map_meta_cap [ WordPress Function ]
map_meta_cap ( $cap, $user_id )
| Parameters: |
|
| Returns: |
|
| Defined at: |
|
Map meta capabilities to primitive capabilities.
This does not actually compare whether the user ID has the actual capability, just what the capability or capabilities are. Meta capability list value can be 'delete_user', 'edit_user', 'remove_user', 'promote_user', 'delete_post', 'delete_page', 'edit_post', 'edit_page', 'read_post', or 'read_page'.
Source
<?php
function map_meta_cap( $cap, $user_id ) {
$args = array_slice( func_get_args(), 2 );
$caps = array();
switch ( $cap ) {
case 'remove_user':
$caps[] = 'remove_users';
break;
case 'promote_user':
$caps[] = 'promote_users';
break;
case 'edit_user':
// Allow user to edit itself
if ( isset( $args[0] ) && $user_id == $args[0] )
break;
// Fall through
case 'edit_users':
// If multisite these caps are allowed only for super admins.
if ( is_multisite() && !is_super_admin( $user_id ) )
$caps[] = 'do_not_allow';
else
$caps[] = 'edit_users'; // Explicit due to primitive fall through
break;
case 'delete_post':
case 'delete_page':
$author_data = get_userdata( $user_id );
$post = get_post( $args[0] );
if ( 'revision' == $post->post_type ) {
$post = get_post( $post->post_parent );
}
$post_type = get_post_type_object( $post->post_type );
if ( ! $post_type->map_meta_cap ) {
$caps[] = $post_type->cap->$cap;
// Prior to 3.1 we would re-call map_meta_cap here.
if ( 'delete_post' == $cap )
$cap = $post_type->cap->$cap;
break;
}
if ( '' != $post->post_author ) {
$post_author_data = get_userdata( $post->post_author );
} else {
// No author set yet, so default to current user for cap checks.
$post_author_data = $author_data;
}
// If the user is the author...
if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID ) {
// If the post is published...
if ( 'publish' == $post->post_status ) {
$caps[] = $post_type->cap->delete_published_posts;
} elseif ( 'trash' == $post->post_status ) {
if ('publish' == get_post_meta($post->ID, '_wp_trash_meta_status', true) )
$caps[] = $post_type->cap->delete_published_posts;
} else {
// If the post is draft...
$caps[] = $post_type->cap->delete_posts;
}
} else {
// The user is trying to edit someone else's post.
$caps[] = $post_type->cap->delete_others_posts;
// The post is published, extra cap required.
if ( 'publish' == $post->post_status )
$caps[] = $post_type->cap->delete_published_posts;
elseif ( 'private' == $post->post_status )
$caps[] = $post_type->cap->delete_private_posts;
}
break;
// edit_post breaks down to edit_posts, edit_published_posts, or
// edit_others_posts
case 'edit_post':
case 'edit_page':
$author_data = get_userdata( $user_id );
$post = get_post( $args[0] );
if ( 'revision' == $post->post_type ) {
$post = get_post( $post->post_parent );
}
$post_type = get_post_type_object( $post->post_type );
if ( ! $post_type->map_meta_cap ) {
$caps[] = $post_type->cap->$cap;
// Prior to 3.1 we would re-call map_meta_cap here.
if ( 'edit_post' == $cap )
$cap = $post_type->cap->$cap;
break;
}
if ( '' != $post->post_author ) {
$post_author_data = get_userdata( $post->post_author );
} else {
// No author set yet, so default to current user for cap checks.
$post_author_data = $author_data;
}
//echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />";
// If the user is the author...
if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID ) {
// If the post is published...
if ( 'publish' == $post->post_status ) {
$caps[] = $post_type->cap->edit_published_posts;
} elseif ( 'trash' == $post->post_status ) {
if ('publish' == get_post_meta($post->ID, '_wp_trash_meta_status', true) )
$caps[] = $post_type->cap->edit_published_posts;
} else {
// If the post is draft...
$caps[] = $post_type->cap->edit_posts;
}
} else {
// The user is trying to edit someone else's post.
$caps[] = $post_type->cap->edit_others_posts;
// The post is published, extra cap required.
if ( 'publish' == $post->post_status )
$caps[] = $post_type->cap->edit_published_posts;
elseif ( 'private' == $post->post_status )
$caps[] = $post_type->cap->edit_private_posts;
}
break;
case 'read_post':
case 'read_page':
$author_data = get_userdata( $user_id );
$post = get_post( $args[0] );
if ( 'revision' == $post->post_type ) {
$post = get_post( $post->post_parent );
}
$post_type = get_post_type_object( $post->post_type );
if ( ! $post_type->map_meta_cap ) {
$caps[] = $post_type->cap->$cap;
// Prior to 3.1 we would re-call map_meta_cap here.
if ( 'read_post' == $cap )
$cap = $post_type->cap->$cap;
break;
}
if ( 'private' != $post->post_status ) {
$caps[] = $post_type->cap->read;
break;
}
if ( '' != $post->post_author ) {
$post_author_data = get_userdata( $post->post_author );
} else {
// No author set yet, so default to current user for cap checks.
