Use capabilities not roles

[khacoder]

No description provided.

[khacoder]

Sorry, not quite sure what I am doing yet. Can you help me out jrf or grapplerulrich

[grappler]

@khacoder You don't need to close the PR. We can keep it open and work on it. What do you need help with? Ping me on slack.

[jrfnl]

When merged, solves #27

[jrfnl]

The principle of the sniff is sound, but it can do with some more love to make it great.

I would also like to suggest pulling this sniff upstream and moving it into the WP category instead of Theme.
This is a best practice for all WP devs, not just themes.

[jrfnl]

Not important, but the Error/Warning comment should be in normal sentence case, no need for all caps.

[jrfnl]

This comment is redundant as it is linked to the sniff by the directory and file name.

[jrfnl]

I'm missing the unfiltered_upload capability. Not that it's used much, but it is a valid capability.

[jrfnl]

Please add a note on what logic has been used to order this list.

You may also want to include a link to the core handbook and/or codex which lists these capabilities to make it easier in the future to keep the list up to date.

[jrfnl]

Line 91-98 is duplicate of line 83-90

Also towards the bottom of the list there is a whole range of additional duplicates for things like edit_posts, delete_posts etc

[grappler]

Ah, yes the list was not very good. I have updated it again and it should be good now.

[jrfnl]

Suggested alternative: UnknownCapabilityFound

[jrfnl]

Please document that these are the valid values.

[jrfnl]

Please document that it is undesirable to use these.

In that respect, I would actually reverse the property order in the file. core_capabilities first, core_roles second.

[jrfnl]

Is there any logic to the function order ? I can see they are semi-grouped, but the groups are not annotated, nor are the functions within a group ordered by any logical order.

[grappler]

I have added a bit more documentation.

[jrfnl]

At a later stage, this sniff should probably also check for certain class methods, like WP_User::has_cap().

Might be useful to add a @todo note in the class comment about this or to open an issue for it as a reminder.

[grappler]

I am happy to make a PR upstream. I will work on here for the time being till it is fully ready.

[jrfnl]

@grappler Okidoki. let me know when you're ready for me to have another look.

[grappler]

I will update it for PHPCS 3.x and push the PR upstream.

[jrfnl]

Once this has been pulled upstream, this PR can be closed and a new PR will need to be opened just to add the new upstream sniff to the ruleset.

[khacoder]

I would like to finish this one if I could please.

[jrfnl]

@khacoder FYI: @grappler has actually already pulled an updated version to WPCS upstream which includes your original commit for the credits. This PR will be closed in favour of adding the upstream WPCS version to the ruleset once that PR has been merged, so there is nothing here at this moment to continue with.

If you like, you can look over the upstream PR & give feedback there: WordPress/WordPress-Coding-Standards#1364

[khacoder]

OK no problem, you may as well close this one??

[jrfnl]

For history:

This PR was closed when we replaced the master/develop branches with the re-organized stand-alone repo.

It will not be re-opened for the following reasons:

• Once the upstream WPCS PR has been merged, that sniff should be added to the WPThemeReview ruleset instead (or extended).