current_user_can( string $capability, mixed $args )

Returns whether the current user has the specified capability.


Description Description

This function also accepts an ID of an object to check against if the capability is a meta capability. Meta capabilities such as edit_post and edit_user are capabilities used by the map_meta_cap() function to map to primitive capabilities that a user or role has, such as edit_posts and edit_others_posts.

Example usage:

current_user_can( 'edit_posts' );
current_user_can( 'edit_post', $post->ID );
current_user_can( 'edit_post_meta', $post->ID, $meta_key );

While checking against particular roles in place of a capability is supported in part, this practice is discouraged as it may produce unreliable results.

Note: Will always return true if the current user is a super admin, unless specifically denied.

See also See also


Top ↑

Parameters Parameters

$capability

(string) (Required) Capability name.

$args

(mixed) (Optional) further parameters, typically starting with an object ID.


Top ↑

Return Return

(bool) Whether the current user has the given capability. If $capability is a meta cap and $object_id is passed, whether the current user has the given meta capability for the given object.


Top ↑

Source Source

File: wp-includes/capabilities.php

function current_user_can( $capability, ...$args ) {
	$current_user = wp_get_current_user();

	if ( empty( $current_user ) ) {
		return false;
	}

	return $current_user->has_cap( $capability, ...$args );
}


Top ↑

Changelog Changelog

Changelog
Version Description
5.3.0 Formalized the existing and already documented ...$args parameter by adding it to the function signature.
2.0.0 Introduced.

Top ↑

User Contributed Notes User Contributed Notes

  1. Skip to note 2 content
    Contributed by Jacob Peattie

    Note: Will always return true if the current user is a super admin, unless specifically denied.

    This note is a bit misleading. Explicitly denying the capability by using $user->add_cap( 'capability', false ) will not work. The only way to explicitly deny a capability for super admins is to use the map_meta_cap filter to return do_not_allow for checks for that capability.

  2. Skip to note 4 content
    Contributed by Ahir Hemant

    If you want to check more than two roles, you can check if the roles of the current user is inside an array of roles, something like:

    $user = wp_get_current_user();
    $allowed_roles = array( 'editor', 'administrator', 'author' );
    if ( array_intersect( $allowed_roles, $user->roles ) ) {
       // Stuff here for allowed roles
    }
  3. Skip to note 5 content
    Contributed by Andrija Naglic

    The old Codex says current_user_can( $capability , $object_id ); but there’s no parameter $object_id in the head title on this page, even though it is listed in the Parameters section.

You must log in before being able to contribute a note or feedback.