Blacklist options don't behave as they should
-
Hi,
The description for the Roles Blacklist option for the plugin says “DO NOT show the Admin Bar for Users with these Role(s)” and the description for the Capabilities Blacklist option says “DO NOT show the Admin Bar for Users with these Capabilies”.
However I found that when I blacklisted the subscriber role the admin bar disappeared for all the other roles.
So I’ve looked at the code and the blacklist role loop is this:
foreach ( $blacklist_roles as $role ) {
if ( !current_user_can( $role ) ) {
return $this->disable();
}
}The “!” in front of the current_user_can call basically means (as I understand it) that this loop is behaving such if it’s the case for at least one of those blacklisted roles that the user DOES NOT have that role, then the admin bar is disabled (e.g. if you select the Subscriber role to be in the blacklist then any user which DOES NOT have the Subscriber role will have the admin bar disabled).
I believe that “!” is a mistake – it should be disabling if the return of current_user_can($role) is true for a role in the backlist, rather than if it’s not true.
The same negating happens for capabilities. I’ve looked back in Trac and it seems this behaviour has been there since version 1.0.
I think this is behind what incakola100 is reporting in a support post from a few weeks ago.
I’m suspect successful users of this plugin must have been pretty much all using the whitelist function :).
- The topic ‘Blacklist options don't behave as they should’ is closed to new replies.
