2

I have 200 users in my site and I need to hide all picture uploads from user1 for all other users when uploaded from wp-admin-> media upload.

And if user50 upload new picture, only he can see it in media upload.

How can do that ?

Virendra
  • 2,560
  • 3
  • 23
  • 37
Almeeraj Tourism
  • 65
  • 2
  • 5

3 Answers3

2

1) You can use this plugin View Own Posts Media Only (https://wordpress.org/plugins/view-own-posts-media-only/)

2) Restrict By Code Adding this snippet to the functions.php of your wordpress theme will restrict users to view only media library items they upload. They will still see the total number of files that are uploaded but will not be able to view them even if they type in the attachment_id.

function my_files_only( $wp_query ) {
    if ( strpos( $_SERVER[ 'REQUEST_URI' ], '/wp-admin/upload.php' ) !== false ) {
        if ( !current_user_can( 'level_5' ) ) {
            global $current_user;
            $wp_query->set( 'author', $current_user->id );
        }
    }
}

add_filter('parse_query', 'my_files_only' );

3) Remove Media tab

//Remove Media Library Tab
    function remove_medialibrary_tab($tabs) {
        if ( !current_user_can( 'administrator' ) ) {
            unset($tabs['library']);
            return $tabs;
        }
        else
        {
            return $tabs;
        }
    }
    add_filter('media_upload_tabs','remove_medialibrary_tab');

It says if the current user is not an administrator, then remove the Media Library tab from the Upload/Insert Media's popup page that appears when adding media to a post. Otherwise if the user DOES have a role as admin, then they will still see all the tabs (File, URL, Media Library)

Gautam Menariya
  • 546
  • 2
  • 7
  • 27
  • On method 3, removing the tab doesn't remove the functionality; if anyone's familiar with WP's administrative URLs, they'd be able to get access. Method 2's code is generic and doesn't specifically answer the question – kakoma Jul 21 '16 at 01:20
1

I was looking for this and i also ran into the one that was obsolete, this worked for me, just add it to your functions:

add_action('pre_get_posts','ml_restrict_media_library');

function ml_restrict_media_library( $wp_query_obj ) {
    global $current_user, $pagenow;
    if( !is_a( $current_user, 'WP_User') )
    return;
    if( 'admin-ajax.php' != $pagenow || $_REQUEST['action'] != 'query-attachments' )
    return;
    if( !current_user_can('manage_media_library') )
    $wp_query_obj->set('author', $current_user->ID );
    return;
}

Source

Community
  • 1
  • 1
reeyhdz
  • 41
  • 2
0

Using the pre_get_posts action, the generic code for restriction from everyone apart from admins & editors is:

add_action('pre_get_posts','user_view_own_attachments');
function user_view_own_attachments( $wp_query_obj ) {

    global $current_user, $pagenow;

    //End the party if it isn't a valid user
    if( ! is_a( $current_user, 'WP_User') )
        return;
//End the journey if we are not viewing a media page - upload.php (Directly) or admin-ajax.php(Through an AJAX call)
    if( ! in_array( $pagenow, array( 'upload.php', 'admin-ajax.php' ) )
        return;
//Editors and Admins can view all media
    if( ! current_user_can('delete_pages') )
        $wp_query_obj->set('author', $current_user->ID );

    return;
}

The code for your particular situation though is:

add_action('pre_get_posts','users_own_attachments');
function users_own_attachments( $wp_query_obj ) {

    global $current_user, $pagenow;

    if( !is_a( $current_user, 'WP_User') )
        return;

    if( ! in_array( $pagenow, array( 'upload.php', 'admin-ajax.php' ) )
        return;
 //Assuming user1 is the username and 1 is their userID
    if( 'user1' !== $current_user->user_login )
        $wp_query_obj->set('author__not_in', array(1) );

 //Assuming user50 is the username and 50 is their userID
    if( 'user50' !== $current_user->user_login )
        $wp_query_obj->set('author__not_in', array(50) );
    return;
}
kakoma
  • 1,179
  • 13
  • 17