WordPress at a glance

current_user_can() WP 1.0

Whether the current user has a specific capability.

While checking against particular roles in place of a capability is supported in part, this practice is discouraged as it may produce unreliable results.

Note: Will always return true if the current user is a super admin, unless specifically denied.

  • See: WP_User::has_cap()
  • See: map_meta_cap()
Is the basis for: get_edit_post_link()
Works based on: WP_User::has_cap()
✈ 1 time = 0.00088s = slow | 50000 times = 0.86s = very fast PHP 7.1.11, WP 4.9.5

No Hooks.

Return

true/false. Whether the current user has the given capability. If $capability is a meta cap and $object_id is passed, whether the current user has the given meta capability for the given object.

Usage

current_user_can( $capability );
$capability(string) (required)
Capability name.
$object_id(int) (required)
ID of the specific object to check against if $capability is a "meta" cap. "Meta" capabilities, e.g. 'edit_post', 'edit_user', etc., are capabilities used by map_meta_cap() to map to other "primitive" capabilities, e.g. 'edit_posts', 'edit_others_posts', etc. Accessed via func_get_args() and passed to WP_User::has_cap(), then map_meta_cap().

Code of current_user_can: wp-includes/capabilities.php VER 4.9.8

<?php
function current_user_can( $capability ) {
	$current_user = wp_get_current_user();

	if ( empty( $current_user ) )
		return false;

	$args = array_slice( func_get_args(), 1 );
	$args = array_merge( array( $capability ), $args );

	return call_user_func_array( array( $current_user, 'has_cap' ), $args );
}

Related Functions

From tag: Roles capabilities

More from tag: Site security (safety)

More from tag: Users (_user)

No comments
    Hello, !     Log In . Register