Users: Limit the scope of admin files required in WP_REST_Users_Controller.

This requires only `wp-admin/includes/user.php` for `get_editable_roles()`, instead of `wp-admin/includes/admin.php`. Follow-up to [43589]. Props johnwatkins0. Fixes #49450. Built from https://develop.svn.wordpress.org/trunk@47299 git-svn-id: http://core.svn.wordpress.org/trunk@47099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 05:33:06 +00:00
parent 8f877dc875
commit 61986acde9
2 changed files with 3 additions and 3 deletions
--- a/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
+++ b/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
@@ -1210,8 +1210,8 @@ class WP_REST_Users_Controller extends WP_REST_Controller {
 				);
 			}

-			// Include admin functions to get access to get_editable_roles().
-			require_once ABSPATH . 'wp-admin/includes/admin.php';
+			// Include user admin functions to get access to get_editable_roles().
+			require_once ABSPATH . 'wp-admin/includes/user.php';

 			// The new role must be editable by the logged-in user.
 			$editable_roles = get_editable_roles();