[wp-hackers] What does user_can really check?

Dion Hulse (dd32) wordpress at dd32.id.au
Wed Nov 23 04:36:38 UTC 2011

On 23 November 2011 15:18, Kevin Newman <CaptainN at unfocus.com> wrote:
> That's what I figured, however, the example I posted does actually work:
> user_can( $user->ID, 'subscriber')
> That returns users that have the same set of caps as a subscriber - but not
> those that have subscriber caps, but also additional caps. Well actually I'm
> not sure about that. I am sure it doesn't return true for users that have
> "read" cap - the only cap a subscriber has) plus the caps of Administrators,
> or Contributors, etc. - all of which have the "read" cap).

current_user_can('subscriber') || user_can( $user_id, 'subscriber')
works due to the capability system including the Roll Slug as a user
capability. AFAIK, this is done for backwards compatibility with code
such as yours.

More information about the wp-hackers mailing list