mattoperry
commented
9 years ago Hi @alpha1 -- thanks for this. I recently encountered a similar though not identical bug. Can you post the code you use to filter the two capabilities in question?
Closed alpha1 closed 3 years ago
mattoperry
commented
9 years ago Hi @alpha1 -- thanks for this. I recently encountered a similar though not identical bug. Can you post the code you use to filter the two capabilities in question?
mattoperry
commented
9 years ago Noting that this might be a subset of some more general issues that occur when coauthors_guest_author_manage_cap is filtered.
castlehouse
commented
8 years ago Hi @alpha1 we are looking at this issue as part of the 3.2 release, are you able to confirm this is still an issue and the steps to reproduce?
Just chatting to @mattoperry and it might be that the issue got fixed as part of something else so wanted to make sure :)
nielslange
commented
3 years ago Closing this issue as it can no longer be reproduced when adding the following snippet to the site:
add_filter( 'coauthors_guest_author_manage_cap', 'allow_editors_to_create_guest_coauthors' );
function allow_editors_to_create_guest_coauthors() {
return 'list_users';
}
I'm using
coauthors_guest_author_manage_capto change the capability tolist_guest_authorsMy test user does not have
edit_users,create_users, orlist_users. I have moved the guest authors page underneath profile using 'coauthors_guest_author_parent_page' for any user who lackslist_usersWhat happens then, when i visit the guest authors page, is I see the "Add New" (I believe that's from here), my limited user can see the create new user screen, and when I fill it out and hit save it sends me to admin/edit.php - with no notice, warning, or anything - but creating of this user, which I should not have permission to create, has succeeded.