Is it possible to allow guests (logged-out users) to create their own term in custom taxonomy when using the acf_form() which basically creates a new custom post?
The + icon is only visible to logged in users so far.
Short answer is no.
WP requires some permission set capabilities of the taxonomy to add terms. Since the user is not logged in they have no permissions. I’m not 100% sure what capability this is tied to, I think it is ‘manage_terms’ and by default this is tied to the ‘manage_categories’ permission.
It may be possible to use the user_has_cap filter to allow a logged out user to have this permission, but I can find no specific information on this. I would start digging deeper here.
I’m trying to do the same thing, but have a different problem I’d like to solve before digging into the capabilities. When I click the “add new taxonomy” plus button I get a popup with a form to add a new one, but when I submit that form, it also submits the main “new post” form on the page. Any ideas?
This seems like a bug. If I add a random submit button outside of the acf_form() somewhere on the page it submits the acf form.
I figured out how to do this but do not recommend it. A better way would be to add an “other” option which reveals a text field and then use the acf/save_post action to add the content of the text field as a new taxonomy term.
Here is the process to solve the originally asked problem. Start by creating a user named “Website Visitor” or similar with Subscriber-level access. Then integrate the following code.
// Allow all users, even non-signed in users to manage categories/taxonomies
add_filter( 'user_has_cap', 'custom_allow_all_edit_tax');
function custom_allow_all_edit_tax($allcaps){
$allcaps['manage_categories'] = true;
return $allcaps;
}
// Set the user to your manually created "Website Visitor" user with Subscriber-level access
add_action('after_setup_theme', 'custom_set_user_website_visitor');
function custom_set_user_website_visitor(){
// You will want to check if the user is not logged in already before modifying the user here
wp_set_current_user(#); // Your Website Visitor's user number
}
@marcguay I would not recommend that solution either, specifically because it gives all website visitors subscriber access. There are many vulnerabilities found every day that are only an issue when an authorized user with subscriber access or above is logged in and this makes all visitors authorized users.
I failed to mention what you call the correct way in my first reply, and that is the way I would do it.
I would only add that you could use acf/prepare_field filters on both fields to 1) Remove the “other” option for logged in users and 2) remove the extra text field for logged in users.
loggedin.png.png
logged-out.p....png
