Changeset 6507

Timestamp:

12/28/07 00:46:18 (7 months ago)

Author:

ryan

Message:

Some cap checks for app from josephscott.

Files:

• trunk/wp-app.php (modified) (4 diffs)

trunk/wp-app.php

@@ -164 +164 @@
-    function get_service() {
-        log_app('function','get_service()');
+
+        if( !current_user_can( 'edit_posts' ) ) 
+            $this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
+
-        $entries_url = attribute_escape($this->get_entries_url());
-        $categories_url = attribute_escape($this->get_categories_url());
@@ -193 +197 @@
-
-    function get_categories_xml() {
-
-        log_app('function','get_categories_xml()');
+
+        if( !current_user_can( 'edit_posts' ) ) 
+            $this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
+
-        $home = attribute_escape(get_bloginfo_rss('home'));
-
@@ -286 +293 @@
-
-    function get_post($postID) {
-
-        global $entry;
+
+        if( !current_user_can( 'edit_post', $postID ) )
+            $this->auth_required( __( 'Sorry, you do not have the right to access this post.' ) ); 
+
-        $this->set_current_entry($postID);
-        $output = $this->get_entry($postID);
@@ -373 +383 @@
-
-    function get_attachment($postID = NULL) {
+        if( !current_user_can( 'upload_files' ) )
+            $this->auth_required( __( 'Sorry, you do not have the right to file uploads on this blog.' ) );
+
-        if (!isset($postID)) {
-            $this->get_attachments();