Only allow specific admin user to use user switch

  • Resolved markussss

    (@markussss)


    2 years, 5 months ago

    Hi John,

    in your FAQ you stated how I can deny a user from using user switch.
    However, I wonder if I can just allow it for a single user only.

    Situation:
    I am the admin on a site
    The client is the admin on a site

    Even though we have the same WordPress capabilities, I disabled some features for them to make the site easier to maintain.

    I want to be able to switch to the client admin account.
    I don’t want them to be able to switch to my “full” admin account.

    I would like to allow my user only, instead of denying specifically their user.

    Any way of doing this?

    best regards
    Markus

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author John Blackbourn

    (@johnbillion)

    WordPress Core Developer

    The same logic applies in this case, you just need to deny the ability for all users except your own (because administrators can switch by default).

    Thread Starter markussss

    (@markussss)

    Thanks John, I thought about that but this is actually not the real solution here, I think. The other admin (client in this case) can easily just create a new admin user. Suddenly, this admin user is able to switch to my “main” admin user

    Plugin Author John Blackbourn

    (@johnbillion)

    WordPress Core Developer

    As I said, you’ll need to deny the ability from all users except your own.

    Thread Starter markussss

    (@markussss)

    I understood that I can deny the ability from all users. But how would you do that? From how I understand it, I have to do this for each individual user. If there is a new user, I need to add the new user again manually to the denial list.

    e.g.
    user “tom” is admin should not have user switching capabilities
    user “susi” is admin should not have user switching capabilities
    user “markus” is admin should have user switching capabilities
    any new admin user from now on should not have user switching capabilities

    That’s the provided code from the FAQ. How do I need to modify it?

    add_filter( ‘user_has_cap’, function( $allcaps, $caps, $args, $user ) {
    if ( ‘switch_to_user’ === $args[0] ) {
    if ( my_condition( $user ) ) {
    $allcaps[‘switch_users’] = false;
    }
    }
    return $allcaps;
    }, 9, 4 );

    I think my question is valid and I hope there is a solution for this use case.

    Thanks again for your support

    Markus

    Plugin Author John Blackbourn

    (@johnbillion)

    WordPress Core Developer

    It’s going to be something like the following ternary logic, but I can’t help you further because helping everyone with their customisations would be a full time job for me! ??

    add_filter( 'user_has_cap', function( $allcaps, $caps, $args, $user ) {
  if ( 'switch_to_user' === $args[0] ) {
    $allcaps['switch_users'] = ( $user->user_login === 'markussss' );
  }
  return $allcaps;
}, 9, 4 );

    Best of luck

    Thread Starter markussss

    (@markussss)

    Of course .. thanks a lot!

    best regards
    Markus

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Only allow specific admin user to use user switch’ is closed to new replies.