2. Algorithm
  3. uploads - Restrict WordPress Media Library for a specific user role (users can only seeselect own media)

uploads - Restrict WordPress Media Library for a specific user role (users can only seeselect own media)

admin2025-01-07  5

I have 4 roles in my platform : administrator, author, editor, external

I need to restrict WordPress media library access to the user’s own uploads only for one users role (external) on my platform. The External user role can only see/select his own media.

All others roles still have access to all medias in the library.

I found the below snippets but it works for all the users :

<?php // Limit access to media library (users can only see/select own media) //
   add_filter( 'ajax_query_attachments_args', 'wpsnippet_show_current_user_attachments' );
   function wpsnippet_show_current_user_attachments( $query ) {
      $user_id = get_current_user_id();
      if ( $user_id && !current_user_can('activate_plugins') && !current_user_can('edit_others_posts')) {
         $query['author'] = $user_id;
      }
      return $query;
   }
?>

Thanks in advance for your reply.

I have 4 roles in my platform : administrator, author, editor, external

I need to restrict WordPress media library access to the user’s own uploads only for one users role (external) on my platform. The External user role can only see/select his own media.

All others roles still have access to all medias in the library.

I found the below snippets but it works for all the users :

<?php // Limit access to media library (users can only see/select own media) //
   add_filter( 'ajax_query_attachments_args', 'wpsnippet_show_current_user_attachments' );
   function wpsnippet_show_current_user_attachments( $query ) {
      $user_id = get_current_user_id();
      if ( $user_id && !current_user_can('activate_plugins') && !current_user_can('edit_others_posts')) {
         $query['author'] = $user_id;
      }
      return $query;
   }
?>

Thanks in advance for your reply.

  • uploads
  • media
  • media-library
  • dashboard
Share Improve this question asked Nov 7, 2021 at 12:36 SamuelSamuel 3541 gold badge11 silver badges32 bronze badges 3
  • I'd go with just another upload folder for external users. Catch the user role on login, distinguish upload folder by a filter based on that. – user3135691 Commented Nov 7, 2021 at 15:53
  • Is it possible to show me how to do this please ? – Samuel Commented Nov 7, 2021 at 18:20
  • Here's an answer that addresses the list-view version: wordpress.stackexchange.com/questions/271584/… – Michelle Commented Nov 12, 2021 at 20:11
Add a comment  | 

2 Answers 2

Reset to default 0

add this to your functions.php or in a snippet, with this code the users with role external will only see their own uploads, any other role will see them all just has before.

add_filter( 'ajax_query_attachments_args', 'role_external' );
function role_external( $query ) {
    $user_id = get_current_user_id();
    if ( $user_id && current_user_can('external') ) {
        $query['author'] = $user_id;
    }
    return $query;
}

to protect your image folder try use this

Add a simple .htaccess file in your site folder with the following lines

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://www\.your-domain\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www\.your-domain\.com$ [NC]
RewriteRule .*\.(wav|swf|jpg|jpeg|gif|png|bmp|js|css)$ - [F,NC,L]

Note I added also js and css file even if I think it's bizzare to find someone who attempts to scrape them.

this answer can be found here

转载请注明原文地址:http://conceptsofalgorithm.com/Algorithm/1736256911a398.html

uploadsRestrict WordPress Media Library for a specific user role (users can only seeselect own media)

最新回复(0)