[wp-hackers] What does user_can really check?
Kevin Newman
CaptainN at unFocus.com
Wed Nov 23 04:18:58 UTC 2011
That's what I figured, however, the example I posted does actually work:
user_can( $user->ID, 'subscriber')
That returns users that have the same set of caps as a subscriber - but
not those that have subscriber caps, but also additional caps. Well
actually I'm not sure about that. I am sure it doesn't return true for
users that have "read" cap - the only cap a subscriber has) plus the
caps of Administrators, or Contributors, etc. - all of which have the
"read" cap).
There are clear roles in WP - in user management for example, the user
filters (Administrators (x), Contributors (x), Subscribers (x) ) - it's
these roles that I specifically need to target for user pruning, and the
do seem to be top level concepts in the UI at least.
The only way I can think to do it by caps would be through a method that
confirms a user *only* has read caps, otherwise I'd delete all the
users, since they all have read.
Kevin N.
On 11/22/2011 6:17 PM, Erick Hitter wrote:
> user_can() checks capabilities, such as*read*,*edit_posts*, *
> manage_options*, etc., not a user's specific role. If you're trying to
> identify users with a certain role, you need to test what capabilities the
> user has or doesn't have.
>
> You should reference the table at
> http://codex.wordpress.org/Roles_and_Capabilities#Capability_vs._Role_Tablefor
> guidance as to which combination of capabilities will let you isolate
> a
> user's role. Checking for*edit_posts *or *delete_posts*, for example, will
> determine whether or not the current user is a subscriber or more-capable
> user.
More information about the wp-hackers
mailing list