'install_languages';
[647] Fix | Delete
}
[648] Fix | Delete
break;
[649] Fix | Delete
case 'activate_plugins':
[650] Fix | Delete
case 'deactivate_plugins':
[651] Fix | Delete
case 'activate_plugin':
[652] Fix | Delete
case 'deactivate_plugin':
[653] Fix | Delete
$caps[] = 'activate_plugins';
[654] Fix | Delete
if ( is_multisite() ) {
[655] Fix | Delete
// update_, install_, and delete_ are handled above with is_super_admin().
[656] Fix | Delete
$menu_perms = get_site_option( 'menu_items', array() );
[657] Fix | Delete
if ( empty( $menu_perms['plugins'] ) ) {
[658] Fix | Delete
$caps[] = 'manage_network_plugins';
[659] Fix | Delete
}
[660] Fix | Delete
}
[661] Fix | Delete
break;
[662] Fix | Delete
case 'resume_plugin':
[663] Fix | Delete
$caps[] = 'resume_plugins';
[664] Fix | Delete
break;
[665] Fix | Delete
case 'resume_theme':
[666] Fix | Delete
$caps[] = 'resume_themes';
[667] Fix | Delete
break;
[668] Fix | Delete
case 'delete_user':
[669] Fix | Delete
case 'delete_users':
[670] Fix | Delete
// If multisite only super admins can delete users.
[671] Fix | Delete
if ( is_multisite() && ! is_super_admin( $user_id ) ) {
[672] Fix | Delete
$caps[] = 'do_not_allow';
[673] Fix | Delete
} else {
[674] Fix | Delete
$caps[] = 'delete_users'; // delete_user maps to delete_users.
[675] Fix | Delete
}
[676] Fix | Delete
break;
[677] Fix | Delete
case 'create_users':
[678] Fix | Delete
if ( ! is_multisite() ) {
[679] Fix | Delete
$caps[] = $cap;
[680] Fix | Delete
} elseif ( is_super_admin( $user_id ) || get_site_option( 'add_new_users' ) ) {
[681] Fix | Delete
$caps[] = $cap;
[682] Fix | Delete
} else {
[683] Fix | Delete
$caps[] = 'do_not_allow';
[684] Fix | Delete
}
[685] Fix | Delete
break;
[686] Fix | Delete
case 'manage_links':
[687] Fix | Delete
if ( get_option( 'link_manager_enabled' ) ) {
[688] Fix | Delete
$caps[] = $cap;
[689] Fix | Delete
} else {
[690] Fix | Delete
$caps[] = 'do_not_allow';
[691] Fix | Delete
}
[692] Fix | Delete
break;
[693] Fix | Delete
case 'customize':
[694] Fix | Delete
$caps[] = 'edit_theme_options';
[695] Fix | Delete
break;
[696] Fix | Delete
case 'delete_site':
[697] Fix | Delete
if ( is_multisite() ) {
[698] Fix | Delete
$caps[] = 'manage_options';
[699] Fix | Delete
} else {
[700] Fix | Delete
$caps[] = 'do_not_allow';
[701] Fix | Delete
}
[702] Fix | Delete
break;
[703] Fix | Delete
case 'edit_term':
[704] Fix | Delete
case 'delete_term':
[705] Fix | Delete
case 'assign_term':
[706] Fix | Delete
if ( ! isset( $args[0] ) ) {
[707] Fix | Delete
/* translators: %s: Capability name. */
[708] Fix | Delete
$message = __( 'When checking for the %s capability, you must always check it against a specific term.' );
[709] Fix | Delete
[710] Fix | Delete
_doing_it_wrong(
[711] Fix | Delete
__FUNCTION__,
[712] Fix | Delete
sprintf( $message, '<code>' . $cap . '</code>' ),
[713] Fix | Delete
'6.1.0'
[714] Fix | Delete
);
[715] Fix | Delete
[716] Fix | Delete
$caps[] = 'do_not_allow';
[717] Fix | Delete
break;
[718] Fix | Delete
}
[719] Fix | Delete
[720] Fix | Delete
$term_id = (int) $args[0];
[721] Fix | Delete
$term = get_term( $term_id );
[722] Fix | Delete
if ( ! $term || is_wp_error( $term ) ) {
[723] Fix | Delete
$caps[] = 'do_not_allow';
[724] Fix | Delete
break;
[725] Fix | Delete
}
[726] Fix | Delete
[727] Fix | Delete
$tax = get_taxonomy( $term->taxonomy );
[728] Fix | Delete
if ( ! $tax ) {
[729] Fix | Delete
$caps[] = 'do_not_allow';
