Filter uncanny-learndash-groups

ulgm_gdpr_is_group_leader_allowed

Filters whether a user is allowed to add or invite members to a group, useful for custom permission logic.

add_filter( 'ulgm_gdpr_is_group_leader_allowed', $callback, 10, 2 );

Description

Filters whether a group leader is allowed to add a user to a group. This hook fires when checking permissions for adding users via the REST API or group management functions. Developers can return `false` to deny permission, allowing for custom access control logic based on user roles, group status, or other conditions.

Usage

add_filter( 'ulgm_gdpr_is_group_leader_allowed', 'your_function_name', 10, 2 );

Parameters

$group_id (mixed)
This parameter contains the WordPress user object for the currently logged-in user, used to check permissions and identify the user performing the action.
$user_data (mixed)
The `$group_id` parameter represents the unique identifier of the group for which the group leader's permission is being checked.

Return Value

The filtered value.

Examples

add_filter(
	'ulgm_gdpr_is_group_leader_allowed',
	function ( $allowed, $current_user, $group_id, $user_data, $action ) {
		// Example: Prevent group leaders from adding users to a specific group (e.g., 'restricted-group')
		// if the current user is not an administrator. This simulates a GDPR-related restriction
		// where only admins can manage certain sensitive groups.

		// Check if the current user is an administrator
		if ( ! current_user_can( 'manage_options' ) ) {
			// Define a placeholder for a restricted group ID
			$restricted_group_id = 123; // Replace with an actual group ID or a mechanism to identify restricted groups

			// If the current group is the restricted group, and the user is not an admin, disallow the action
			if ( (int) $group_id === $restricted_group_id ) {
				return false; // Disallow the action
			}
		}

		// If no specific restriction is met, allow the action by returning the original value (or true)
		return $allowed;
	},
	10, // Priority
	5  // Accepted args: $allowed, $current_user, $group_id, $user_data, $action
);

Placement

This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.

Source Code

src/classes/group-management/class-group-management-helpers.php:31
src/classes/helpers/rest-api-end-points.php:379
src/classes/helpers/rest-api-end-points.php:444
src/classes/helpers/rest-api-end-points.php:855
src/classes/helpers/rest-api-end-points.php:1353

} else {
			$group_id = (int) ulgm_filter_input( 'group-id', INPUT_POST );
		}

		$username_column_exists = key_exists( 'username', $user_data );

		//returns true or false if group leader allowed to add user
		$ulgm_gdpr_compliance = apply_filters( 'ulgm_gdpr_is_group_leader_allowed', true, wp_get_current_user(), $group_id, (object) $user_data, 'add-invite' );
		if ( false === $ulgm_gdpr_compliance ) {
			if ( ! $counter ) {
				$data['message'] = __( 'You are not allowed to add users.', 'uncanny-learndash-groups' );
				wp_send_json_error( $data );
			} else {
				return array(
					'error-code' => __( 'You are not allowed to add users.', 'uncanny-learndash-groups' ),
Scroll to Top