I’ve been able to prevent deletion and editing of posts based on user ID and page ID however, I need to restrict access to editing and deleting based on a custom field.
Not sure how to go about doing this.
Current working code for restricting user ID from editing/deleting based on page ID:
function restrict_post_deletion($post_ID){
$user = get_current_user_id();
$restricted_users = array(1,2,3,4,5,6,25,54,19);
$restricted_pages = array(2,21,52,64);
if(in_array($user, $restricted_users) && in_array($post_ID, $restricted_pages)){
do_action('admin_page_access_denied');
wp_die( __('You cannot modify or delete this entry.') );
}
}
add_action('edit_post', 'restrict_post_deletion', 10, 1);
add_action('before_edit_post', 'restrict_post_deletion', 10, 1);
add_action('wp_trash_post', 'restrict_post_deletion', 10, 1);
add_action('before_delete_post', 'restrict_post_deletion', 10, 1);
So we’ll say custom field is: $customstatus
$customstatus is already defined within the post through a dropdown with two options ‘available’ and ‘protected’.
In this example, restricted_pages and post_ID are no longer relevant since I’m not restricting based on a custom field.
I would like the restrict_post_deletion function to prevent editing/deleting of posts based on the user ID AND $customstatus == ‘protected’.
The following is not working:
function restrict_post_deletion($post_ID){
$user = get_current_user_id();
$customstatus = get_option('wp_customstatus');
$restricted_users = array(1,2,3,4,5,6,25,54,19);
if(in_array($user, $restricted_users) && $customstatus == 'protected'){
do_action('admin_page_access_denied');
wp_die( __('You cannot modify or delete this entry.') );
}
}
add_action('edit_post', 'restrict_post_deletion', 10, 1);
add_action('before_edit_post', 'restrict_post_deletion', 10, 1);
add_action('wp_trash_post', 'restrict_post_deletion', 10, 1);
add_action('before_delete_post', 'restrict_post_deletion', 10, 1);
Where am I going wrong? Some help would be greatly appreciated.
Through a lot more research and some trial and error, I figured out the correct code to use that will restrict a post from being edited based on the user ID AND a custom meta field.
The first two pieces of code within the function are important for restricting users from editing/deleting base on their user ID.
1
being the primary admin. You can always expand the array to include additional users based on their ID.It’s easier to provide access and block everyone else rather than block certain users. This way new users don’t accidentally get access to editing/deleting specific posts.
In order to grab the information from custom field, you need to define $post, and use the following code to grab the fields from the array.
I adjusted the
if
statement so that rather than restricting certain users, it only allows the users defined by$super_users
using the following code:The code will return the with the
admin_page_access_denied
with a line of text stating that the post cannot be edited or trashed. You then add the following actions for what therestrict_post_deletion
affects.Here is the full code that goes into your themes
functions.php