[730] Fix | Delete
break;
[731] Fix | Delete
}
[732] Fix | Delete
[733] Fix | Delete
if ( 'delete_term' === $cap
[734] Fix | Delete
&& ( (int) get_option( 'default_' . $term->taxonomy ) === $term->term_id
[735] Fix | Delete
|| (int) get_option( 'default_term_' . $term->taxonomy ) === $term->term_id )
[736] Fix | Delete
) {
[737] Fix | Delete
$caps[] = 'do_not_allow';
[738] Fix | Delete
break;
[739] Fix | Delete
}
[740] Fix | Delete
[741] Fix | Delete
$taxo_cap = $cap . 's';
[742] Fix | Delete
[743] Fix | Delete
$caps = map_meta_cap( $tax->cap->$taxo_cap, $user_id, $term_id );
[744] Fix | Delete
[745] Fix | Delete
break;
[746] Fix | Delete
case 'manage_post_tags':
[747] Fix | Delete
case 'edit_categories':
[748] Fix | Delete
case 'edit_post_tags':
[749] Fix | Delete
case 'delete_categories':
[750] Fix | Delete
case 'delete_post_tags':
[751] Fix | Delete
$caps[] = 'manage_categories';
[752] Fix | Delete
break;
[753] Fix | Delete
case 'assign_categories':
[754] Fix | Delete
case 'assign_post_tags':
[755] Fix | Delete
$caps[] = 'edit_posts';
[756] Fix | Delete
break;
[757] Fix | Delete
case 'create_sites':
[758] Fix | Delete
case 'delete_sites':
[759] Fix | Delete
case 'manage_network':
[760] Fix | Delete
case 'manage_sites':
[761] Fix | Delete
case 'manage_network_users':
[762] Fix | Delete
case 'manage_network_plugins':
[763] Fix | Delete
case 'manage_network_themes':
[764] Fix | Delete
case 'manage_network_options':
[765] Fix | Delete
case 'upgrade_network':
[766] Fix | Delete
$caps[] = $cap;
[767] Fix | Delete
break;
[768] Fix | Delete
case 'setup_network':
[769] Fix | Delete
if ( is_multisite() ) {
[770] Fix | Delete
$caps[] = 'manage_network_options';
[771] Fix | Delete
} else {
[772] Fix | Delete
$caps[] = 'manage_options';
[773] Fix | Delete
}
[774] Fix | Delete
break;
[775] Fix | Delete
case 'update_php':
[776] Fix | Delete
if ( is_multisite() && ! is_super_admin( $user_id ) ) {
[777] Fix | Delete
$caps[] = 'do_not_allow';
[778] Fix | Delete
} else {
[779] Fix | Delete
$caps[] = 'update_core';
[780] Fix | Delete
}
[781] Fix | Delete
break;
[782] Fix | Delete
case 'update_https':
[783] Fix | Delete
if ( is_multisite() && ! is_super_admin( $user_id ) ) {
[784] Fix | Delete
$caps[] = 'do_not_allow';
[785] Fix | Delete
} else {
[786] Fix | Delete
$caps[] = 'manage_options';
[787] Fix | Delete
$caps[] = 'update_core';
[788] Fix | Delete
}
[789] Fix | Delete
break;
[790] Fix | Delete
case 'export_others_personal_data':
[791] Fix | Delete
case 'erase_others_personal_data':
[792] Fix | Delete
case 'manage_privacy_options':
[793] Fix | Delete
$caps[] = is_multisite() ? 'manage_network' : 'manage_options';
[794] Fix | Delete
break;
[795] Fix | Delete
case 'create_app_password':
[796] Fix | Delete
case 'list_app_passwords':
[797] Fix | Delete
case 'read_app_password':
[798] Fix | Delete
case 'edit_app_password':
[799] Fix | Delete
case 'delete_app_passwords':
[800] Fix | Delete
case 'delete_app_password':
[801] Fix | Delete
$caps = map_meta_cap( 'edit_user', $user_id, $args[0] );
[802] Fix | Delete
break;
[803] Fix | Delete
case 'edit_block_binding':
[804] Fix | Delete
$block_editor_context = $args[0];
[805] Fix | Delete
if ( isset( $block_editor_context->post ) ) {
[806] Fix | Delete
$object_id = $block_editor_context->post->ID;
[807] Fix | Delete
}
[808] Fix | Delete
/*
[809] Fix | Delete
* If the post ID is null, check if the context is the site editor.
