[wp-hackers] Partial admin capabilities

[Michael D Adams]

On Wed, Jul 28, 2010 at 11:36 AM, Ryan Bilesky <rbilesky at gmail.com> wrote:
> idk why but this doesn't even seem to be working.

As others have mentioned, the user_has_cap is a little confusing.
You've run into a few of it's problems.

1. Don't check against the current_user, check against the user passed
to the filter.  Some parts of WordPress do things like
$some_user->has_cap( $cap ) (where $some_user is not the current user)
in addition to current_user_can( $cap ); your code needs to be looking
at the correct user in both cases.

2. You're switching on an array - not on a single cap.

3. The cap you want is passed as the first element of the third
parameter, not the second parameter.  The second parameter is an array
of capabilities WordPress has decided the user must have for the
current_user_can() or has_cap() check to pass.

(4. As Nacin mentions, your code can be significantly simplified with
a prettier switch statement.)

Try this: http://pastebin.com/5HmAt92Q

You could also accomplish the same thing using the map_meta_cap filter
whose arguments are a little more straightforward, but whose return
value is a little stranger.  So it might be more or less intuitive for
you: http://pastebin.com/EYBeLKBD

Mike
--mdawaffe

PS: I also agree you could do all of this with a custom role.