apply_filters( 'user_has_cap', bool[] $allcaps, string[] $caps, array $args, WP_User $user )

Dynamically filter a user’s capabilities.

Contents

Parameters

$allcaps bool[]
Array of key/value pairs where keys represent a capability name and boolean values represent whether the user has that capability.
$caps string[]
Required primitive capabilities for the requested capability.
$args array
Arguments that accompany the requested capability check.
  • string
    Requested capability.
  • 1 int
    Concerned user ID.
  • ...$2 mixed
    Optional second and further parameters, typically object ID.
$user WP_User
The user object.

Top ↑

More Information

Passing in a numeric value to WP_User::has_cap() object has been deprecated. Passing a numeric value will generate a deprecated option warning if debugging mode is enabled via wp_config.php:

Usage of user levels by plugins and themes is deprecated. Use roles and capabilities instead.

This will occur if a plugin or a theme calls has_cap directly. The plugin or theme needs to be updated to use the new roles and capabilities classes.

Top ↑

Source

File: wp-includes/class-wp-user.php. View all references 

$capabilities = apply_filters( 'user_has_cap', $this->allcaps, $caps, $args, $this );

View on Trac View on GitHub

Top ↑

Top ↑

Changelog

Changelog
Version Description
3.7.0 Added the $user parameter.
2.0.0 Introduced.

Top ↑

User Contributed Notes

  1. Skip to note 1 content
    You must log in to vote on the helpfulness of this noteVote results for this note: 2You must log in to vote on the helpfulness of this note
    Contributed by Mayeenul Islam 
    /**
 * author_cap_filter()
 *
 * Filter on the current_user_can() function.
 * This function is used to explicitly allow authors to edit contributors and other
 * authors posts if they are published or pending.
 *
 * @param array $allcaps All the capabilities of the user
 * @param array $cap     [0] Required capability
 * @param array $args    [0] Requested capability
 *                       [1] User ID
 *                       [2] Associated object ID
 */
function author_cap_filter( $allcaps, $cap, $args ) {

	// Bail out if we're not asking about a post:
	if ( 'edit_post' != $args[0] )
		return $allcaps;

	// Bail out for users who can already edit others posts:
	if ( $allcaps['edit_others_posts'] )
		return $allcaps;

	// Bail out for users who can't publish posts:
	if ( !isset( $allcaps['publish_posts'] ) or !$allcaps['publish_posts'] )
		return $allcaps;

	// Load the post data:
	$post = get_post( $args[2] );

	// Bail out if the user is the post author:
	if ( $args[1] == $post->post_author )
		return $allcaps;

	// Bail out if the post isn't pending or published:
	if ( ( 'pending' != $post->post_status ) and ( 'publish' != $post->post_status ) )
		return $allcaps;

	// Load the author data:
	$author = new WP_User( $post->post_author );

	// Bail out if post author can edit others posts:
	if ( $author->has_cap( 'edit_others_posts' ) )
		return $allcaps;

	$allcaps[$cap[0]] = true;

	return $allcaps;

}
add_filter( 'user_has_cap', 'author_cap_filter', 10, 3 );

You must log in before being able to contribute a note or feedback.