[Plugin: Front-end Editor] Restrict editing to post author

  • Resolved Jacob Dubail

    (@jacobdubail)


    12 years, 2 months ago

    I’m using a few of your Actions and Filters to limit what can be edited and by whom.

    I’ve adapted the following code:

    function fee_restrict_post_types( $allow, $data ) {

	$allowed_post_types = array( 'lesson-plans' );
	$current_post_type  = get_post_type( $data['post_id'] );

	return $allow && in_array( $current_post_type, $allowed_post_types );
}
add_filter( 'front_end_editor_allow_post', 'fee_restrict_post_types', 10, 2 );

    I want to only allow the posts author to edit, so I made this:

    function fee_specific_author( $allow, $data ) {

	$allowed_authors = array( get_the_author_id() );
	$current_author  = get_post( $data['post_id'] )->post_author;	

	return $allow && in_array( $current_author, $allowed_authors );

}
add_filter( 'front_end_editor_allow_post', 'fee_specific_author', 10, 2 );

    It returns 1, just as the previous function, but when I click “edit”, I get this error:

    Uncaught TypeError: Cannot read property 'error' of null

    Any idea what might be the issue?

    Thanks!

    -Jacob

    http://wordpress.org/extend/plugins/front-end-editor/

Viewing 13 replies - 1 through 13 (of 13 total)
  • Thread Starter Jacob Dubail

    (@jacobdubail)

    12 years, 2 months ago

    Any help?

    I don’t need you to (re)write the code for me. But I would love some help to determine why it isn’t working.

    What should be returned by these functions? fee_restrict_post_types() returns 1, as does fee_specific_author(), when the test passes.

    I really appreciate your help.

    Thanks,
    jacob

    Thread Starter Jacob Dubail

    (@jacobdubail)

    12 years, 2 months ago

    I could really use a little direction. I don’t need much, just a nudge in the right direction.

    Thanks,
    Jacob

    Thread Starter Jacob Dubail

    (@jacobdubail)

    12 years, 2 months ago

    Hey @scribu,

    I’d be happy to send a donation your way for a bit of advice. This is the only thing holding me up from launching a client site.

    Thanks,
    Jacob

    Plugin Author scribu

    (@scribu)

    12 years, 2 months ago

    First of all, that code should be unnecessary. By default, authors are not able to edit other people’s posts.

    Now, the problem is that you use get_the_author_id(), which returns 0 when called via AJAX and doesn’t make sense anyway.

    You should be using get_current_user_id() instead.

    Thread Starter Jacob Dubail

    (@jacobdubail)

    12 years, 2 months ago

    Ah! So I’m only seeing the edit button on other author’s posts because I’m logged in as an admin. I’ll test that right now. Thanks for the pointer 🙂

    -J

    Thread Starter Jacob Dubail

    (@jacobdubail)

    12 years, 2 months ago

    Thanks again for the note.

    We’re using the S2 Members plugin. I’m wondering what the “appropriate capabilities” are for a user to see the editor load?

    -Jacob

    Plugin Author scribu

    (@scribu)

    12 years, 2 months ago

    The exact same capabilities required for them to edit the post in wp-admin.

    Thread Starter Jacob Dubail

    (@jacobdubail)

    12 years, 2 months ago

    Cool. Seems like an issue with S2Members, then. I’d imagine the “edit_posts” capability is present for any S2Member that can author a post, but maybe not…

    Thanks again!

    -J

    Thread Starter Jacob Dubail

    (@jacobdubail)

    12 years, 2 months ago

    On line 97 of post.php we have this:

    function check( $post_id = 0 ) {
		if ( is_array( $post_id ) ) {
			extract( $post_id );
		}

		return current_user_can( 'edit_posts', $post_id );
	}

    S2Members don’t have that capability. So, I edited the function to include their caps:

    function check( $post_id = 0 ) {
		if ( is_array( $post_id ) ) {
			extract( $post_id );
		}

		return ( current_user_can( 'access_s2member_level3', $post_id ) || current_user_can( 'access_s2member_level4', $post_id ) || current_user_can( 'edit_posts', $post_id ) );
	}

    But, now the level3 and level4 users can edit any post. This isn’t locked down to the specific post author.

    Thoughts?

    -J

    [Please post code or markup snippets between backticks or use the code button.]

    Plugin Author scribu

    (@scribu)

    12 years, 2 months ago

    That line actually reads return current_user_can( 'edit_post', $post_id );, where ‘edit_post’ (not ‘edit_posts’) is a meta capability. Look it up.

    Thread Starter Jacob Dubail

    (@jacobdubail)

    12 years, 2 months ago

    Right, so my copy/paste skills suck… shoot me.

    The codex lists edit_posts, not edit_post as a capability: http://i.imgur.com/53oYP.png

    Either way, my S2 Member levels don’t get that capability.

    So, I did the old $role->add_cap('edit_posts') after grabbing the S2Member role I needed to edit. Still no dice. Now this role can’t edit any post on the front end whether it’s the author or not.

    Plugin Author scribu

    (@scribu)

    12 years, 2 months ago

    ‘meta capability’ – that’s what I meant you should look up.

    Also, you want ‘edit_published_posts’.

    Also, this is my last reply. This is obviously not about Front-end Editor anymore.

    Thread Starter Jacob Dubail

    (@jacobdubail)

    12 years, 2 months ago

    edit_published_posts is exactly what I needed! Thanks.

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘[Plugin: Front-end Editor] Restrict editing to post author’ is closed to new replies.