[810] Fix | Delete
* Fall back to the edit_theme_options in that case.
[811] Fix | Delete
*/
[812] Fix | Delete
if ( ! isset( $object_id ) ) {
[813] Fix | Delete
if ( ! isset( $block_editor_context->name ) || 'core/edit-site' !== $block_editor_context->name ) {
[814] Fix | Delete
$caps[] = 'do_not_allow';
[815] Fix | Delete
break;
[816] Fix | Delete
}
[817] Fix | Delete
$caps = map_meta_cap( 'edit_theme_options', $user_id );
[818] Fix | Delete
break;
[819] Fix | Delete
}
[820] Fix | Delete
[821] Fix | Delete
$object_subtype = get_object_subtype( 'post', (int) $object_id );
[822] Fix | Delete
if ( empty( $object_subtype ) ) {
[823] Fix | Delete
$caps[] = 'do_not_allow';
[824] Fix | Delete
break;
[825] Fix | Delete
}
[826] Fix | Delete
$post_type_object = get_post_type_object( $object_subtype );
[827] Fix | Delete
// Initialize empty array if it doesn't exist.
[828] Fix | Delete
if ( ! isset( $post_type_object->capabilities ) ) {
[829] Fix | Delete
$post_type_object->capabilities = array();
[830] Fix | Delete
}
[831] Fix | Delete
$post_type_capabilities = get_post_type_capabilities( $post_type_object );
[832] Fix | Delete
$caps = map_meta_cap( $post_type_capabilities->edit_post, $user_id, $object_id );
[833] Fix | Delete
break;
[834] Fix | Delete
default:
[835] Fix | Delete
// Handle meta capabilities for custom post types.
[836] Fix | Delete
global $post_type_meta_caps;
[837] Fix | Delete
if ( isset( $post_type_meta_caps[ $cap ] ) ) {
[838] Fix | Delete
return map_meta_cap( $post_type_meta_caps[ $cap ], $user_id, ...$args );
[839] Fix | Delete
}
[840] Fix | Delete
[841] Fix | Delete
// Block capabilities map to their post equivalent.
[842] Fix | Delete
$block_caps = array(
[843] Fix | Delete
'edit_blocks',
[844] Fix | Delete
'edit_others_blocks',
[845] Fix | Delete
'publish_blocks',
[846] Fix | Delete
'read_private_blocks',
[847] Fix | Delete
'delete_blocks',
[848] Fix | Delete
'delete_private_blocks',
[849] Fix | Delete
'delete_published_blocks',
[850] Fix | Delete
'delete_others_blocks',
[851] Fix | Delete
'edit_private_blocks',
[852] Fix | Delete
'edit_published_blocks',
[853] Fix | Delete
);
[854] Fix | Delete
if ( in_array( $cap, $block_caps, true ) ) {
[855] Fix | Delete
$cap = str_replace( '_blocks', '_posts', $cap );
[856] Fix | Delete
}
[857] Fix | Delete
[858] Fix | Delete
// If no meta caps match, return the original cap.
[859] Fix | Delete
$caps[] = $cap;
[860] Fix | Delete
}
[861] Fix | Delete
[862] Fix | Delete
/**
[863] Fix | Delete
* Filters the primitive capabilities required of the given user to satisfy the
[864] Fix | Delete
* capability being checked.
[865] Fix | Delete
*
[866] Fix | Delete
* @since 2.8.0
[867] Fix | Delete
*
[868] Fix | Delete
* @param string[] $caps Primitive capabilities required of the user.
