Grant Roles without edit_users

  • Resolved mafields

    (@mafields)


    6 years, 11 months ago

    Greetings,

    I noticed that the Grant Roles functionality of URE is limited to users that have the edit_user capability; however, in stock WordPress (5.0.x) users that have the promote_user capability can change the primary role for a user.

    We have an environment where we cannot grant edit_user, but would like for certain folks to be able to manage roles for users on their sites. Setting the primary role via “Change role to…” works fine, but the URE “Grant Roles” only works when the user has edit_user, rather than promote_user.

    I’d like to propose a change to allow promote_user to be able to use the “Grant Roles” function.

    Here is a diff that provides the proposed functionality:

    diff –git a/includes/classes/ajax-processor.php b/includes/classes/ajax-processor.php
    index dd5bbdf..cfe5a0f 100644
    — a/includes/classes/ajax-processor.php
    +++ b/includes/classes/ajax-processor.php
    @@ -43,7 +43,7 @@ class URE_Ajax_Processor {
    protected function get_required_cap() {

    if ($this->action==’grant_roles’ || $this->action==’get_user_roles’) {
    – $cap = ‘edit_users’;
    + $cap = ‘promote_users’;
    } else {
    $cap = URE_Own_Capabilities::get_key_capability();
    }
    diff –git a/includes/classes/grant-roles.php b/includes/classes/grant-roles.php
    index 98a9b56..e435612 100644
    — a/includes/classes/grant-roles.php
    +++ b/includes/classes/grant-roles.php
    @@ -38,7 +38,7 @@ class URE_Grant_Roles {
    if (!is_numeric($user_id)) {
    return false;
    }
    – if (!current_user_can(‘edit_user’, $user_id)) {
    + if (!current_user_can(‘promote_user’, $user_id)) {
    return false;
    }
    }
    @@ -150,7 +150,7 @@ class URE_Grant_Roles {

    public static function grant_roles() {

    – if (!current_user_can(‘edit_users’)) {
    + if (!current_user_can(‘promote_users’)) {
    $answer = array(‘result’=>’error’, ‘message’=>esc_html__(‘Not enough permissions’, ‘user-role-editor’));
    return $answer;
    }
    @@ -196,7 +196,7 @@ class URE_Grant_Roles {

    public static function get_user_roles() {

    – if (!current_user_can(‘edit_users’)) {
    + if (!current_user_can(‘promote_users’)) {
    $answer = array(‘result’=>’error’, ‘message’=>esc_html__(‘Not enough permissions’, ‘user-role-editor’));
    return $answer;
    }
    @@ -278,7 +278,7 @@ class URE_Grant_Roles {
    if (!$this->lib->is_right_admin_path(‘users.php’)) {
    return;
    }
    – if (!current_user_can(‘edit_users’)) {
    + if (!current_user_can(‘promote_users’)) {
    return;
    }
    $button_number = (self::$counter>0) ? ‘_2’: ”;

    • This topic was modified 6 years, 11 months ago by mafields. Reason: Fix code fence
    • This topic was modified 6 years, 11 months ago by mafields. Reason: Remove code fence
Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Grant Roles without edit_users’ is closed to new replies.