Based on the assumption that the user will always Role "Author", you can restrict the media library by using action called pre_get_posts .
For teaching purposes, actions - quite simply - are things that take place on the land of WP. You can hook some of the methods in these actions to ensure that this method occurs at the time of this action. We are interested in pre_get_posts because WP, to fill the page of the library with the images, makes a search query for posts that have images. The cat leap is on, before this query is made (hence the prefix " pre "), we include a change in the parameters of that query, restricting by author. In terms of code, this translates to
add_action('pre_get_posts', 'restringir_biblioteca' );
function restringir_biblioteca($wp_query_obj){
global $current_user, $pagenow;
if(!is_a($current_user, 'WP_User')){
return;
}
if ('admin-ajax.php' != $pagenow or $_REQUEST['action'] != 'query-attachments'){
return;
}
if(!current_user_can('manage_media_library')){
$wp_query_obj->set('author', $current_user->ID);
return;
}
}
The first two comparisons are made to ensure that the user is a user, that we are in the WP admin page and that we are in the library ( query-attachments ). The secret resides in the third comparison: By default, the author user can not manage the entire media library (or manage the media library - this is the name of the capability ). Therefore, !current_user_can('manage_media_library') will be true . At this point, it is said for the object of WP_Query , that another parameter must be passed to it, that is, the ID of the user (or "Author") in question. As pre_get_posts was used, this addition is done, and then the query is done. This causes only the images of that particular author to appear in the library.
ADDENDUM
Since you want each author to manage only their own showcase, I suppose it's interesting that the authors can only view their own posts, and those of anyone else (by default, WP lets the "Author" "view - but do not edit - posts from other authors. My next method eliminates this functionality). To do this, you can use action called parse_query . There are other ways to do this, and this is not the most efficient, but it solves the problem.
The logic is basically the same as the previous one. I verify that the user does not have role role Editor and therefore I modify the query to filter only the posts he created. Follow
add_action('parse_query', 'restringe_posts' );
function restringe_posts( $wp_query ){
if ( strpos( $_SERVER[ 'REQUEST_URI' ], '/wp-admin/upload.php' ) !== false || strpos( $_SERVER[ 'REQUEST_URI' ], '/wp-admin/edit.php' ) !== false ) {
if (!current_user_can('level_5' )){
global $current_user;
$wp_query->set('author', $current_user->id);
}
}
}
EDIT
To narrow the result further, you can assign other values to query . This is done by using set() method again. I looked into your source code , and the method only accepts one pair of values at a time, not an array, as it would be more interesting. By so doing, you must call him again. For post_type => product , you just need to include
$wp_query_obj->set('post_type', 'product');
and
$wp_query->set('post_type', 'product');
in each of the two methods, respectively, just below the first occurrence of the set() method. You can include not only the post_type parameter, but also all that WP_Query allows.
