vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-04-11 08:04:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Multisite: Introduce a can_add_user_to_blog filter to prevent adding a user to a site.

Browse Source 
Under certain circumstances, it can be necessary that a user should not be added to a site, beyond the restrictions that WordPress core applies. With the new `can_add_user_to_blog` filter, plugin developers can run custom checks and return an error in case of a failure, that will prevent the user from being added.

The user-facing parts and the REST API route that interact with `add_user_to_blog()` have been adjusted accordingly to provide appropriate error feedback when a user could not be added to a site. Furthermore, two existing error feedback messages in the site admin's "New User" screen have been adjusted to properly show inside an error notice instead of a success notice.

Props jmdodd.
Fixes #41101.


git-svn-id: https://develop.svn.wordpress.org/trunk@41225 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
flixos90
2017-08-03 21:40:02 +00:00
parent 814e1f5530
commit 0dc1e0633b
6 changed files with 146 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/wp-admin/user-new.php
View File

@@ -67,8 +67,13 @@ if ( isset($_REQUEST['action']) && 'adduser' == $_REQUEST['action'] ) {
$redirect = add_query_arg( array('update' => 'addexisting'), 'user-new.php' );
} else {
if ( isset( $_POST[ 'noconfirmation' ] ) && current_user_can( 'manage_network_users' ) ) {
add_existing_user_to_blog( array( 'user_id' => $user_id, 'role' => $_REQUEST[ 'role' ] ) );
$redirect = add_query_arg( array( 'update' => 'addnoconfirmation' , 'user_id' => $user_id ), 'user-new.php' );
$result = add_existing_user_to_blog( array( 'user_id' => $user_id, 'role' => $_REQUEST[ 'role' ] ) );
if ( ! is_wp_error( $result ) ) {
$redirect = add_query_arg( array( 'update' => 'addnoconfirmation', 'user_id' => $user_id ), 'user-new.php' );
} else {
$redirect = add_query_arg( array( 'update' => 'could_not_add' ), 'user-new.php' );
}
} else {
$newuser_key = substr( md5( $user_id ), 0, 5 );
add_option( 'new_user_' . $newuser_key, array( 'user_id' => $user_id, 'email' => $user_details->user_email, 'role' => $_REQUEST[ 'role' ] ) );
@@ -157,6 +162,8 @@ Please click the following link to confirm the invite:
$new_user = wpmu_activate_signup( $key );
if ( is_wp_error( $new_user ) ) {
$redirect = add_query_arg( array( 'update' => 'addnoconfirmation' ), 'user-new.php' );
} elseif ( ! is_user_member_of_blog( $new_user['user_id'] ) ) {
$redirect = add_query_arg( array( 'update' => 'created_could_not_add' ), 'user-new.php' );
} else {
$redirect = add_query_arg( array( 'update' => 'addnoconfirmation', 'user_id' => $new_user['user_id'] ), 'user-new.php' );
}
@@ -261,11 +268,17 @@ if ( isset($_GET['update']) ) {
case "addexisting":
$messages[] = __('That user is already a member of this site.');
break;
case "could_not_add":
$add_user_errors = new WP_Error( 'could_not_add', __( 'That user could not be added to this site.' ) );
break;
case "created_could_not_add":
$add_user_errors = new WP_Error( 'created_could_not_add', __( 'User has been created, but could not be added to this site.' ) );
break;
case "does_not_exist":
$messages[] = __('The requested user does not exist.');
$add_user_errors = new WP_Error( 'does_not_exist', __( 'The requested user does not exist.' ) );
break;
case "enter_email":
$messages[] = __('Please enter a valid email address.');
$add_user_errors = new WP_Error( 'enter_email', __( 'Please enter a valid email address.' ) );
break;
}
} else {