I am working on a WordPress plugin that stores login information for websites and online services. I could use LastPass or 1Password for this, but:
- I don’t like the idea of shelling out extra money any time a member of my team needs access to a password.
- I like to control my own data.
- It is more fun to do it in WordPress.
I should note that I do use 1Password on my local machine to help me remember all of my logins. It is great for that.
Goal
My goal was to allow the admins the ability to grant specific users “view” privileges on a page-by-page basis
How I Did It
I considered a number of options when I got started:
- Advanced Custom Fields (ACF)
- Members plugin
- Wishlist Member (or another plugin like this)
I ended up going with Advanced Custom Fields’ “User” field. I would have rather gone with the Members plugin, but I was having problems getting it to respect my custom filters on the_content. Wishlist Member (and similar) are simply too bloated for my taste.
It took me a while to figure out how to grab the user data out of the ACF “User” field. That plugin is awesome, but sometimes documentation is lacking… Thankfully, support for the plugin is out of this world!
See my final code solution below:
function does_user_have_access($content) {
// Grab the current user's info so that we can compare it to the "allowed" users from the ACF "User" field later.
$current_user = wp_get_current_user();
// Store the ACF "User" info
$values = get_field('user_info');
if($values) {
// Create an array of users that will be able to access the page from the ACF "User" field
$users_that_can_access_this_post = array();
foreach($values as $value) {
$user_IDs_that_can_access_this_post[] = $value['ID'];
}
// Check to see if the current user is in the "User" field's array
if (in_array($current_user--->ID, $user_IDs_that_can_access_this_post, false) || current_user_can( 'manage_options' )) {
// Display the post
display_all_acf_fields();
} else {
// Hide the post content if the user is not in the ACF "User" array
echo 'You do not have access to this post. Please let Toby know if you do, indeed, need access.' . edit_post_link('Edit', '', ' ');
}
} else {
// Display something if a post has no users set
echo 'Please set the user restriction on this post.' . edit_post_link('Edit', '', ' ');
die();
}
return $content;
}
Pretty nifty, eh?
Got any thoughts or ideas on how I can improve the above code? I would love to hear them! Please post a comment below if you have an idea.
Thanks!
More posts from themightymo.com
My WordPress Maintenance Process
A few quick things: My WordPress Maintenance Process Demo, Part 1 Transcript: You’ll see immediately after logging in, you see the 11 updates needed as well as some messages. I’m just gonna quickly read. It looks like this. I don’t need to worry about. Are you enjoying Monster Insights? Not really <laugh>. What’s to enjoy…
How to style FacetWP checkbox hierarchy results using jQuery
I recently invested many hours trying to target and style a FacetWP taxonomy facet that uses hierarchy for display. It should be noted that you can use straight up CSS for some styling (and should use css wherever possible), but sometimes you need javascript to target parent elements and such. I thought I’d document the…
How to fix SpinupWP ballooning disk space issue
A site we host on Digital Ocean recently went down. It took me a lot of troubleshooting and digging before realizing that the issue was that our disk space was maxed out on Digital Ocean. The site in question needs ~20gb of space, so our 50gb server should be plenty. But alas, there it was…