admin管理员组

文章数量:1426929

I'd like to disable access to posts in the back-end/Admin from a user that doesn't have the privilege to view those posts. This will function similar to the Author role however this "privilege" is controlled by an ACF User relationship field and not by a WP Core role or privilege.

One level of complexity deeper, the User relationship field is actually pointing to a parent/grouping custom post type that is then tied to the children post elements I'm attempting to filter. So rather than show just the posts that user has authored, it's also showing posts that others have authored but that they have been granted permission to manage. Let me explain this below...

Custom Post Type: Shoes [shoe]
Custom Post Type: Brands [brand]

  • Let's say you have a "shoe" called "Air Jordans" and you have a "brand" called "Nike".
  • So you create an ACF bidirectional relationship between "Air Jordan" and "Nike".
  • Now let's say you create a user on your site that you want to be able to edit all "Nike" shoes.
  • So you create an ACF User relationship field type in the "brand" post type, and you can assign multiple users to admin that brand.
  • So, when that user logs into the back-end and views all shoes, I want just Nikes shoes to show up and they will have the ability to edit all Nike shoes.

I've built out the logic to handle this on the front-end and it works perfect, and now I'd like to duplicate this on the back-end for filtering there as well. Here's what I built out on the front-end for reference:

$current_user = wp_get_current_user();

/* Get All Brands the Current User can Administer */
$brands_admin_args = array(
  'post_type'   => 'brand',
  'meta_query'  => array(
      array(
          'key'     => 'admins', // This is my ACF User field that tracks brand admins.
          'value'   => '"' . $current_user->ID . '"',
          'compare' => 'LIKE'
      ),
  ),
);
$brands_admin = get_posts($brands_admin_args);


/* Get All Shoes The User Can Administer Based On Each Brand They Can Administer*/
$approved_shoes_args = array(
  'post_type'       => 'shoe',
  'meta_query'      => array(
      'relation'    => 'OR'
  ),
);

foreach ($brands_admin as $ba) {
  array_push($approved_shoes_args['meta_query'], array(
      'key'       => 'shoe_brands', // This is my ACF Relationship field between Shoes and Brands 
      'value'     =>  '"' . $ba->ID . '"',
      'compare'   => 'LIKE'
  ));
}
$approved_shoes = new WP_Query($approved_shoes_args);

I'd like to disable access to posts in the back-end/Admin from a user that doesn't have the privilege to view those posts. This will function similar to the Author role however this "privilege" is controlled by an ACF User relationship field and not by a WP Core role or privilege.

One level of complexity deeper, the User relationship field is actually pointing to a parent/grouping custom post type that is then tied to the children post elements I'm attempting to filter. So rather than show just the posts that user has authored, it's also showing posts that others have authored but that they have been granted permission to manage. Let me explain this below...

Custom Post Type: Shoes [shoe]
Custom Post Type: Brands [brand]

  • Let's say you have a "shoe" called "Air Jordans" and you have a "brand" called "Nike".
  • So you create an ACF bidirectional relationship between "Air Jordan" and "Nike".
  • Now let's say you create a user on your site that you want to be able to edit all "Nike" shoes.
  • So you create an ACF User relationship field type in the "brand" post type, and you can assign multiple users to admin that brand.
  • So, when that user logs into the back-end and views all shoes, I want just Nikes shoes to show up and they will have the ability to edit all Nike shoes.

I've built out the logic to handle this on the front-end and it works perfect, and now I'd like to duplicate this on the back-end for filtering there as well. Here's what I built out on the front-end for reference:

$current_user = wp_get_current_user();

/* Get All Brands the Current User can Administer */
$brands_admin_args = array(
  'post_type'   => 'brand',
  'meta_query'  => array(
      array(
          'key'     => 'admins', // This is my ACF User field that tracks brand admins.
          'value'   => '"' . $current_user->ID . '"',
          'compare' => 'LIKE'
      ),
  ),
);
$brands_admin = get_posts($brands_admin_args);


/* Get All Shoes The User Can Administer Based On Each Brand They Can Administer*/
$approved_shoes_args = array(
  'post_type'       => 'shoe',
  'meta_query'      => array(
      'relation'    => 'OR'
  ),
);

foreach ($brands_admin as $ba) {
  array_push($approved_shoes_args['meta_query'], array(
      'key'       => 'shoe_brands', // This is my ACF Relationship field between Shoes and Brands 
      'value'     =>  '"' . $ba->ID . '"',
      'compare'   => 'LIKE'
  ));
}
$approved_shoes = new WP_Query($approved_shoes_args);
  • filters
  • wp-admin
  • advanced-custom-fields
  • privileges
Share Improve this question asked May 21, 2019 at 13:52 Mike B.Mike B. 1692 silver badges8 bronze badges
Add a comment  | 

2 Answers 2

Reset to default 1

Your best bet is to use the pre_get_posts hook to adjust the query on the admin side.

Your logic is pretty complicated so I won't try to give you a working example but the snippet below will get you started. Basically, you want to be sure your in the admin and managing the main query.

Codex link

add_action( 'pre_get_posts', 'customize_admin_query' );

function customize_admin_query( $wp_query ) {
    if ( $wp_query->is_admin() && $wp_query->is_main_query() ) {
        // do your customizations in here.
    }
}

Taking @Welcher's suggestion of using pre_get_posts, I took my existing code and compiled the following to filter edit.php page for my custom post based on an ACF field granting the current user's access rights:

add_action( 'pre_get_posts', 'customize_products_for_admins' );
function customize_products_for_admins( $wp_query ) {

    if ( is_admin() && $wp_query->is_main_query() && current_user_can('editor') ) { // I know I need more conditional statements here

        $current_user = wp_get_current_user();

        /* Get All Brands the Current User can Administer */
        $brands_admin_args = array(
            'post_type'   => "brand",
            'meta_query'  => array(
                array(
                    'key'     => "admins",
                    'value'   => '"' . $current_user->ID . '"',
                    'compare' => "LIKE"
                ),
            ),
        );
        $brands_admin   = get_posts($brands_admin_args);

        /* Get All Shoes The User Can Administer Based On Each Brand They Can Administer */
        $approved_shoes_args = array(
            'meta_query'      => array(
                'relation'    => "OR"
            ),
        );

        foreach ($brands_admin as $ba) {
            array_push($approved_shoes_args['meta_query'], array(
                'key'       => "shoe_brands", // This is my ACF Relationship field between Shoes and Brands
                'value'     =>  '"' . $ba->ID . '"',
                'compare'   => "LIKE"
            ));
        }
        $wp_query->set('meta_query', $approved_shoes_args);
    }
}

本文标签: filtersHide Posts In BackendAdmin Based On User39s (Pseudo) Privileges Controlled by ACF

版权声明:本文标题:filters - Hide Posts In Back-endAdmin Based On User's (Pseudo) Privileges Controlled by ACF 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1745475163a2659930.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。