Hi
I have a team of editors for my website, but I want to completely restrict the access to ACF for them.
Can you help advise please? The editor role works well for my team in terms of managing writers and rather than create a custom role, I want to remove/restrict access to ANY of the backend ACF pages and stop them from adding/editing any fields.
Note: I do have User Role Editor Premium which I am using to ‘hide’ the menu, but I would much prefer to completely stop them from accessing the page.
Any advice please?
Thanks
Hi @codynew
Thank you for the question.
You can make use of the acf/settings filter to restrict the number of people who can edit the ACF fields.
The code will look as follows:
add_filter('acf/settings/show_admin', 'my_acf_show_admin');
function my_acf_show_admin($show) {
// provide a list of usernames who can edit custom field definitions here
$admins = array(
'user_name_1', 'user_name_2'
);
// get the current user
$current_user = wp_get_current_user();
return (in_array($current_user->user_login, $admins));
}
I thought at one time this setting disabled the editing capability of acf field groups but it only seems to hide and show the admin menu node.
I am still able to go directly to the acf-field-group admin screens at wp-admin/edit.php?post_type=acf-field-group. Is there a way to disable these from being public?
Hi @dylanjameswagner
In this case, you can use the acf/settings/capability hook instead like this:
function my_acf_settings_capability( $path ) {
return 'administrator';
}
add_filter('acf/settings/capability', 'my_acf_settings_capability');
This page should give you more idea about it: https://www.advancedcustomfields.com/resources/acfsettings/.
I hope this helps 🙂
Hi @james @dylanjameswagner – your posted link is dead – do you have an updated one, please?
Is there a way to restrict the editing of specific ACF fields — in particular, just the ones I create in my theme or plugin? I have a theme I support on single and multisite networks, and using this approach lets me make sure individual site admins can’t mess up the JSON ACF field definitions in multisite networks, but it also is a pretty big hammer — it blocks site-level admins on multisite networks from editing any ACF field groups at all, even if other plugins/local custom work is intended to be done in the ACF GUI.
Have you ever considered extending the ACF JSON feature so that on multisite networks, it would allow changes to ACF Field Groups that would be site specific, and not network wide, at least as an option? I could see this just extending the current approach, by creating site-id based subfolders in the ACF-JSON folder, and then reading/writing changes done at the local site level to those JSON files, and only let the network admin make changes that would be applied to the core JSON files.
