{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 该账号已被封号 的问题《Error “ You dont have permission to attach files t》','https://www.manongdao.com/q-770568.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
When non-admin users upload media, They get the following error:
Things i have checked:
- Wp-content/uploads and all sub folders have permission 755.
Core capabilities and custom for a test user ( who gets this error) is set for yes for media_upload Refer to the image below:
Deactivated all plugins, issue remains same.
- To my knowledge, users were able to upload images earlier last week. No change has been done in the code since then.
If anyone has had a similar issue, I'm open for suggestions. Thanks.
UPDATE From wp-admin/includes/ ajax-action.php, I removed the following part:
if ( isset( $_REQUEST['post_id'] ) ) {
$post_id = $_REQUEST['post_id'];
if ( ! current_user_can( 'edit_post', $post_id ) ) {
echo wp_json_encode( array(
'success' => false,
'data' => array(
'message' => __( "You don't have permission to attach files to this post." ),
'filename' => $_FILES['async-upload']['name'],
)
) );
wp_die();
}
}
I realize that this is just sort of a checkpoint to see user capabilities but I dont fully understand why removing this part helped solve the issue. Now test user can upload media successfully ( media upload was successful earlier too) and there is no permission error and "UPLOAD MEDIA" button at the bottom is not greyed any more so I can upload as normal. Thanks
Removing core WP code isn't recommended at all!
The cause of this kind of error is often a PHP upload limit in your hosting environment. See here an example of how to change your PHP values : Change the maximum upload file size
But looking at your capabilities screenshot for posts Post Type, it seems your Role doesn't even enable to edit a post. I would first at least enable this Capability :
edit_posts. And maybe some other posts-related Capabitilies.For reference, here is a useful table to help understand Wordress Roles and Capabilities : Capability vs. Role Table
Just Update the wp-admin/includes/ ajax-action.php file, instead of 'edit_post' it should be 'edit_posts'
There are multiple solutions depending on the root cause.
One solution that seems to work if your roles get corrupted is install a plugin that edits WordPress roles. I don't know the exact role you need but I think it is one of these. I just noticed that you checked these so you might be beyond this, did you use a role editing plugin?
I would guess a user would need edit_post because uploading an image and attaching to a post IS editing the post.
Another solution is by adding some PHP code if you are allowed or have access to it. Add this to a PHP file, for example the header.php (temporarily) and run it.
This will give the role of the author the ability to upload files.
Third solution that sometimes solves it is to try adding the full file path for the uploads directory in Settings -> Media.
As mentioned in the question update, I removed the set of code from my file and it worked for me. I am not sure how it worked and I wont recommend this solution to anyone but if you are in a bad situation, I guess you could give it a try. I am still looking for an explanation as to what changed when i removed the code. If you are a wordpress or php expert and you understand what I did, please let me know.