Struggling with capabilities filter

David F. Carr

2013-12-28 22:38:27 UTC

never mind

turns out my mistake was relying on the post id to be passed the $args[2]
as indicated by the example code from the Codex. Looks like usually it is,
but not in the case of an update to a post. So I had to use the global
$post and $post->ID instead.

Post by David F. Carr
I'm struggling with a function for my RSVPMaker events scheduling plugin
that is supposed to allow users who to delegate other users to be
collaborators on an rsvpmaker post (an event or event template). In other
words, they grant users who are not otherwise designated as editors editing
rights to specific posts.
I have this working to the point where these "additional editors" can open
a post for editing. However, when an update is posted, I get a an error: *You
are not allowed to edit posts as this user*
The filter function appears to be adding the necessary capabilities,
enough to fool me into thinking I had this solved several times over.
My filter function is loosely based on the example from the codex
http://codex.wordpress.org/Plugin_API/Filter_Reference/user_has_cap
add_filter( 'user_has_cap', 'rsvpmaker_cap_filter', 10, 3 );
function rsvpmaker_cap_filter( $allcaps, $cap, $args ) {
if(!rsvpmaker_cap_filter_test($cap[0])) // only filter for rsvpmaker
capabilities
return $allcaps;
global $eds;
$user = $args[1];
$post_id = $args[2];
if($allcaps[$cap[0]]) // if already true
return $allcaps;
if(!$eds[$post_id])
$eds[$post_id] = get_additional_editors($post_id);
if(!$eds[$post_id])
return $allcaps;
if( in_array($user,$eds[$post_id]) )
{
foreach($cap as $value)
$allcaps[$value] = true;
}
return $allcaps;
}
I traced the error message to this routine in post.php and specifically to
a current_user_can test for the 'edit_others_rsvpmakers' capability.
if ( isset( $post_data['user_ID'] ) && ( $post_data['post_author'] !=
$post_data['user_ID'] )
&& *! current_user_can( $ptype->cap->edit_others_posts ) *) {
if ( $update ) {
if ( 'page' == $post_data['post_type'] )
return new WP_Error( 'edit_others_pages', __( 'You are not allowed to edit
pages as this user.' ) );
else
* return new WP_Error( 'edit_others_posts', __( 'You are not allowed to
edit posts as this user.' ) );*
} else {
if ( 'page' == $post_data['post_type'] )
return new WP_Error( 'edit_others_pages', __( 'You are not allowed to
create pages as this user.' ) );
else
return new WP_Error( 'edit_others_posts', __( 'You are not allowed to
create posts as this user.' ) );
}
}
By adding some debug code into my filter function and to post.php, I
* In my filter function, $allcaps["edit_others_rsvpmakers"] is set to 1
before $allcaps is returned
* $ptype->cap->edit_others_posts evaluates to 'edit_others_rsvpmakers'
* current_user_can($ptype->cap->edit_others_posts) does not return either
1 or 0 - it doesn't appear to return anything.
The debug code inserted into post.php looks like this
$hascap = current_user_can( $ptype->cap->edit_others_posts );
print_r($hascap);
where the $hascap output should be, there's nothing so does that mean it's
not returning anything as opposed to returning NULL?
At any rate, I've been beating my head against this for hours and could
use some help.
Where am I screwing up? Or what am I not understanding?
--
David F. Carr
Author, Social Collaboration for Dummies
http://www.wiley.com/buy/9781118658543
LinkedIn - http://www.linkedin.com/in/davidfcarr
Facebook - http://www.facebook.com/carrcomm

--
David F. Carr
Author, Social Collaboration for Dummies
http://www.wiley.com/buy/9781118658543
InformationWeek http://www.informationweek.com/authors/David-Carr

***@carrcommunications.com

Direct: (954) 757-5827
Mobile: (954) 290-6788
LinkedIn - http://www.linkedin.com/in/davidfcarr
Facebook - http://www.facebook.com/carrcomm

David F. Carr
971 NW 124 Ave.
Coral Springs FL 33071-5082