#8069 closed defect (bug) (no action required)
typo 'edit_user' in class-bp-members.php
Reported by: | Venutius | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Members | Keywords: | |
Cc: |
Description
I was investigating a user enquiry and I noticed that line 1277 of buddypress/bp-members/classes/class-bp-members-admin.php
:
if ( current_user_can( 'edit_user', $user->ID ) || bp_current_user_can( 'bp_moderate' ) ) {
This should be:
if ( current_user_can( 'edit_users', $user->ID ) || bp_current_user_can( 'bp_moderate' ) ) {
Change History (2)
Note: See
TracTickets for help on using
tickets.
This is not a typo, and is working as intended.
edit_user
with a user ID passed into it is valid.See: https://core.trac.wordpress.org/browser/tags/5.1.1/src/wp-includes/capabilities.php#L47
In general, the singular version of a capability check is for asking the question: can the current user perform this action on this single identifiable thing?
The plural version of a capability check is for asking the question: can the current user perform this action on all of this kind of thing?
Ultimately, what I suspect is happening in your case, is that some other capability check is saying "no", that the current user is still not allowed to edit the user being compared against, despite it having the
bp_moderate
capability and theedit_users
capability.As a guess, a multisite installation might require an additional
manage_network_users
capability, or some other specific override.I've written a plugin (a few years ago) to allow site Administrators to edit users of their sites in a multisite environment. You might find it to be a good start to help you make things work how you want.
See: https://jjj.codes/stuttter/wp-user-edit