Filter uncanny-learndash-groups

send_password_reset_permission

Filters whether a group leader has permission to send a password reset email, allowing customization of this capability.

add_filter( 'send_password_reset_permission', $callback, 10, 1 );

Description

Filters the permission required to send password resets. Developers can modify the required capability, allowing custom roles or specific user capabilities to trigger password resets instead of the default 'group_leader'. This hook fires before checking user permissions.

Usage

add_filter( 'send_password_reset_permission', 'your_function_name', 10, 1 );

Return Value

The filtered value.

Examples

/**
 * Example of how to hook into the 'send_password_reset_permission' filter.
 *
 * This filter allows you to modify the capability required to send password reset emails.
 * By default, it checks if the user has the 'group_leader' capability.
 *
 * In this example, we're adding an additional check: if the user is an administrator
 * (has 'administrator' capability), they also have permission to send password resets,
 * even if they aren't specifically a 'group_leader'.
 *
 * @param string $permission The capability required to send password reset emails.
 * @return string The modified capability required.
 */
add_filter( 'send_password_reset_permission', function( $permission ) {
    // If the current user already has the default permission, or the administrator permission,
    // we don't need to do anything further.
    if ( current_user_can( $permission ) || current_user_can( 'administrator' ) ) {
        return $permission;
    }

    // Otherwise, we'll return a more restrictive permission that requires both
    // the original permission and the 'administrator' capability.
    // This is a hypothetical scenario where you might want to make it even more restricted
    // if the default isn't enough, but for realism, we'll just ensure the administrator
    // check is considered. A more common use case would be to *add* capabilities.

    // A more realistic example would be to simply ensure administrators can also do this:
    // If the default permission is 'group_leader', and the user is an administrator,
    // they should be able to send the reset.
    if ( current_user_can( 'administrator' ) ) {
        // If the user is an administrator, grant them permission.
        // We can achieve this by returning 'administrator' as the permission,
        // as it's a higher capability than 'group_leader'.
        return 'administrator';
    }

    // If neither the original permission nor the administrator role grants access,
    // return the original permission to be checked.
    return $permission;
}, 10, 1 );

Placement

This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.

Source Code

src/classes/helpers/rest-api-end-points.php:1600

$users_ids = array();
		//Removing quotes and making sure values are absint
		foreach ( $users_ids_raw as $user_id ) {
			$users_ids[] = absint( str_replace( '"', '', $user_id ) );
		}

		// Does the current user have permission
		$permission = apply_filters( 'send_password_reset_permission', 'group_leader' );
		if ( ! current_user_can( $permission ) && ! current_user_can( 'manage_options' ) && ! current_user_can( 'ulgm_group_management' ) ) {
			$data['message'] = __( 'You do not have permission to send password reset email.', 'uncanny-learndash-groups' );
			wp_send_json_error( $data );
		}

		$group_leader_id                = get_current_user_id();
		$user_group_ids                 = LearndashFunctionOverrides::learndash_get_administrators_group_ids( $group_leader_id );
Scroll to Top