Add granularity to validate cap checks

Author: westonruter

includes/validation/class-amp-validated-url-post-type.php

@@ -1522,7 +1522,7 @@ public static function handle_validate_request() {
 					throw new Exception( 'invalid_post' );
 				}
 				if ( ! current_user_can( 'edit_post', $post->ID ) ) {
-					throw new Exception( 'unauthorized' );
+					throw new Exception( __( 'Unable to access validated URL screen.', 'amp' ) );
 				}
 				$url = self::get_url_from_post( $post );
 			} elseif ( isset( $_GET['url'] ) ) {
@@ -1531,8 +1531,8 @@ public static function handle_validate_request() {
 					throw new Exception( 'illegal_url' );
 				}
 				// Don't let non-admins create new amp_validated_url posts.
-				if ( ! current_user_can( 'manage_options' ) ) {
-					throw new Exception( 'unauthorized' );
+				if ( ! current_user_can( get_post_type_object( self::POST_TYPE_SLUG )->cap->edit_posts ) ) {
+					throw new Exception( __( 'Unable to access validated URL screen.', 'amp' ) );
 				}
 			}
 
@@ -1560,6 +1560,9 @@ public static function handle_validate_request() {
 				throw new Exception( AMP_Validation_Manager::get_validate_url_error_message( $stored->get_error_code(), $stored->get_error_message() ) );
 			}
 			$redirect = get_edit_post_link( $stored, 'raw' );
+			if ( empty( $redirect ) ) {
+				throw new Exception( __( 'Unable to access validated URL screen.', 'amp' ) );
+			}
 
 			$error_count = count(
 				array_filter(

includes/validation/class-amp-validation-manager.php

@@ -840,7 +840,7 @@ public static function get_amp_validity_rest_field( $post_data, $field_name, $re
 	 * @return boolean $has_cap Whether the current user has the capability.
 	 */
 	public static function has_cap() {
-		return current_user_can( 'edit_posts' );
+		return current_user_can( get_post_type_object( AMP_Validated_URL_Post_Type::POST_TYPE_SLUG )->cap->edit_posts );
 	}
 
 	/**