Group based edit permissions?

Hi Alan,

In general, the user who should be able to edit a post created by another user would require the edit_others_posts capability. Note that this would apply to all posts that the user can access. For example, you could create a group which has the following capabilities:

• edit_posts
• edit_published_posts
• publish_posts
• edit_others_posts

The Roles and Capabilities documentation has details on each of those.

Beyond that, it would be great to be able to determine these things in a more fine-grained manner, we’re headed in that direction but object-based capabilities aren’t supported yet. Anyhow, the above might be suitable for your case. You can give it a try and determine the most suitable set of capabilities.

I’ll mark this one as resolved, but feel free to comment if there are further questions or ideas you’d like to share on this topic.

Hi Kento,

Thank you very much for your answer. Unfortunately, the issue is not resolved. I’m sorry if I was not clear enough.

My concept of “group” is rather a concept of “team”. Following the above example, Tom and Jerry belong to “Team A”. So, Anyone belonging to team A would be able to edit posts created by Tom, Jerry, or anyone in “Team A”.

However, people belonging to Team B (Mickey and Donald), cannot be able to edit posts created by Tom and Jerry. But they could edit posts created by anyone belonging to Team B.

That’s why edit_others_posts does not fit in my case.

Did I made myself clearer?

Hi Alan,

Many thanks for the added explanation, based on what you describe, this would indeed be a case which would require the object-based capabilities which are yet unsupported by Groups.

What might work for you could be a customized implementation that relies on the membership info from Groups and hooks into WordPress filters to determine whether a user has or has not a certain capability. This could be based on the group membership of the post creator and the user for which a capability would need to be evaluated.

So when a WordPress capability to edit a post is evaluated, you could hook into the user_has_cap filter, look at the post to get its author, get the groups to which the author belongs, then check the groups for the current user and evaluate the result for the filter accordingly.

Thinking about it that way, I think it should be quite easy to implement for a particular case. It’s more difficult when trying to generalize it, but that shouldn’t be a concern in this case.

I hope that makes sense, do let me know if you have questions on the suggested solution.

Hi Kento,

Many thanks for your excellent explanation. Fully understood, and I agree that this is the way to implement this feature.

all the best,

alan

Perfect, if you’re going to implement it this way and want to share a glimpse at your solution in case others might find it useful, please do. Any questions or suggestions on the way, please let me know.