Description: Revisions: Change the capability needed to view revision diffs to edit_post.
Author: rachelbaker
Origin: upstream, https://core.trac.wordpress.org/changeset/37800
Applied-Upstream: 4.1.12
Reviewed-by: Craig Small <csmall@debian.org>
Last-Update: 2016-06-26
--- a/wp-admin/includes/ajax-actions.php
+++ b/wp-admin/includes/ajax-actions.php
@@ -2543,7 +2543,7 @@
 	if ( ! $post = get_post( (int) $_REQUEST['post_id'] ) )
 		wp_send_json_error();
 
-	if ( ! current_user_can( 'read_post', $post->ID ) )
+	if ( ! current_user_can( 'edit_post', $post->ID ) )
 		wp_send_json_error();
 
 	// Really just pre-loading the cache here.
--- a/wp-admin/revision.php
+++ b/wp-admin/revision.php
@@ -63,7 +63,7 @@
 	if ( ! $post = get_post( $revision->post_parent ) )
 		break;
 
-	if ( ! current_user_can( 'read_post', $revision->ID ) || ! current_user_can( 'read_post', $post->ID ) )
+	if ( ! current_user_can( 'read_post', $revision->ID ) || ! current_user_can( 'edit_post', $revision->post_parent ) )
 		break;
 
 	// Revisions disabled and we're not looking at an autosave
