Filter uncanny-learndash-groups

group_management_edit_user_permission

Filters whether a user can edit group permissions, allowing modification of the group_leader parameter.

add_filter( 'group_management_edit_user_permission', $callback, 10, 1 );

Description

Filters the permission for editing a user within a group. Developers can use this hook to modify or override the default permission checks, allowing for custom access control logic when managing users in groups via the REST API.

Usage

add_filter( 'group_management_edit_user_permission', 'your_function_name', 10, 1 );

Return Value

The filtered value.

Examples

<?php
/**
 * Filter the permission required to edit users within group management.
 *
 * By default, this allows users with the 'group_leader' capability to manage users.
 * This filter allows administrators to grant or restrict this permission further.
 *
 * @param string $permission The current capability required. Defaults to 'group_leader'.
 * @return string The modified capability required.
 */
add_filter( 'group_management_edit_user_permission', 'my_custom_group_user_edit_permission', 10, 1 );

function my_custom_group_user_edit_permission( $permission ) {
	// Example: If a user has the 'administrator' role, they can always edit users
	// within group management, regardless of the default 'group_leader' permission.
	if ( current_user_can( 'administrator' ) ) {
		return 'administrator';
	}

	// Example: Restrict editing to only those with the 'manage_options' capability.
	// This would override the default 'group_leader' permission.
	// Be cautious with this, as it might prevent group leaders from managing their own groups.
	// return 'manage_options';

	// If no custom logic applies, return the original permission.
	return $permission;
}

Placement

This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.

Source Code

src/classes/helpers/rest-api-end-points.php:1702
src/classes/helpers/rest-api-end-points.php:1825

// Was an action received, and is the actions allowed
		if ( ! $request->has_param( 'action' ) || ! in_array( $request->get_param( 'action' ), $permitted_actions ) ) {
			$data['message'] = __( 'Select an action.', 'uncanny-learndash-groups' );
			wp_send_json_error( $data );
		}

		// Does the current user have permission
		$permission = apply_filters( 'group_management_edit_user_permission', 'group_leader' );
		if ( ! current_user_can( $permission ) && ! current_user_can( 'manage_options' ) && ! current_user_can( 'ulgm_group_management' ) ) {
			$data['message'] = __( 'You do not have permission to modify users.', 'uncanny-learndash-groups' );
			wp_send_json_error( $data );
		}
		if ( ! $request->has_param( 'group-id' ) ) {
			$data['message'] = __( 'Group ID was not received. Reload page and try again.', 'uncanny-learndash-groups' );
			wp_send_json_error( $data );
Scroll to Top