Ticket #1825 (closed defect: fixed)

Opened 3 years ago

Last modified 3 years ago

Display a User's Role in profile.php and user-edit.php

Reported by: MichaelH Assigned to: davidhouse
Priority: normal Milestone:
Component: Administration Version: 1.6
Severity: minor Keywords: role capabilities bg|has-patch bg|squashed
Cc:

Description

The Users->Your Profile screen should display that user's current Role.

Actually, it's more important to show the user's Role in Users->Authors&Users; Edit a specific user (user-edit.php).

Attachments

show_role_on_profile.diff (2.5 kB) - added by davidhouse on 11/05/05 10:52:47.
admin-functions.php.patch (0.7 kB) - added by ringmaster on 11/05/05 20:33:35.
Apply this after davidhouse's patch to prevent a edit_users user from demoting himself.
admin-functions.php.2.patch (433 bytes) - added by ringmaster on 11/13/05 04:49:35.
Oops. Need to remove some leftovers.
show_user_role_in_profile.diff (0.6 kB) - added by MichaelH on 11/29/05 14:59:32.
just David's change to profile.php to show users their current role

Change History

11/05/05 10:52:47 changed by davidhouse

  • attachment show_role_on_profile.diff added.

11/05/05 10:53:38 changed by davidhouse

  • keywords changed from role capabilities to role capabilities bg|has-patch.

Covers both requirements.

11/05/05 11:24:16 changed by davidhouse

  • keywords changed from role capabilities bg|has-patch to role capabilities bg|has-patch bg|squashed.
  • owner changed from anonymous to davidhouse.
  • status changed from new to assigned.

Accepting and tagging as per westi's suggestions.

11/05/05 19:22:22 changed by MichaelH

With the patch installed, you can change a User's Role in user-edit.php, but you are allowed to "demote" yourself from being an administrator. As mentioned in Ticket 1645, the User should not be able to subtract edit_users capability from themselves.

To promote a user to administrator (that should kill ringmaster P) using phpMyAdmin, change wp_metauser for the user_id:

wp_capabilites to: a:1:{s:13:"administrator";b:1;} and wp_user_level to: 10

davidhouse: your patch does more than I asked for! Thanks.

11/05/05 20:33:35 changed by ringmaster

  • attachment admin-functions.php.patch added.

Apply this after davidhouse's patch to prevent a edit_users user from demoting himself.

11/06/05 03:58:53 changed by ryan

  • status changed from assigned to closed.
  • resolution set to fixed.

(In [2995]) Show Role in profile and user edit. Don't allow users with edit_users caps to demote themselves. Props: davidhouse, ringmaster. fixes #1825

11/13/05 04:49:35 changed by ringmaster

  • attachment admin-functions.php.2.patch added.

Oops. Need to remove some leftovers.

11/13/05 04:52:07 changed by ringmaster

  • status changed from closed to reopened.
  • resolution deleted.

Some code got left in that shouldn't have. My fault.

Applying the last patch will remove code from admin-functions.php that will ensure that the user can't remove the edit-users capability from himself.

11/13/05 04:56:06 changed by matt

  • status changed from reopened to closed.
  • resolution set to fixed.

(In [3064]) Fixes #1825 again so people can't demote themselves

11/29/05 14:58:18 changed by MichaelH

  • status changed from closed to reopened.
  • resolution deleted.

Reopening because David's patch (show_role_on_profile.diff) for profile.php to show the User their current Role is no longer in the code.

11/29/05 14:59:32 changed by MichaelH

  • attachment show_user_role_in_profile.diff added.

just David's change to profile.php to show users their current role

11/29/05 16:29:09 changed by ryan

I think Matt purposefully removed it.

01/05/06 21:47:49 changed by davidhouse

  • status changed from reopened to closed.
  • resolution set to fixed.