$post_author_data = $author_data;
}
if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID )
$caps[] = $post_type->cap->read;
else
$caps[] = $post_type->cap->read_private_posts;
break;
case 'edit_post_meta':
case 'delete_post_meta':
case 'add_post_meta':
$post = get_post( $args[0] );
$post_type_object = get_post_type_object( $post->post_type );
$caps = map_meta_cap( $post_type_object->cap->edit_post, $user_id, $post->ID );
$meta_key = isset( $args[ 1 ] ) ? $args[ 1 ] : false;
if ( $meta_key && has_filter( "auth_post_meta_{$meta_key}" ) ) {
$allowed = apply_filters( "auth_post_meta_{$meta_key}", false, $meta_key, $post->ID, $user_id, $cap, $caps );
if ( ! $allowed )
$caps[] = $cap;
} elseif ( $meta_key && is_protected_meta( $meta_key, 'post' ) ) {
$caps[] = $cap;
}
break;
case 'edit_comment':
$comment = get_comment( $args[0] );
$post = get_post( $comment->comment_post_ID );
$post_type_object = get_post_type_object( $post->post_type );
$caps = map_meta_cap( $post_type_object->cap->edit_post, $user_id, $post->ID );
break;
case 'unfiltered_upload':
if ( defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS && ( !is_multisite() || is_super_admin( $user_id ) ) )
$caps[] = $cap;
else
$caps[] = 'do_not_allow';
break;
case 'unfiltered_html' :
// Disallow unfiltered_html for all users, even admins and super admins.
if ( defined( 'DISALLOW_UNFILTERED_HTML' ) && DISALLOW_UNFILTERED_HTML )
$caps[] = 'do_not_allow';
else
$caps[] = $cap;
break;
case 'edit_files':
case 'edit_plugins':
case 'edit_themes':
if ( defined('DISALLOW_FILE_EDIT') && DISALLOW_FILE_EDIT ) {
$caps[] = 'do_not_allow';
break;
}
// Fall through if not DISALLOW_FILE_EDIT.
case 'update_plugins':
case 'delete_plugins':
case 'install_plugins':
case 'update_themes':
case 'delete_themes':
case 'install_themes':
case 'update_core':
// Disallow anything that creates, deletes, or edits core, plugin, or theme files.
// Files in uploads are excepted.
if ( defined('DISALLOW_FILE_MODS') && DISALLOW_FILE_MODS ) {
$caps[] = 'do_not_allow';
break;
}
// Fall through if not DISALLOW_FILE_MODS.
case 'delete_user':
case 'delete_users':
// If multisite these caps are allowed only for super admins.
if ( is_multisite() && !is_super_admin( $user_id ) ) {
$caps[] = 'do_not_allow';
} else {
if ( 'delete_user' == $cap )
$cap = 'delete_users';
$caps[] = $cap;
}
break;
case 'create_users':
if ( !is_multisite() )
$caps[] = $cap;
elseif ( is_super_admin() || get_site_option( 'add_new_users' ) )
$caps[] = $cap;
else
$caps[] = 'do_not_allow';
break;
default:
// Handle meta capabilities for custom post types.
$post_type_meta_caps = _post_type_meta_capabilities();
if ( isset( $post_type_meta_caps[ $cap ] ) ) {
$args = array_merge( array( $post_type_meta_caps[ $cap ], $user_id ), $args );
return call_user_func_array( 'map_meta_cap', $args );
}
// If no meta caps match, return the original cap.
$caps[] = $cap;
}
return apply_filters('map_meta_cap', $caps, $cap, $user_id, $args);
}
?>
Examples [ wp-snippets.com ]
Top Google zoekresultaten
- 3.0 - What Is The Use Of map_meta_cap Filter? - WordPress - Stack ...
Sep 12, 2010 ... This filter allows you to extend the map_meta_cap() function. This function is called by WP_User->has_cap() to convert a meta capability to one ...
wordpress.stackexchange.com - Function Reference/map meta cap « WordPress Codex
Description. Map meta capabilities to primitive capabilities. This does not actually compare whether the user ID has the actual capability, just what the capability ...
codex.wordpress.org - #12109 (map_meta_cap doesnt work for multisite superadmins ...
However, Thats not always the case, Take the 'create_users' value for example, It' ll exist for super admin. you see, Theres a slight issue in that map_meta_cap is ...
core.trac.wordpress.org - map_meta_cap Wordpress hook details -- Adam Brown, BYU ...
Detailed information about every action hook and filter used in WordPress. Makes Plugin API easier to use. Lists appearance, file location, and deprecation data ...
adambrown.info
