Closed Shelob9 closed 8 years ago
edit_post is for single, edit_posts is for blanket across the board. the caps change when we're on a single. edit_post requires a post_id. it just results in php warnings so the logic just needs to be fully vetted (which I thought I already did)
I just sent a different PR (#103) to stay with our git flow is all. User is not able to save posts with Lasso 0.9.6 and WP 4.2.3. I am all for greater testing.
I agree. It's a massive change with like 400 implications, needs situational unit tests.
that is ONE user correct?
Yea, and myself too.
I confirmed issue as well.
that guy has all kinds of cloudflare junk going on. its not a widespread issue. I've never encountered not being able to save a post as admin
I agree @Shelob9 unit tests for this would help
It is true that he has all kinds of crapola, however, this has been replicable on both our setups. Does this happen for you on the latest WP @bearded-avengeR?
if users were not able to save a post as admin our support would just be going crazy
unless something changed with caps in 4.2.3
sure as shit, something changed in 4.2.3. awesome. LMAO
so much for a SECURITY release LOLOLOL
Yea, unless many have not updated. Still does not answer my question, heh. And yes, there was a friggin change. This was not that great of an iteration for devs as it was supposed to be security related. https://core.trac.wordpress.org/milestone/4.2.3 and https://codex.wordpress.org/Version_4.2.3 ~~> wp-includes/capabilities.php
.
thanks @michaelbeil
no wonder devs are going ape shit this is crap
YAH sure you betcha der hey down in the mountains bearder feller.
LMAO
Seriously. The entire shortcode API got lambasted.
yeah that's sep I'm more concerned with what's changed with caps that has pretty far reaching effects that a lot of people won't even notice with their plugins for some time. I'm eager to a diff on wp-capabilities now
Yea, it was a wrong way of doing things for sure, re shortcodes. Bummer that it was done and over with in literally 30 hours without informing devs.
You are right on the caps stuff.
just lost a bit more faith in wordpress
i'll look more tomorrow but in my 2 min of diffing it seems like if no post object it now passes do_not_allow https://github.com/WordPress/WordPress/commit/fe5a844be57adecb3f7b74bfcd1d8b8f153eedc4
yea, i think that was the response we were getting back from our internal api via json as well
well thanks for being on top of it guys I appreciate it. I've been out of the loop the past couple of weeks
fyi, that commit is on 4.3-beta3-33357
.
yeah you're right I was just looking back on the history of changes to that file https://github.com/WordPress/WordPress/commits/fe5a844be57adecb3f7b74bfcd1d8b8f153eedc4/wp-includes/capabilities.php
There she blows.
this broke role restrictions. a contributor can now edit other users posts. :( I was afraid that this would happen with this change.
I'm not going to be able to get to this until at least Friday.
We can't just change this without testing. The reason it was edit_posts is because it was failing with edit_post. I'd like to leave as is until we can fully test it.