Opened 6 years ago
Closed 3 years ago
#8072 closed defect (bug) (fixed)
'edit_users' capability not allowing extended profiles to be viewed/edited
Reported by: | Venutius | Owned by: | dcavins |
---|---|---|---|
Milestone: | 10.0.0 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Members | Keywords: | needs-patch good-first-bug |
Cc: |
Description
I've raised a couple of tickets to address some capability checks for 'edit_users' in bp membes admin ( #8069 #8070 ) however, with these changes in place we still don't get the desired results. Whilst those users can now see the 'Extended' option in the user list, clicking on it returns a page with a content of -1.
This is caused by line 904 of `buddypress/bp-members/classes/class-bp-members-admin.php not including a check for 'edit_users':
if ( ! bp_current_user_can( 'bp_moderate' ) && empty( $this->is_self_profile ) ) {
I suggest we change this to:
if ( ! current_user_can( 'edit_users' ) && ! bp_current_user_can( 'bp_moderate' ) && empty( $this->is_self_profile ) ) {
Hi,
I'd like to see a patch about it, if this can happen, I'm fine with including it into 10.0.0