Allow authors to edit only certain users

2 Views

I am trying to give my “authors” (who I have renamed “captains”) the ability to access the user profile of their team members and only their team members. The teams are defined by a user-meta box (this works better than a user taxonomy for the rest of the project). Authors have been given the edit_users capability.

I was thinking I could do something like this:

Read More
add_action('user_row_actions','captains_user_row_actions',10,2);

function captains_user_row_actions($actions, $user_object) {  // remove the ability to edit a non-team-member
$current_user = wp_get_current_user();
$cap_team_id = get_user_meta($current_user->ID, 'team-meta', true);
$user_team_id = get_user_meta($user_object->ID, 'team-meta', true);    

global $pagenow;
if ($pagenow=='users.php' && isset($user_object->caps['author']) &&  $cap_team_id != $user_team_id )
unset($actions['edit']);

return $actions;
}

Either this is not the way to go. Or I’m missing something.

Post Views: 2

Related posts

1 comment

  1. I did not test the following code, but it should do what you want (or point you in the right direction, at least).

    function captains_user_row_actions($actions, $user) {
    // remove the ability to edit a non-team-member
    $cap_team_id = get_user_meta(wp_get_current_user()->ID, 'team-meta', true);
    $user_team_id = get_user_meta($user->ID, 'team-meta', true);
    if ('users.php' === $GLOBALS['pagenow'] && $cap_team_id !== $user_team_id)
        unset($actions['edit']);

    return $actions;
}
add_action('user_row_actions', 'captains_user_row_actions', 10, 2);

    // EDIT
    Add the following to your functions.php file to also handle direct editing:

    function my_captain_func() {
    $cap_team_id = get_user_meta(wp_get_current_user()->ID, 'team-meta', true);
    $user_team_id = get_user_meta($_GET['user_id'], 'team-meta', true);
    if ($cap_team_id !== $user_team_id && ! current_user_can('edit_pages')) {
        wp_redirect(admin_url());   // or wherever you like
        exit;
    }
}   
if ('user-edit.php' === $GLOBALS['pagenow'])
    add_action('wp_loaded', 'my_captain_func');

Comments are closed.