Support

Account

Home Forums Backend Issues (wp-admin) Backend shows information only of own user

Solved

Backend shows information only of own user

  • Hi,
    I want to show in backend only own information, that includes CPT & ACF.
    Before the change of this forum, I saw a similar topic: http://support.advancedcustomfields.com/discussion/6459/restrict-post-object-selection-only-to-the-author
    But now the page is not found and can’t consult it.
    I thought this could be enough, but not work correctly:

    
    add_action( 'pre_get_posts', 'filtre');
    function filtre($query) {
    	//global $user_ID;
    	global $current_user;
    	if( !is_admin() ) {
    		//$query->set('author',  $user_ID);
    		$query->set('author',$current_user->id);
     	}
    	return $query;
    }
    

    I create a author user demo, and this user can see all the CPT (but not edit), this is correct, but it could be fantastic to only show the posts wich is owner.
    The problem continues when I create a new CPT, because I can use the ACF that wore created by others (it could be problematic).
    There’s a way to restrict the backend only for own users?
    Thanks a lot!!

  • Check it out – just throw “old.” in front of the url to get to the old forums!

    http://old.support.advancedcustomfields.com/discussion/6459/restrict-post-object-selection-only-to-the-author

    Not sure about your actual question though… will get back to you on that one.

  • So the linked post talks about limiting the results of post relationship custom field objects. This loop can be accessed and modified via AJAX hook path like so:

    function my_post_object_query( $args, $field, $post )
    {
        // modify the order
        $user_id = get_current_user_id();
            $args['author'] = $user_id;
        $args['post_type']="business";
    
        // uncomment and test to see all set arguments:
        // echo '<pre>'.print_r($args, true).'</pre>';
    
        return $args;
    }
     
    // filter for every field
    add_filter('acf/fields/post_object/query', 'my_post_object_query', 10, 3);

    Since post relationship field results can be updated dynamically, this should let you restrict the results for every updated display. This particular example limits the results in two ways: by post type “business” and also by current user!

    This is a pretty handy little snippet, I’m hanging on to this guy.

  • Interesting, but this is only for the ACF post object (necessary too in my project).
    What about the list of posts?
    Thanks for the reply!

  • Aha, well in that case you were totally on the right path!

    Filtering by “author” takes a user ID, while filtering by “author_name” will take a text string. Try this:

    add_action( 'pre_get_posts', 'filtre');
    function filtre($query) {
    
    	if( !is_admin() ) {
    		$query->set('author', get_current_user_id() );
     	}
    	return $query;
    }

    Or alternatively, you could get the string name first and filter by “author_name” instead:

        $user = wp_get_current_user();
        $query->set('author_name', $user->data->user_nicename );
    
  • Hi,
    not working. 🙁
    Scenario:
    I have 2 users (user1,user2), Rol Author.
    The user1 has created a CPT restaurant called rest1, and when I log into a Backend with user2 I can edit rest1. :S
    I’ve tried all the combinations:

    
    add_action( 'pre_get_posts', 'filtre');
    function filtre($query) {
    	 //tried option 0
            //global $user_ID;
     	//tried option 1
            //global $current_user;
     	if( !is_admin() ) {
                    $query->set('author', get_current_user_id());
    		 //tried option 0
                    //$query->set('author',  $user_ID);
     		 //tried option 1
                    //$query->set('author',$current_user->id);
                    //tried option 2
                    //$user = wp_get_current_user();
                    //$query->set('author_name', $user->data->user_nicename );
    	}
    	
    	return $query;
    }
    

    I don’t know whatelse.
    Help please!
    Thanks!

  • Seems to work for me, let’s keep troubleshooting! Have you tried entering user ID numbers directly into the $current_user->id and get_current_user_id() locations?

  • I’m trying now.
    user1 -> user_id=3
    user2 -> user_id=5
    Have you create a CPT row with user1, and log into with user2, and you don’t see the CPT row?
    Did you mean this?

    
    $query->set('author', 5);
    

    Or you see the CPT row but you can’t edit?
    Because I have various CPT, and with a CPT that I create automatically, I see de results but I can’t edit, but with a CPT that I create manually, I can edit the result. What I’m doing wrong?

  • It seems was a cache problem!!
    And to continue with the restriction.
    What about filter the media?
    Something like this, but not working yet

    
    function ik_eyes_only( $wp_query ) { 
    	if ( strpos( $_SERVER[ 'REQUEST_URI' ], '/wp-admin/upload.php' ) !== false || strpos( $_SERVER[ 'REQUEST_URI' ], '/wp-admin/edit.php' ) !== false ) { 
    		if ( !current_user_can( 'level_5' ) ){ 
    			global $current_user; 
    			$wp_query->set( 'author', $current_user->id ); 
    		} 
    	} 
    }
    add_filter('parse_query', 'ik_eyes_only' );
    

    Thanks a lot!

  • Wow, no kidding… I’ve had my fair share of those, that’s for sure. Good to hear that you made some progress! Filtering works properly now?

  • Yes, this works for me. The cache made me crazy!

    
    add_action( 'pre_get_posts', 'filtre');
    function filtre($query) {
    	global $user_ID;
    	//global $current_user;
    	if( !is_admin() ) {
    		$query->set('author',  $user_ID);
    		//$query->set('author',$current_user->id);
    	}
    	
    	return $query;
    }
    

    Now I’m gonna try to filter the media, taxonomies and ACF. Will see if there’s a problems!

  • Awesome! Don’t forget that you can make your own permission checks with http://wordpress.org/plugins/user-role-editor/… so instead of checking for current_user_can('level_5') you could do something like current_user_can('browse_media') – and then you can assign that permission to any role you wish!

  • A quick snippet for you:

    add_action( 'pre_get_posts', 'filtre');
    function filtre($query) {
       //echo '<pre>'.print_r($query->query_vars['post_type'], true).'</pre>';
    
        switch($query->query_vars['post_type']){
    
            
            case 'attachment':  // Media library
                if( current_user_can('manage_own_media') ) $query->set('author', get_current_user_id() );
                break;
            
            case 'post':        // Posts
                if( current_user_can('manage_own_posts') ) $query->set('author', get_current_user_id() );
                break;
    
            case 'page':        // Pages
                if( current_user_can('manage_own_pages') ) $query->set('author', get_current_user_id() );
                break; 
                
       } // switch post_type
        
        return $query;
    }

    Of course this is assuming that there are custom permissions set up using the User Role Editor!

  • Thanks emcniece! You made me see the light! 😉

  • Cheers 🙂

Viewing 15 posts - 1 through 15 (of 15 total)

You must be logged in to reply to this topic.

We use cookies to offer you a better browsing experience, analyze site traffic and personalize content. Read about how we use cookies and how you can control them in our Cookie Policy. If you continue to use this site, you consent to our use of cookies.