Skip to:
Content

BuddyPress.org

Opened 5 years ago

Closed 5 years ago

Last modified 3 years ago

#5932 closed enhancement (fixed)

Capability for BP_Members_Admin should be "manage_network_users"

Reported by: thomaslhotta Owned by: r-a-y
Milestone: 2.2 Priority: normal
Severity: normal Version: 2.1
Component: Core Keywords: good-first-bug has-patch commit
Cc:

Description

The current capability used in BP_Members_Admin is "manage_network_options". It think it would be better to use the "manage_network_users" capability. This would allow more granular access control to the network admin.

This would also require to replace

if ( ! is_super_admin() || empty( $action ) ) 

on line 1333 with

if ( ! current_user_can( $this->capability ) || empty( $action ) ) {


In my case I use this to allow specific users access to the network user management without giving them full access to all network options. I currently do this by extending the BP_Members_Admin, what seems rather hackish.

Attachments (1)

5932.01.patch (1.1 KB) - added by r-a-y 5 years ago.

Download all attachments as: .zip

Change History (8)

#1 @DJPaul
5 years ago

  • Component changed from Members to Roles/Capability
  • Milestone changed from Awaiting Review to 2.2

Our capability stuff is generally incomplete and probably inconsistent, but we can look into this. :)

#2 @DJPaul
5 years ago

  • Keywords good-first-bug added

@r-a-y
5 years ago

#3 @r-a-y
5 years ago

  • Keywords has-patch added

Added a patch based off of thomaslhotta's ideas.

This ticket was mentioned in Slack in #buddypress by r-a-y. View the logs.


5 years ago

#5 @johnjamesjacoby
5 years ago

  • Keywords commit added

Looks good to me. Since these are largely stuck behind is_super_admin() checks, breakage should be nonexistent.

#6 @r-a-y
5 years ago

  • Owner set to r-a-y
  • Resolution set to fixed
  • Status changed from new to closed

In 9320:

Members Admin: Set better access capabilities.

Props thomaslhotta.

Fixes #5932.

#7 @DJPaul
3 years ago

  • Component changed from API - Roles/Capability to Core
Note: See TracTickets for help on using tickets.