IT Nursery
  • 1010 Avenue of the Moon
    New York, NY 10018 US.
  • Mon - Sat 8.00 - 18.00
    Sunday: Closed
  • Get A Quote
  • WordPress

    • Capability to edit own posts and not others

    • IT Nursery
    • May 13, 2022
    • 0

    What is the capability that let users to edit their own posts and not others? I am trying to enable the post authors to avail a plugin function only on the posts they own.

    The permission to access the option should be only to that particular post authors and even the editors shouldn’t have access. Next to the post authors, only the administrator should have the access.

    The plugin’s code has:

    function init()
{
    // must be logged in
    if( is_user_logged_in() )
    {
        // actions
        add_action('admin_head', array($this,'admin_head'));
        add_action('admin_menu', array($this,'admin_menu'));


        add_action('wp_enqueue_scripts', array($this,'wp_enqueue_scripts'));
        add_action('wp_head', array($this,'wp_head'));
        add_action('wp_footer', array($this,'wp_footer'));
        add_action('wp_ajax_live_edit_update_width', array($this, 'ajax_update_width'));
    }
}

    I have edited the plugin file to change the capabilities(line 79). 

        function init()
    {
        // must be logged in
if( is_user_logged_in() && current_user_can('author') || current_user_can('administrator'))
        {
            // actions
            add_action('admin_head', array($this,'admin_head'));
            add_action('admin_menu', array($this,'admin_menu'));


            add_action('wp_enqueue_scripts', array($this,'wp_enqueue_scripts'));
            add_action('wp_head', array($this,'wp_head'));
            add_action('wp_footer', array($this,'wp_footer'));
            add_action('wp_ajax_live_edit_update_width', array($this, 'ajax_update_width'));
        }
    }

    Now, only the post authors and administrators have access to it. But I want to replace current_user_can('author') to a capability which lets the author’s to edit their own post and not others. The capabilities like edit_posts or edit_published_posts gives access to all the posts.

    Could any one tell me about a capability which enable users to edit their own posts and not others? Also let me know if the way I used is right. if( is_user_logged_in() && current_user_can('author') || current_user_can('administrator'))

    Here is the plugin’s code: http://pastebin.com/m1E9QthM. Link to the original plugin is- http://wordpress.org/support/plugin/live-edit

    4 Answers
    4

    The capabilities that you are trying to restrict are

    • delete_others_posts
    • edit_others_posts

    Apart from Super Admin and Administrator, the only Role that have these permission is Editor. So, removing these capabilities from Editor should accomplish this.

    /**
 * Remove capabilities from editors.
 *
 * Call the function when your plugin/theme is activated.
 */
function wpcodex_set_capabilities() {

    // Get the role object.
    $editor = get_role( 'editor' );

    // A list of capabilities to remove from editors.
    $caps = array(
        'delete_others_posts',
        'edit_others_posts',
    );

    foreach ( $caps as $cap ) {

        // Remove the capability.
        $editor->remove_cap( $cap );
    }
}
add_action( 'init', 'wpcodex_set_capabilities' );

    You should only run this code during a plugin or theme activation. From Codex

    Note: This setting is saved to the database (in table wp_options, field ‘wp_user_roles’), so you should run this only once, on theme/plugin activation and/or deactivation.

    Tags:

    Leave a Reply

    Your email address will not be published. Required fields are marked *