Using WordPress ‘auth_{$object_type}_meta_{$meta_key}’ PHP filter

The auth_{$object_type}_meta_{$meta_key} WordPress PHP filter determines whether a user is allowed to edit a specific meta key of a specific object type. It returns true to apply the mapped meta capabilities from edit_{$object_type}.

Usage

add_filter('auth_{object_type}_meta_{meta_key}', 'your_custom_function', 10, 6);

function your_custom_function($allowed, $meta_key, $object_id, $user_id, $cap, $caps) {
    // your custom code here
    return $allowed;
}

Parameters

  • $allowed (bool): Whether the user can edit the object meta. Default is false.
  • $meta_key (string): The meta key.
  • $object_id (int): Object ID.
  • $user_id (int): User ID.
  • $cap (string): Capability name.
  • $caps (string[]): Array of the user’s capabilities.

More information

See WordPress Developer Resources: auth_{$object_type}_meta_{$meta_key}

Examples

Allow editors to edit a specific post meta

Allow editors to edit a specific post meta key called special_meta.

add_filter('auth_post_meta_special_meta', 'allow_editors_edit_special_meta', 10, 6);

function allow_editors_edit_special_meta($allowed, $meta_key, $object_id, $user_id, $cap, $caps) {
    $user = get_userdata($user_id);
    if (in_array('editor', $user->roles)) {
        return true;
    }
    return $allowed;
}

Restrict editing of a meta key based on user role

Restrict editing of a meta key restricted_meta for users with the role subscriber.

add_filter('auth_post_meta_restricted_meta', 'restrict_subscriber_edit_meta', 10, 6);

function restrict_subscriber_edit_meta($allowed, $meta_key, $object_id, $user_id, $cap, $caps) {
    $user = get_userdata($user_id);
    if (in_array('subscriber', $user->roles)) {
        return false;
    }
    return $allowed;
}

Allow specific user to edit a custom post type meta

Allow a specific user with the ID 5 to edit the special_meta of a custom post type custom_type.

add_filter('auth_custom_type_meta_special_meta', 'allow_specific_user_edit_meta', 10, 6);

function allow_specific_user_edit_meta($allowed, $meta_key, $object_id, $user_id, $cap, $caps) {
    if ($user_id == 5) {
        return true;
    }
    return $allowed;
}

Restrict editing of a meta key based on post status

Restrict editing of a meta key status_sensitive_meta for posts with the status draft.

add_filter('auth_post_meta_status_sensitive_meta', 'restrict_edit_meta_based_on_post_status', 10, 6);

function restrict_edit_meta_based_on_post_status($allowed, $meta_key, $object_id, $user_id, $cap, $caps) {
    $post_status = get_post_status($object_id);
    if ($post_status === 'draft') {
        return false;
    }
    return $allowed;
}

Allow editing of a meta key only for custom capability

Allow editing of a meta key custom_capability_meta only for users with the custom_capability.

add_filter('auth_post_meta_custom_capability_meta', 'allow_edit_meta_for_custom_capability', 10, 6);

function allow_edit_meta_for_custom_capability($allowed, $meta_key, $object_id, $user_id, $cap, $caps) {
    $user = get_userdata($user_id);
    if (in_array('custom_capability', $caps)) {
        return true;
    }
    return $allowed;
}