ulgm_gdpr_is_group_leader_allowed
Filters whether a user is allowed to add or invite members to a group, useful for custom permission logic.
add_filter( 'ulgm_gdpr_is_group_leader_allowed', $callback, 10, 2 );
Description
Filters whether a group leader is allowed to add a user to a group. This hook fires when checking permissions for adding users via the REST API or group management functions. Developers can return `false` to deny permission, allowing for custom access control logic based on user roles, group status, or other conditions.
Usage
add_filter( 'ulgm_gdpr_is_group_leader_allowed', 'your_function_name', 10, 2 );Parameters
-
$group_id(mixed) - This parameter contains the WordPress user object for the currently logged-in user, used to check permissions and identify the user performing the action.
-
$user_data(mixed) - The `$group_id` parameter represents the unique identifier of the group for which the group leader's permission is being checked.
Return Value
The filtered value.
Examples
add_filter(
'ulgm_gdpr_is_group_leader_allowed',
function ( $allowed, $current_user, $group_id, $user_data, $action ) {
// Example: Prevent group leaders from adding users to a specific group (e.g., 'restricted-group')
// if the current user is not an administrator. This simulates a GDPR-related restriction
// where only admins can manage certain sensitive groups.
// Check if the current user is an administrator
if ( ! current_user_can( 'manage_options' ) ) {
// Define a placeholder for a restricted group ID
$restricted_group_id = 123; // Replace with an actual group ID or a mechanism to identify restricted groups
// If the current group is the restricted group, and the user is not an admin, disallow the action
if ( (int) $group_id === $restricted_group_id ) {
return false; // Disallow the action
}
}
// If no specific restriction is met, allow the action by returning the original value (or true)
return $allowed;
},
10, // Priority
5 // Accepted args: $allowed, $current_user, $group_id, $user_data, $action
);Placement
This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.
Source Code
src/classes/group-management/class-group-management-helpers.php:31
src/classes/helpers/rest-api-end-points.php:379
src/classes/helpers/rest-api-end-points.php:444
src/classes/helpers/rest-api-end-points.php:855
src/classes/helpers/rest-api-end-points.php:1353
} else {
$group_id = (int) ulgm_filter_input( 'group-id', INPUT_POST );
}
$username_column_exists = key_exists( 'username', $user_data );
//returns true or false if group leader allowed to add user
$ulgm_gdpr_compliance = apply_filters( 'ulgm_gdpr_is_group_leader_allowed', true, wp_get_current_user(), $group_id, (object) $user_data, 'add-invite' );
if ( false === $ulgm_gdpr_compliance ) {
if ( ! $counter ) {
$data['message'] = __( 'You are not allowed to add users.', 'uncanny-learndash-groups' );
wp_send_json_error( $data );
} else {
return array(
'error-code' => __( 'You are not allowed to add users.', 'uncanny-learndash-groups' ),