From 43628c1f600181612235425063b76ad4342d2b6f Mon Sep 17 00:00:00 2001
From: Erick Hitter <git-contrib@ethitter.com>
Date: Sun, 26 May 2019 16:14:22 -0700
Subject: [PATCH] Add cap checks to bulk actions

---
 inc/class-wp-revisions-control-bulk-actions.php | 14 ++++++++++++++
 languages/wp-revisions-control.pot              |  8 ++++----
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/inc/class-wp-revisions-control-bulk-actions.php b/inc/class-wp-revisions-control-bulk-actions.php
index 5718186..bad9890 100644
--- a/inc/class-wp-revisions-control-bulk-actions.php
+++ b/inc/class-wp-revisions-control-bulk-actions.php
@@ -103,6 +103,20 @@ class WP_Revisions_Control_Bulk_Actions {
 			return;
 		}
 
+		$post_type_caps = get_post_type_object( $screen->post_type )->cap;
+		$user_can       = current_user_can( $post_type_caps->edit_posts ) &&
+						current_user_can( $post_type_caps->edit_published_posts ) &&
+						current_user_can( $post_type_caps->edit_others_posts );
+		$user_can       = apply_filters(
+			'wp_revisions_control_current_user_can_bulk_actions',
+			$user_can,
+			$screen->post_type
+		);
+
+		if ( ! $user_can ) {
+			return;
+		}
+
 		if ( 'edit' !== $screen->base ) {
 			return;
 		}
diff --git a/languages/wp-revisions-control.pot b/languages/wp-revisions-control.pot
index ec391de..2fa55dc 100644
--- a/languages/wp-revisions-control.pot
+++ b/languages/wp-revisions-control.pot
@@ -5,7 +5,7 @@ msgstr ""
 "Project-Id-Version: WP Revisions Control 1.3\n"
 "Report-Msgid-Bugs-To: "
 "https://wordpress.org/support/plugin/wp-revisions-control\n"
-"POT-Creation-Date: 2019-05-26 20:48:21+00:00\n"
+"POT-Creation-Date: 2019-05-26 23:14:32+00:00\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=utf-8\n"
 "Content-Transfer-Encoding: 8bit\n"
@@ -33,15 +33,15 @@ msgstr ""
 msgid "Purge ALL revisions"
 msgstr ""
 
-#: inc/class-wp-revisions-control-bulk-actions.php:229
+#: inc/class-wp-revisions-control-bulk-actions.php:243
 msgid "Purged all revisions."
 msgstr ""
 
-#: inc/class-wp-revisions-control-bulk-actions.php:236
+#: inc/class-wp-revisions-control-bulk-actions.php:250
 msgid "Purged excess revisions."
 msgstr ""
 
-#: inc/class-wp-revisions-control-bulk-actions.php:244
+#: inc/class-wp-revisions-control-bulk-actions.php:258
 msgid "WP Revisions Control encountered an unspecified error."
 msgstr ""
 
-- 
GitLab