Solved

How to Hide Users of a Specific Role in the Users List

Posted on 2014-01-16
2
1,491 Views
Last Modified: 2014-01-18
Hi,

I am looking for a way to hide users from a specific role in the users list in the admin. For example, I want to make the sales reps only see client users. I was able to hide the admins with the code below.

add_action('pre_user_query','yoursite_pre_user_query');
function yoursite_pre_user_query($user_search) {
  $user = wp_get_current_user();
  if ($user->ID!=1) { // Is not administrator, remove administrator
    global $wpdb;
    $user_search->query_where = str_replace('WHERE 1=1',
      "WHERE 1=1 AND {$wpdb->users}.ID<>1",$user_search->query_where);
  }
}

Open in new window


Another thing that I tried was to do a redirect of the page "users.php" to "users.php?role=client", but that doesn't work either.

Thanks!
0
Comment
Question by:AccurateDesign
2 Comments
 
LVL 11

Accepted Solution

by:
jausions earned 500 total points
ID: 39788128
There are probably different ways to go about it, but in any case don't rely on the user ID being 1 to mean "administrator".

What you should do is use new WordPress "capabilities" and add them to the appropriate user roles. For instance, those new capabilities could show only the users you want (up to you to define whom that would be.) You have to use that approach because you want to "negate" the user list.

You could turn the basic "list_users" capability into only listing users everybody could see, then you add new capabilities to the users or roles who should see more (they will also require the "list_users" capability.)

For instance, create a capability "list_admins" and you assign both "list_admins" and "list_users" to the "Administrator" and "Super-Admin" roles.

In the code hook you then need to look for those new capabilities:
(Note: this is untested code, so sorry in advance for any typos)
add_action( 'pre_user_query', 'yoursite_pre_user_query' );
function yoursite_pre_user_query( $user_search )
{
    global $wpdb;
    $user = wp_get_current_user();
    $user->get_role_caps();
    $where = 'WHERE 1=1';

    // Temporarily remove this hook otherwise we might be stuck in an infinite loop
    remove_action( 'pre_user_query', 'yoursite_pre_user_query' );

    // View adminstrators? (Remember: this is capability defined by you!)
    $view_admins = in_array( 'list_admins', $user->allcaps );
    if ( !$view_admins ) {
        // Get the list of admin IDs
        $args = array(
            'role' => 'Administrator',
        );
        $user_query = new WP_User_Query( $args );
        $admins = $user_query->get_results();

        $admin_ids = array();
        foreach ( $admins as $admin ) {
            $admin_ids[] = $admin->id;
        }

        $where .= ' AND '.$wpdb->users.'.ID NOT IN ('.implode(',', $admin_ids).')';
    }

    // Repeat block above for other capabilities you define,
    // i.e. hide users not everybody should see
    // ...

    // Modify original WP_User_Query
    $user_search->query_where = str_replace(
        'WHERE 1=1',
        $where,
        $user_search->query_where
    );

     // Re-add the hook
    add_action( 'pre_user_query', 'yoursite_pre_user_query' );
}

Open in new window


As said, this is just one suggestion. The downside is we modify the default behavior of the "list_users" capabilities which could have some unforeseen side effects if some plugins expect "list_users" to actually return all the users.

The thing to remember is that Administrators and Super-Admins always have all the roles / capabilities.
0
 

Author Closing Comment

by:AccurateDesign
ID: 39788407
It works perfectly! Also thanks for the heads up about the side effects with plugins. Worst case if weird things starts to happen due to that another alternative might be to use CSS instead to hide the other users
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

So you have coded your own WordPress plugin and now you want to allow users to upload images to a folder in the plugin folder rather than the default media location? Follow along and this article will show you how to do just that!
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The purpose of this video is to demonstrate how to exclude a particular blog category from the main blog page. This is can be used when a category already has its own tab, or you simply want certain types of posts not to show up on the main blog. …
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question