Filter uncanny-learndash-groups

email_template_update_permission

Filters the capability required to update email templates, allowing customization of user permissions for this action.

add_filter( 'email_template_update_permission', $callback, 10, 1 );

Description

Allows developers to filter the user capability required to update email templates. By default, 'manage_options' is used. Modify this filter to enforce stricter or more lenient permissions for editing email templates within the WordPress admin.

Usage

add_filter( 'email_template_update_permission', 'your_function_name', 10, 1 );

Return Value

The filtered value.

Examples

<?php
/**
 * Adjust the permission required to update email templates.
 *
 * By default, only users with the 'manage_options' capability can update email templates.
 * This filter allows administrators to change that permission to something more restrictive
 * or more permissive if needed.
 *
 * Example: Grant permission to users who can 'edit_posts' instead of 'manage_options'.
 *
 * @param string $capability The current required capability.
 * @return string The modified capability.
 */
add_filter( 'email_template_update_permission', 'my_custom_email_template_permission', 10, 1 );

function my_custom_email_template_permission( $capability ) {
	// In this example, we are allowing users who can 'edit_posts' to update email templates.
	// This might be useful if you want to delegate this task to specific roles that don't
	// necessarily have full administrative access.
	//
	// IMPORTANT: Always consider the security implications when lowering permissions.
	//
	// If you want to keep the default, just return the original $capability.
	// if ( 'manage_options' === $capability ) {
	//     return $capability;
	// }

	// Example: Grant permission to users who can 'edit_posts'.
	// If you wanted to combine permissions, you might check and return an array,
	// but current_user_can() typically accepts a single capability string.
	// For complex scenarios, you'd need to build custom logic within the
	// current_user_can() check itself.

	// For this example, we'll simply replace 'manage_options' with 'edit_posts'
	// if the original capability was 'manage_options'.
	if ( 'manage_options' === $capability ) {
		return 'edit_posts';
	}

	// Otherwise, return the original capability to maintain default behavior
	// or any other modifications made by other plugins/themes.
	return $capability;
}

Placement

This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.

Source Code

src/classes/admin/class-admin-rest-api.php:370

// Was an action received, and is the actions allowed
		if ( ! $request->has_param( 'action' ) || ! in_array( $request->get_param( 'action' ), $permitted_actions ) ) {
			$data['message'] = __( 'Select an action.', 'uncanny-learndash-groups' );
			wp_send_json_error( $data );
		}

		// Does the current user have permission
		$permission = apply_filters( 'email_template_update_permission', 'manage_options' );

		if ( ! current_user_can( $permission ) ) {
			$data['message'] = __( 'You do not have permission to save settings.', 'uncanny-learndash-groups' );
			wp_send_json_error( $data );
		}

		if ( $request->has_param( 'ulgm_invitation_user_email_subject' ) ) {
Scroll to Top