科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>hooks - Filter dashboard custom post listing by user

    hooks - Filter dashboard custom post listing by user

    programmeradmin0浏览0评论

    Did some research, but I was unable to implement it after all.

    I have a custom post type accessible only by a new role. I want to filter the post type listing so that each user should see only his records (as Author users can see their posts only). I've tried to filter parse_query but it works for the main listing only (still I can see other records).

    Which is the correct filter to use in order to prevent malicious users to list others' records?

    Tried with pre_get_posts as well, but still I can see other users' posts.

    Which is the correct filter to use for general separation of post objects per user?

    Did some research, but I was unable to implement it after all.

    I have a custom post type accessible only by a new role. I want to filter the post type listing so that each user should see only his records (as Author users can see their posts only). I've tried to filter parse_query but it works for the main listing only (still I can see other records).

    Which is the correct filter to use in order to prevent malicious users to list others' records?

    Tried with pre_get_posts as well, but still I can see other users' posts.

    Which is the correct filter to use for general separation of post objects per user?

    • filters
    • hooks
    • user-roles
    Share Improve this question asked Jan 12, 2012 at 12:14 Mario PeshevMario Peshev 4661 gold badge5 silver badges12 bronze badges
    Add a comment  | 

    2 Answers 2

    Reset to default 0

    pre_get_posts is correct.

    the code from will prevent any non-admin from seeing anyone else's posts.

    http://blog.rutwick/display-only-the-posts-authored-by-the-current-wp-user-on-the-posts-page-in-the-back-end

    to limit that to only 1 post type you'd add in one more condition and check $typenow == 'your_custom_post_type':

    add_action('pre_get_posts', 'filter_posts_list');
function filter_posts_list($query)
{
    //$pagenow holds the name of the current page being viewed
     global $pagenow, $typenow;  

    //$current_user uses the get_currentuserinfo() method to get the currently logged in user's data
     global $current_user;
     get_currentuserinfo();

        //Shouldn't happen for the admin, but for any role with the edit_posts capability and only on the posts list page, that is edit.php
        if(!current_user_can('administrator') && current_user_can('edit_posts') && ('edit.php' == $pagenow) &&  $typenow == 'your_custom_post_type')
     { 
        //global $query's set() method for setting the author as the current user's id
        $query->set('author', $current_user->ID);
        }
}

    This is not promotion, but I resolve it with This plugin: https://www.role-editor/documentation/content-view-restrictions/

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论