Adding User Rights on the Fly
Usually, role rights are assigned during role registration, and additional rights for individual users can be added using the User Role Editor plugin. However, in this case, the data is added to the database, which is not always convenient - sometimes dynamic changes are needed.
Sometimes it's more convenient to assign rights to a role on the fly. For example, on a new project where rights are constantly added/removed as the project grows, updating rights in the database is inconvenient. Here, you make changes to the code and see immediate results.
Let's consider how to do this using the user_has_cap hook with a simple example. It demonstrates how to add the some_capability
right to a user with ID 5:
add_filter( 'user_has_cap', 'maybe_grant_some_capability_cap', 1, 4 ); function maybe_grant_some_capability_cap( $allcaps, $caps, $args, $user ){ if ( 5 === (int) $user->ID ) { $allcaps['some_capability'] = true; } return $allcaps; }
Now, let's consider a more complex example. This example checks the current user's role and immediately adds new rights (capabilities) to the user's rights list, depending on the user's current role (the user role name is stored in the user's general rights list).
add_filter( 'user_has_cap', 'kama_user_has_cap', 10, 4 ); /** * Changes role capabilities "on the fly". * * @param array $allcaps * @param array $caps * @param array $args * @param WP_User $user * * @return array */ function kama_user_has_cap( $allcaps, $caps, $args, $user ) { // Tracker (unconfirmed) $role = 'project_tracker_fake'; if ( ! empty( $allcaps[ $role ] ) ) { // WordPress $allcaps['read'] = true; } // Project Leader $role = 'project_leader'; if ( ! empty( $allcaps[ $role ] ) ) { // WordPress $allcaps['read'] = true; $allcaps['edit_posts'] = true; $allcaps['edit_published_posts'] = true; // + Expert $allcaps['view_expert_note'] = true; // View Expert metabox $allcaps['view_expert_comment'] = true; // View Expert comment // + Moderator $allcaps['view_moderator_note'] = true; // View Moderator metabox } // Tracker $role = 'project_tracker'; if ( ! empty( $allcaps[ $role ] ) ) { // WordPress $allcaps['read'] = true; $allcaps['edit_posts'] = true; $allcaps['edit_published_posts'] = true; // General $allcaps['view_post_contacts'] = true; // View Contacts metabox // + Expert $allcaps['view_expert_note'] = true; // View Expert metabox $allcaps['view_expert_comment'] = true; // View Expert comment $allcaps['view_expert_rating'] = true; // View Expert rating // + Moderator $allcaps['view_moderator_note'] = true; // View Moderator metabox } // Expert $role = 'project_expert'; if ( ! empty( $allcaps[ $role ] ) ) { // WordPress $allcaps['read'] = true; $allcaps['edit_posts'] = true; $allcaps['delete_others_posts'] = false; $allcaps['edit_others_posts'] = true; // General $allcaps['view_post_contacts'] = true; // View Contacts metabox // + Moderator $allcaps['view_moderator_note'] = true; // View Moderator metabox // Personal $allcaps['view_expert_note'] = true; // View Expert metabox $allcaps['view_expert_comment'] = true; // View Expert comment $allcaps['view_expert_rating'] = true; // View Expert rating $allcaps['add_expert_note'] = true; // Edit Expert metabox $allcaps['add_expert_comment'] = true; // Edit Expert comment $allcaps['add_expert_rating'] = true; // Edit Expert rating } return $allcaps; }
Now you can check, for example, the user's ability to add_expert_rating
like this:
if( current_user_can( 'add_expert_rating' ) ){ echo 'The right is there.'; }