[869] Fix | Delete
* @param string $cap Capability being checked.
[870] Fix | Delete
* @param int $user_id The user ID.
[871] Fix | Delete
* @param array $args Adds context to the capability check, typically
[872] Fix | Delete
* starting with an object ID.
[873] Fix | Delete
*/
[874] Fix | Delete
return apply_filters( 'map_meta_cap', $caps, $cap, $user_id, $args );
[875] Fix | Delete
}
[876] Fix | Delete
[877] Fix | Delete
/**
[878] Fix | Delete
* Returns whether the current user has the specified capability.
[879] Fix | Delete
*
[880] Fix | Delete
* This function also accepts an ID of an object to check against if the capability is a meta capability. Meta
[881] Fix | Delete
* capabilities such as `edit_post` and `edit_user` are capabilities used by the `map_meta_cap()` function to
[882] Fix | Delete
* map to primitive capabilities that a user or role has, such as `edit_posts` and `edit_others_posts`.
[883] Fix | Delete
*
[884] Fix | Delete
* Example usage:
[885] Fix | Delete
*
[886] Fix | Delete
* current_user_can( 'edit_posts' );
[887] Fix | Delete
* current_user_can( 'edit_post', $post->ID );
[888] Fix | Delete
* current_user_can( 'edit_post_meta', $post->ID, $meta_key );
[889] Fix | Delete
*
[890] Fix | Delete
* While checking against particular roles in place of a capability is supported
[891] Fix | Delete
* in part, this practice is discouraged as it may produce unreliable results.
[892] Fix | Delete
*
[893] Fix | Delete
* Note: Will always return true if the current user is a super admin, unless specifically denied.
[894] Fix | Delete
*
[895] Fix | Delete
* @since 2.0.0
[896] Fix | Delete
* @since 5.3.0 Formalized the existing and already documented `...$args` parameter
[897] Fix | Delete
* by adding it to the function signature.
[898] Fix | Delete
* @since 5.8.0 Converted to wrapper for the user_can() function.
[899] Fix | Delete
*
[900] Fix | Delete
* @see WP_User::has_cap()
[901] Fix | Delete
* @see map_meta_cap()
[902] Fix | Delete
*
[903] Fix | Delete
* @param string $capability Capability name.
[904] Fix | Delete
* @param mixed ...$args Optional further parameters, typically starting with an object ID.
[905] Fix | Delete
* @return bool Whether the current user has the given capability. If `$capability` is a meta cap and `$object_id` is
[906] Fix | Delete
* passed, whether the current user has the given meta capability for the given object.
[907] Fix | Delete
*/
[908] Fix | Delete
function current_user_can( $capability, ...$args ) {
[909] Fix | Delete
return user_can( wp_get_current_user(), $capability, ...$args );
[910] Fix | Delete
}
[911] Fix | Delete
[912] Fix | Delete
/**
[913] Fix | Delete
* Returns whether the current user has the specified capability for a given site.
[914] Fix | Delete
*
[915] Fix | Delete
* This function also accepts an ID of an object to check against if the capability is a meta capability. Meta
[916] Fix | Delete
* capabilities such as `edit_post` and `edit_user` are capabilities used by the `map_meta_cap()` function to
[917] Fix | Delete
* map to primitive capabilities that a user or role has, such as `edit_posts` and `edit_others_posts`.
[918] Fix | Delete
*
[919] Fix | Delete
* This function replaces the current_user_can_for_blog() function.
[920] Fix | Delete
*
[921] Fix | Delete
* Example usage:
[922] Fix | Delete
*
[923] Fix | Delete
* current_user_can_for_site( $site_id, 'edit_posts' );
[924] Fix | Delete
* current_user_can_for_site( $site_id, 'edit_post', $post->ID );
[925] Fix | Delete
* current_user_can_for_site( $site_id, 'edit_post_meta', $post->ID, $meta_key );
[926] Fix | Delete
*
[927] Fix | Delete
* @since 6.7.0
[928] Fix | Delete
*
[929] Fix | Delete
* @param int $site_id Site ID.
[930] Fix | Delete
* @param string $capability Capability name.
