Upon closer examination of the role change process in WordPress core, it becomes evident that the default WordPress check for changing a user's role from administrator to editor fails at https://github.com/WordPress/WordPress/blob/master/wp-admin/users.php#L148. It's crucial to recognize that the correct capability name for this check is promote_users rather than edit_users. Consequently, relying on the handle_bulk_actions-users.php filter to enforce this restriction is not a viable approach. To achieve the same outcome as observed in the WordPress core, the role_has_cap filter is utilized as an alternative. Within this filter, the necessary checks and adjustments are made, ensuring that administrator and lms_manager are prevented from changing their roles to instructor.
Description
Upon closer examination of the role change process in WordPress core, it becomes evident that the default WordPress check for changing a user's role from
administrator
toeditor
fails at https://github.com/WordPress/WordPress/blob/master/wp-admin/users.php#L148. It's crucial to recognize that the correct capability name for this check ispromote_users
rather thanedit_users
. Consequently, relying on thehandle_bulk_actions-users.php
filter to enforce this restriction is not a viable approach. To achieve the same outcome as observed in the WordPress core, therole_has_cap
filter is utilized as an alternative. Within this filter, the necessary checks and adjustments are made, ensuring thatadministrator
andlms_manager
are prevented from changing their roles toinstructor
.Fixes #1100
How has this been tested?
Manually change current user role to
instructor
.Screenshots
Types of changes
Checklist:
npm run dev changelog add -- -i
and follow the prompt. See also: https://github.com/gocodebox/lifterlms/blob/trunk/packages/dev/README.md#changelog-add -->