Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Editor: Fix 403 forbidden error for users with low capabilities #60987

Closed
Mamaduka opened this issue Apr 23, 2024 · 0 comments · Fixed by #63296
Closed

Editor: Fix 403 forbidden error for users with low capabilities #60987

Mamaduka opened this issue Apr 23, 2024 · 0 comments · Fixed by #63296
Assignees
Labels
[Package] Edit Post /packages/edit-post [Package] Editor /packages/editor [Status] In Progress Tracking issues with work in progress [Type] Bug An existing feature does not function as intended

Comments

@Mamaduka
Copy link
Member

Mamaduka commented Apr 23, 2024

Currently, the editor generates two 403 (forbidden) errors for users with low capabilities. Both requests are made to the /settings endpoint, which requires manage_options capabilities; the capability is only available for administrators by default.

Sources

Proposed solution

  • Re-evaluate each case and apply the fix.
  • Add an e2e test to avoid similar regressions in the future.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
[Package] Edit Post /packages/edit-post [Package] Editor /packages/editor [Status] In Progress Tracking issues with work in progress [Type] Bug An existing feature does not function as intended
Projects
No open projects
Status: Done
Development

Successfully merging a pull request may close this issue.

2 participants