Message info
 
To:wp-svn@lists.automattic.com From:m@wordpress.org Subject:[wp-svn] [21085] branches/3.3/wp-includes/capabilities.php: Make read_post more useful. Date:Fri, 15 Jun 2012 17:48:01 +0000 (UTC)
 

Revision
21085
Author
markjaquith
Date
2012-06-15 17:48:01 +0000 (Fri, 15 Jun 2012)

Log Message

Make read_post more useful. Map read_post to edit_post for posts with protected post states. This makes read_post work naturally for draft, future, and pending posts belonging to other users. If the current user cannot edit these non-public posts then the user should not be able to read them either.

Backports [21046] for the 3.3 branch.

Modified Paths

Diff

Modified: branches/3.3/wp-includes/capabilities.php (21084 => 21085)


--- branches/3.3/wp-includes/capabilities.php	2012-06-15 17:02:39 UTC (rev 21084)
+++ branches/3.3/wp-includes/capabilities.php	2012-06-15 17:48:01 UTC (rev 21085)
@@ -1065,7 +1065,8 @@
 			break;
 		}
 
-		if ( 'private' != $post->post_status ) {
+		$status_obj = get_post_status_object( $post->post_status );
+		if ( $status_obj->public ) {
 			$caps[] = $post_type->cap->read;
 			break;
 		}
@@ -1079,8 +1080,10 @@
 
 		if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID )
 			$caps[] = $post_type->cap->read;
+		elseif ( $status_obj->private )
+			$caps[] = $post_type->cap->read_private_posts;
 		else
-			$caps[] = $post_type->cap->read_private_posts;
+			$caps[] = map_meta_cap( 'edit_post', $user_id, $post->ID );
 		break;
 	case 'edit_post_meta':
 	case 'delete_post_meta':