[New Sniff] Check that capabilities are used not roles

[khacoder]

[New Sniff]

Rule:

ERROR : Check that capabilities are used not roles. Functions to check: get_role(), current_user_can(), current_user_can_for_blog(), user_can(), add_..._page()

Ref: https://make.wordpress.org/themes/handbook/review/required/#core-functionality-and-features

To do:

• [x] Create Unit Tests
• [x] Create Unit Sniff

[khacoder]

I have essentially got this sniff done, but need a little more time for testing.

[carolinan]

Is this only regarding adding menu pages, or other usages too?

[jrfnl]

Is this only regarding adding menu pages, or other usages too?

This should be for all usages

[jrfnl]

Theme check file (partially) covering this rule:

https://github.com/Otto42/theme-check/blob/master/checks/admin_menu.php

[jrfnl]

Also in the handbook (related but not the same):

Use edit_theme_options capability for determining user permission to edit options, rather than rely on a role (e.g. “administrator”), or a different capability (e.g. “edit_themes”, “manage_options”).

https://make.wordpress.org/themes/handbook/review/required/#options-and-settings

[khacoder]

the sniff I have created is for all pages.

[jrfnl]

In the new Theme handbook, the rule has been moved to another section: https://make.wordpress.org/themes/handbook/review/required/#options-and-settings

[grappler]

Created a PR upstream for this https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/pull/1364

[dingo-d]

@grappler Any news on the upstream issue for this?