Using Gravity Forms ‘gform_signature_url_permission_granted’ PHP filter

The gform_signature_url_permission_granted filter allows you to perform custom logic to determine if the signature URL will grant access to the file.

Usage

A generic example to apply the filter to all forms:

add_filter('gform_signature_url_permission_granted', 'your_function_name', 10, 3);

Parameters

  • $permission_granted (bool): Does the user have permission to access the signature? Default is the result of the hash validation.
  • $form_id (int): The ID of the form used to create the requested signature.
  • $field_id (int): The ID of the field used to create the requested signature.

More information

See Gravity Forms Docs: gform_signature_url_permission_granted

Examples

Restrict access to users with administrative capabilities

This example restricts access to users who can activate plugins, but only when the hash validation passes.

add_filter('gform_signature_url_permission_granted', 'restrict_admin_access', 10, 3);

function restrict_admin_access($permission_granted, $form_id, $field_id) {
    return $permission_granted && current_user_can('activate_plugins');
}

Restrict access to a specific form

This example allows access only for a specific form with ID 2.

add_filter('gform_signature_url_permission_granted', 'restrict_specific_form', 10, 3);

function restrict_specific_form($permission_granted, $form_id, $field_id) {
    return $form_id == 2;
}

Restrict access based on user role

This example restricts access to users with the ‘editor’ role.

add_filter('gform_signature_url_permission_granted', 'restrict_user_role', 10, 3);

function restrict_user_role($permission_granted, $form_id, $field_id) {
    $user = wp_get_current_user();
    return in_array('editor', $user->roles);
}

Restrict access based on custom user meta

This example restricts access to users with custom user meta access_granted set to true.

add_filter('gform_signature_url_permission_granted', 'restrict_user_meta', 10, 3);

function restrict_user_meta($permission_granted, $form_id, $field_id) {
    $user = wp_get_current_user();
    return get_user_meta($user->ID, 'access_granted', true) == 'true';
}

Restrict access based on a specific field value

This example restricts access when the value of field with ID 5 is equal to approved.

add_filter('gform_signature_url_permission_granted', 'restrict_field_value', 10, 3);

function restrict_field_value($permission_granted, $form_id, $field_id) {
    $entry = GFAPI::get_entry($entry_id);
    return $entry[5] == 'approved';
}