[931] Fix | Delete
* @param mixed ...$args Optional further parameters, typically starting with an object ID.
[932] Fix | Delete
* @return bool Whether the user has the given capability.
[933] Fix | Delete
*/
[934] Fix | Delete
function current_user_can_for_site( $site_id, $capability, ...$args ) {
[935] Fix | Delete
$switched = is_multisite() ? switch_to_blog( $site_id ) : false;
[936] Fix | Delete
[937] Fix | Delete
$can = current_user_can( $capability, ...$args );
[938] Fix | Delete
[939] Fix | Delete
if ( $switched ) {
[940] Fix | Delete
restore_current_blog();
[941] Fix | Delete
}
[942] Fix | Delete
[943] Fix | Delete
return $can;
[944] Fix | Delete
}
[945] Fix | Delete
[946] Fix | Delete
/**
[947] Fix | Delete
* Returns whether the author of the supplied post has the specified capability.
[948] Fix | Delete
*
[949] Fix | Delete
* This function also accepts an ID of an object to check against if the capability is a meta capability. Meta
[950] Fix | Delete
* capabilities such as `edit_post` and `edit_user` are capabilities used by the `map_meta_cap()` function to
[951] Fix | Delete
* map to primitive capabilities that a user or role has, such as `edit_posts` and `edit_others_posts`.
[952] Fix | Delete
*
[953] Fix | Delete
* Example usage:
[954] Fix | Delete
*
[955] Fix | Delete
* author_can( $post, 'edit_posts' );
[956] Fix | Delete
* author_can( $post, 'edit_post', $post->ID );
[957] Fix | Delete
* author_can( $post, 'edit_post_meta', $post->ID, $meta_key );
[958] Fix | Delete
*
[959] Fix | Delete
* @since 2.9.0
[960] Fix | Delete
* @since 5.3.0 Formalized the existing and already documented `...$args` parameter
[961] Fix | Delete
* by adding it to the function signature.
[962] Fix | Delete
*
[963] Fix | Delete
* @param int|WP_Post $post Post ID or post object.
[964] Fix | Delete
* @param string $capability Capability name.
[965] Fix | Delete
* @param mixed ...$args Optional further parameters, typically starting with an object ID.
[966] Fix | Delete
* @return bool Whether the post author has the given capability.
[967] Fix | Delete
*/
[968] Fix | Delete
function author_can( $post, $capability, ...$args ) {
[969] Fix | Delete
$post = get_post( $post );
[970] Fix | Delete
if ( ! $post ) {
[971] Fix | Delete
return false;
[972] Fix | Delete
}
[973] Fix | Delete
[974] Fix | Delete
$author = get_userdata( $post->post_author );
[975] Fix | Delete
[976] Fix | Delete
if ( ! $author ) {
[977] Fix | Delete
return false;
[978] Fix | Delete
}
[979] Fix | Delete
[980] Fix | Delete
return $author->has_cap( $capability, ...$args );
[981] Fix | Delete
}
[982] Fix | Delete
[983] Fix | Delete
/**
[984] Fix | Delete
* Returns whether a particular user has the specified capability.
[985] Fix | Delete
*
[986] Fix | Delete
* This function also accepts an ID of an object to check against if the capability is a meta capability. Meta
[987] Fix | Delete
* capabilities such as `edit_post` and `edit_user` are capabilities used by the `map_meta_cap()` function to
[988] Fix | Delete
* map to primitive capabilities that a user or role has, such as `edit_posts` and `edit_others_posts`.
[989] Fix | Delete
*
[990] Fix | Delete
* Example usage:
[991] Fix | Delete
*
[992] Fix | Delete
* user_can( $user->ID, 'edit_posts' );
[993] Fix | Delete
* user_can( $user->ID, 'edit_post', $post->ID );
[994] Fix | Delete
* user_can( $user->ID, 'edit_post_meta', $post->ID, $meta_key );
[995] Fix | Delete
*
[996] Fix | Delete
* @since 3.1.0
[997] Fix | Delete
* @since 5.3.0 Formalized the existing and already documented `...$args` parameter
[998] Fix | Delete
* by adding it to the function signature.
[999] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function