Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,14 @@ public function get_items_permissions_check( $request ) {
array( 'status' => rest_authorization_required_code() )
);
} elseif ( 0 === $post_id && ! current_user_can( 'moderate_comments' ) ) {
/*
* Intentionally the global primitive: this gates the whole ?post=0
* collection, which can mix comment types, before any individual
* comment is known. Known divergence: a global moderator sees
* independent-type orphans filtered out of the list (empty 200)
* while a type moderator gets 403 here. A per-type collection
* treatment belongs with a future `type` parameter rework.
*/
return new WP_Error(
'rest_cannot_read',
__( 'Sorry, you are not allowed to read comments without a post.' ),
Expand Down Expand Up @@ -190,6 +198,8 @@ public function get_items_permissions_check( $request ) {
}
}
} elseif ( $is_edit_context && ! current_user_can( 'moderate_comments' ) ) {
// Intentionally the global primitive: gates an edit-context collection
// that can mix comment types, before any individual comment is known.
return new WP_Error(
'rest_forbidden_context',
__( 'Sorry, you are not allowed to edit comments.' ),
Expand Down Expand Up @@ -437,8 +447,13 @@ public function get_item_permissions_check( $request ) {
return $comment;
}

// Re-map edit context capabilities when requesting `note` type.
$edit_cap = 'note' === $comment->comment_type ? array( 'edit_comment', $comment->comment_ID ) : array( 'moderate_comments' );
/*
* Re-map edit context capabilities per comment type: `note` comments are
* gated by `edit_comment`, all others by the per-comment `moderate_comment`
* meta capability. This matches the update and delete paths, whose responses
* already return edit-context data.
*/
$edit_cap = 'note' === $comment->comment_type ? array( 'edit_comment', $comment->comment_ID ) : array( 'moderate_comment', $comment->comment_ID );
if ( ! empty( $request['context'] ) && 'edit' === $request['context'] && ! current_user_can( ...$edit_cap ) ) {
return new WP_Error(
'rest_forbidden_context',
Expand Down Expand Up @@ -539,7 +554,12 @@ public function create_item_permissions_check( $request ) {
}
}

// Limit who can set comment `author`, `author_ip` or `status` to anything other than the default.
/*
* Limit who can set comment `author`, `author_ip` or `status` to anything
* other than the default. Intentionally the global primitive: these gates
* run at creation time, and honoring the (known) type's own moderation
* primitive here is future work alongside the other creation-time gates.
*/
if ( isset( $request['author'] ) && get_current_user_id() !== $request['author'] && ! current_user_can( 'moderate_comments' ) ) {
return new WP_Error(
'rest_comment_invalid_author',
Expand Down Expand Up @@ -1913,6 +1933,8 @@ protected function check_read_post_permission( $post, $request ) {
* Checks if the comment can be read.
*
* @since 4.7.0
* @since 7.1.0 Orphaned comments are gated by the per-comment `moderate_comment`
* meta capability instead of the global `moderate_comments` primitive.
*
* @param WP_Comment $comment Comment object.
* @param WP_REST_Request $request Request data to check.
Expand All @@ -1932,7 +1954,7 @@ protected function check_read_permission( $comment, $request ) {
return false;
}

if ( empty( $comment->comment_post_ID ) && ! current_user_can( 'moderate_comments' ) ) {
if ( empty( $comment->comment_post_ID ) && ! current_user_can( 'moderate_comment', $comment->comment_ID ) ) {
return false;
}

Expand All @@ -1947,6 +1969,8 @@ protected function check_read_permission( $comment, $request ) {
* Checks if a comment can be edited or deleted.
*
* @since 4.7.0
* @since 7.1.0 Uses the per-comment `moderate_comment` meta capability instead
* of the global `moderate_comments` primitive.
*
* @param WP_Comment $comment Comment object.
* @return bool Whether the comment can be edited or deleted.
Expand All @@ -1956,7 +1980,13 @@ protected function check_edit_permission( $comment ) {
return false;
}

if ( current_user_can( 'moderate_comments' ) ) {
/*
* Use the per-comment `moderate_comment` meta capability rather than the
* global `moderate_comments` primitive. For comment types using the default
* capability model this resolves to `moderate_comments` (unchanged), while a
* type with its own capabilities is gated by its own moderation primitive.
*/
if ( current_user_can( 'moderate_comment', $comment->comment_ID ) ) {
return true;
}

Expand Down
Loading
Loading