- Use
$role->add_cap()to give a cap to a role, or useadd_role()to create a new role with capabilities (ex:delete_specific_page). - Use the
map_meta_capfilter to update the$capsarray passed with the custom capability if the user is allowed to do the requested action. - Access can be revoked by using the
do_not_allowcapabilitiy.
Pete Nelson petenelson
petenelson
/ wp-taxonomy-dropdown.php
Last active
August 19, 2020 20:08
WordPress: Taxonomy dropdown for admin list filter
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Outputs a taxonomy dropdown list. | |
| * | |
| * @param string $taxonomy The taxonomy name | |
| * @param array $args Additional args. | |
| * @return void | |
| */ | |
| function taxonomy_dropdown( $taxonomy, $args = [] ) { | |
| if ( ! taxonomy_exists( $taxonomy ) ) { |
petenelson
/ wordpress-custom-capabilities.md
Last active
July 14, 2016 23:21
WordPress: notes on custom capabilities
petenelson
/ wordpress-query-by-taxonomy.sql
Last active
November 22, 2021 13:36
WordPress SQL query by taxonomy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SELECT wp_posts.* | |
| FROM | |
| wp_posts INNER JOIN wp_term_relationships ON ( wp_posts.ID = wp_term_relationships.object_id ) | |
| INNER JOIN wp_term_taxonomy ON (wp_term_relationships.term_taxonomy_id = wp_term_taxonomy.term_taxonomy_id) | |
| INNER JOIN wp_terms on (wp_term_taxonomy.term_id = wp_terms.term_id) | |
| WHERE 1=1 | |
| AND wp_term_taxonomy.taxonomy = 'taxonomy-slug' | |
| AND wp_terms.slug = 'term-slug' | |
| AND wp_posts.post_type IN ( 'post', 'page', 'cpt' ) | |
| AND wp_posts.post_status in ( 'publish', 'future', 'draft' ) |
petenelson
/ wordpress-list-users.sql
Created
May 3, 2016 18:00
WordPress: MySQL query to list user names, emails, and first & last name
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SELECT wp_users.user_login, wp_users.user_email, firstmeta.meta_value as first_name, lastmeta.meta_value as last_name FROM wp_users left join wp_usermeta as firstmeta on wp_users.ID = firstmeta.user_id and firstmeta.meta_key = 'first_name' left join wp_usermeta as lastmeta on wp_users.ID = lastmeta.user_id and lastmeta.meta_key = 'last_name' |
petenelson
/ rest-api-modify-request-parameters.php
Created
August 26, 2015 18:46
WordPress REST API: Modify Request Parameters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| add_filter( 'rest_dispatch_request', 'map_legacy_parameters', 10, 2 ); | |
| function map_legacy_parameters( $response, $request ) { | |
| $request->set_param( 'per_page' , $request->get_param( 'limit' ) ); | |
| return $response; | |
| } |
petenelson
/ rest-api-force-link-header-https.php
Created
July 24, 2015 01:03
WordPress REST API: Force Link rel header to https
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| add_filter( 'rest_url', 'force_https_rest_url', 10, 4 ); | |
| function force_https_rest_url( $url, $path, $blog_id, $scheme ) { | |
| return set_url_scheme( $url, 'https' ); // force the Link header to be https | |
| } | |
petenelson
/ rest-api-disallow-non-ssl.php
Last active
August 29, 2015 14:25
WordPress REST API: Disallow non-SSL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| add_filter( 'rest_pre_dispatch', 'rest_api_disallow_non_ssl', 10, 3 ); | |
| function rest_api_disallow_non_ssl( $response, $server, $request ) { | |
| if ( ! is_ssl() ) { | |
| $response = new WP_Error( 'rest_forbidden', __( "SSL is required to access the REST API" ), array( 'status' => 403 ) ); | |
| } |
petenelson
/ rest-api-restrict-media-endpoint.php
Created
July 17, 2015 02:48
WordPress REST API: Restrict access to the media endpoint to only authenticated users
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // restrict access to the media endpoint | |
| add_action( 'init', function() { | |
| // _add_extra_api_post_type_arguments() in the WP REST API sets this to true | |
| // we'll turn it off for unauthenticated requests | |
| global $wp_post_types; | |
| $wp_post_types['attachment']->show_in_rest = is_user_logged_in(); |
petenelson
/ add-featured-image-to-post.php
Created
July 9, 2015 22:29
WordPress REST API: Add featured image link to posts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| add_filter( 'rest_prepare_post', array( $this, 'add_featured_image_link' ), 10, 3 ); | |
| public function add_featured_image_link( $data, $post, $request ) { | |
| if ( has_post_thumbnail( $post->ID ) ) { | |
| $featured_image = wp_get_attachment_image_src( get_post_thumbnail_id( $post->ID ), 'full' ); | |
| $data->add_link( 'featured_image', $featured_image[0], array( 'width' => absint( $featured_image[1] ), 'height' => absint( $featured_image[2] ) ) ); | |
| } |
petenelson
/ multiformat-wp-api-response.php
Last active
May 30, 2024 11:36
WordPress: Example of returning non-JSON results from the WP-API
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // reference https://github.com/WP-API/WP-API/blob/develop/lib/infrastructure/class-wp-rest-server.php | |
| // serve_request() function | |
| add_filter( 'rest_pre_serve_request', 'multiformat_rest_pre_serve_request', 10, 4 ); | |
| function multiformat_rest_pre_serve_request( $served, $result, $request, $server ) { | |
| // assumes 'format' was passed into the intial API route | |
| // example: https://baconipsum.com/wp-json/baconipsum/test-response?format=text |