Remove private posts from front page query. Aadd private posts and page caps. fixes WordPress#2613

ryanboren · ryanboren · commit 8f12196bd1c5 · 2006-05-11T23:13:35.000Z
git-svn-id: https://develop.svn.wordpress.org/trunk@3772 602fd350-edb4-49c9-b593-d223f7449a82
diff --git a/wp-admin/upgrade-functions.php b/wp-admin/upgrade-functions.php
@@ -173,7 +173,7 @@ function upgrade_all() {
 	if ( $wp_current_db_version < 3308 )
 		upgrade_160();
 
-	if ( $wp_current_db_version < 3672 )
+	if ( $wp_current_db_version < 3767 )
 		upgrade_210();
 
 	$wp_rewrite->flush_rules();
@@ -492,7 +492,7 @@ function upgrade_210() {
 		}
 	}
 
-	if ( $wp_current_db_version < 3513 ) {
+	if ( $wp_current_db_version < 3767 ) {
 		populate_roles_210();
 	}
 
diff --git a/wp-admin/upgrade-schema.php b/wp-admin/upgrade-schema.php
@@ -352,6 +352,12 @@ function populate_roles_210() {
 		$role->add_cap('delete_posts');
 		$role->add_cap('delete_others_posts');
 		$role->add_cap('delete_published_posts');
+		$role->add_cap('delete_private_posts');
+		$role->add_cap('edit_private_posts');
+		$role->add_cap('read_private_posts');
+		$role->add_cap('delete_private_pages');
+		$role->add_cap('edit_private_pages');
+		$role->add_cap('read_private_pages');
 	}
 
 	$role = get_role('author');
diff --git a/wp-includes/capabilities.php b/wp-includes/capabilities.php
@@ -296,6 +296,8 @@ function map_meta_cap($cap, $user_id) {
 			// The post is published, extra cap required.
 			if ($post->post_status == 'publish')
 				$caps[] = 'delete_published_posts';
+			else if ($post->post_status == 'private')
+				$caps[] = 'delete_private_posts';
 		}
 		break;
 	case 'delete_page':
@@ -318,6 +320,8 @@ function map_meta_cap($cap, $user_id) {
 			// The page is published, extra cap required.
 			if ($page->post_status == 'publish')
 				$caps[] = 'delete_published_pages';
+			else if ($page->post_status == 'private')
+				$caps[] = 'delete_private_pages';
 		}
 		break;
 		// edit_post breaks down to edit_posts, edit_published_posts, or
@@ -346,6 +350,8 @@ function map_meta_cap($cap, $user_id) {
 			// The post is published, extra cap required.
 			if ($post->post_status == 'publish')
 				$caps[] = 'edit_published_posts';
+			else if ($post->post_status == 'private')
+				$caps[] = 'edit_private_posts';
 		}
 		break;
 	case 'edit_page':
@@ -368,6 +374,8 @@ function map_meta_cap($cap, $user_id) {
 			// The page is published, extra cap required.
 			if ($page->post_status == 'publish')
 				$caps[] = 'edit_published_pages';
+			else if ($page->post_status == 'private')
+				$caps[] = 'edit_private_pages';
 		}
 		break;
 	case 'read_post':
diff --git a/wp-includes/query.php b/wp-includes/query.php
@@ -828,13 +828,23 @@ function &get_posts() {
 		} else {
 			$where .= " AND (post_type = '$post_type' AND (post_status = 'publish'";
 
-			if ( is_admin() )
+			if ( is_admin() ) {
 				$where .= " OR post_status = 'future' OR post_status = 'draft'";
 	
-			if ( is_user_logged_in() )
-				$where .= " OR post_author = $user_ID AND post_status = 'private'))";
-			else
-				$where .= '))';
+				if ( is_user_logged_in() ) {
+					if ( 'post' == $post_type )
+						$cap = 'edit_private_posts';
+					else
+						$cap = 'edit_private_pages';
+
+					if ( current_user_can($cap) )
+						$where .= "OR post_status = 'private'";
+					else
+					$where .= " OR post_author = $user_ID AND post_status = 'private'";
+				}
+			}
+
+			$where .= '))';
 		}
 
 		// Apply filters on where and join prior to paging so that any
diff --git a/wp-includes/version.php b/wp-includes/version.php
@@ -3,6 +3,6 @@
 // This just holds the version number, in a separate file so we can bump it without cluttering the SVN
 
 $wp_version = '2.1-alpha1';
-$wp_db_version = 3672;
+$wp_db_version = 3767;
 
 ?>

Original file line number	Diff line number	Diff line change
`@@ -173,7 +173,7 @@ function upgrade_all() {`
`173`	`173`	`if ( $wp_current_db_version < 3308 )`
`174`	`174`	`upgrade_160();`
`175`	`175`
`176`		`- if ( $wp_current_db_version < 3672 )`
	`176`	`+ if ( $wp_current_db_version < 3767 )`
`177`	`177`	`upgrade_210();`
`178`	`178`
`179`	`179`	`$wp_rewrite->flush_rules();`
`@@ -492,7 +492,7 @@ function upgrade_210() {`
`492`	`492`	`}`
`493`	`493`	`}`
`494`	`494`
`495`		`- if ( $wp_current_db_version < 3513 ) {`
	`495`	`+ if ( $wp_current_db_version < 3767 ) {`
`496`	`496`	`populate_roles_210();`
`497`	`497`	`}`
`498`	`498`