Closed apermo closed 2 weeks ago
Actually, more generally, I use edit_private_posts
as the required role:
https://github.com/akirk/friends/blob/main/includes/class-friends.php#L25
This particular function has_required_privileges()
is used in several places where it is about someone that you dedicate as the main user. This is derived from the idea that currently it is somewhat assumed that one person uses the blog (although this might change at some point, see #285) and you can select that user in the friend settings. The Administrator here is just a fallback that I am not sure is actually ever reached.
The main user is selected out of all users who have the edit_private_posts
permission only if it has not been selected:
All that said, happy to change this to use manage_options
if you'd like to submit a pull request!
Hey Alex,
https://github.com/akirk/friends/blob/a36317d1893b36434e299bb956803dbb5a5c744a/includes/class-friends.php#L670
I wonder why you chose to use
current_user_can( 'administrator' )
, this will only work if the user role is namedadministrator
. In case you create custom roles or rename the given ones, the function will no longer return true. Without testing it, I expect it to already fail for thesuper_administrator
role in a network.If you have a very specific reason for testing for 'administrator' I propose to add a filter, to be able to customize the capability.
Or replace 'administrator' with 'manage_options'.
I'll be happy to provide a PR, if you just give me your preferred solution.
For reference:
The role name capabilities are set in these two function with the following line.
$this->caps[ $role ] = true;