Reader: "Edit post" should NOT show on sites the user does not own #94452

DustyReagan · 2024-09-11T20:22:29Z

On the /discover page, in the ellipses menu, "Edit post" should not be an option on sites the user does not own.

javierarce · 2024-09-12T13:30:11Z

I haven't been able to reproduce this 🤔

This is what I see instead:

eoigal · 2024-09-30T19:40:37Z

I can't reproduce this with an non-A8C account.

The Edit Post option is only shown if the user has edit_post capabilities. The endpoint that figures this out is /read/streams/discover which ultimately adds the capabilities via fbhepr%2Skers%2Sjcpbz%2Sjc%2Qpbagrag%2Syvo%2Sernqre%2Qfvgr%2Qcbfg%2Spynff.jcpbz%2Qernqre%2Qfvgr%2Qcbfg.cuc%3Se%3Qs8778p0q%26sv%3Qhcqngr_qlanzvp_cbfg_svryqf%23169-og

I confirmed by sandboxing public-api.wordpress.com that the is_super_admin is set to true when logged in with A8C account. I'm going to close this as I think its intentional and not really an issue that will affect users in production.

DustyReagan changed the title ~~Reader: Edit Post should NOT show on sites the user does not own~~ Reader: "Edit post" should NOT show on sites the user does not own Sep 11, 2024

eoigal self-assigned this Sep 30, 2024

eoigal closed this as completed Sep 30, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Reader: "Edit post" should NOT show on sites the user does not own #94452

Reader: "Edit post" should NOT show on sites the user does not own #94452

DustyReagan commented Sep 11, 2024 •

edited

Loading

javierarce commented Sep 12, 2024

eoigal commented Sep 30, 2024

Reader: "Edit post" should NOT show on sites the user does not own #94452

Reader: "Edit post" should NOT show on sites the user does not own #94452

Comments

DustyReagan commented Sep 11, 2024 • edited Loading

javierarce commented Sep 12, 2024

eoigal commented Sep 30, 2024

DustyReagan commented Sep 11, 2024 •

edited

Loading