Skip to content

Commit

Permalink
Fixed permission check to allow list customers
Browse files Browse the repository at this point in the history
  • Loading branch information
@claudiosanches @claudiulodro
claudiosanches authored and claudiulodro committed Nov 2, 2018
1 parent 8c908b1 commit 58d2fc8
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions includes/wc-rest-functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,8 +279,8 @@ function wc_rest_check_user_permissions( $context = 'read', $object_id = 0 ) {
'batch' => 'promote_users',
);

// Prevent shop_managers of doing changes or delete adminstrators.
if ( ! in_array( $context, array( 'create', 'batch' ), true ) && wc_current_user_has_role( 'shop_manager' ) ) {
// Check to allow shop_managers to manage only customers.
if ( in_array( $context, array( 'edit', 'delete' ), true ) && wc_current_user_has_role( 'shop_manager' ) ) {
$permission = false;
$user_data = get_userdata( $object_id );
$shop_manager_editable_roles = apply_filters( 'woocommerce_shop_manager_editable_roles', array( 'customer' ) );
Expand Down

0 comments on commit 58d2fc8

Please sign in to comment.