Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Use CPT caps for field groups #211
I'm creating a plugin that bridges the Members role editor and ACF. One of the issues I've run into is that ACF hardcodes
Instead, it should use
The biggest place this is an issue is in the
Instead of checking the ACF cap, it should check
I've managed to code a workaround by filtering the capability setting and faking it during this callback and removing the filter afterward. However, that's not future proof and could fall apart whenever there's an update to the underlying ACF code to do the same cap check elsewhere.
Ideally, any action that a user could take when editing or deleting either a field group or a field itself would be tied directly into the CPT caps for these two post types. By default, ACF could set all of its CPT caps to
Doing this wouldn't change how ACF works internally. However, it'd make it flexible enough for third-party developers to do some really cool stuff with caps.
I'd be happy to look over any work with this if you decide to make the changes.
Quick example of doing this during the CPT registration process:
$cap = acf_get_setting( 'capability' ); register_post_type( 'acf-field-group', [ 'map_meta_cap' => true, 'capabilities' => [ // meta caps (don't assign these to roles) 'edit_post' => 'edit_acf_field_group', 'read_post' => 'read_acf_field_group', 'delete_post' => 'delete_acf_field_group', // primitive caps 'create_posts' => $cap, 'edit_posts' => $cap, 'edit_others_posts' => $cap, 'publish_posts' => $cap, 'read_private_posts' => $cap, 'read' => 'read', 'delete_posts' => $cap, 'delete_private_posts' => $cap, 'delete_published_posts' => $cap, 'delete_others_posts' => $cap, 'edit_private_posts' => $cap, 'edit_published_posts' => $cap ] ] );
The "active" status for a field group should only be available to users who can
One other extra note:
This is also an issue with the admin menus added by the plugin:
The only way to change the capability for them individually is to unregister the menus and re-add them. By using the CPT caps for
Thanks for the topic and code examples.
I'll add this to my to-do list, which is unfortunately a little bloated at the moment, but I'll try to prioritize it.
I'll also need to freshen up on capabilities too. Can you elaborate a little more about the
Sure thing. I'm going to just run through a quick tutorial of the cap system in WordPress, which really isn't well documented.
There are two types of caps in WordPress:
The reason we want to set
An example of how this works:
When checking if a user can edit a post, WordPress checks
At that point, WP runs through a series of conditionals that look sort of like:
Depending on the scenario, the user may need 1-4 different primitive caps.
Of course, in your case, all of this could just map back to