[wp-hackers] What does user_can really check?

Jeremy Clarke jer at simianuprising.com
Thu Nov 24 17:50:47 UTC 2011

Not sure why no one has brought up the has_role() function but it exists
and you can use it to check if a given user has a given role or not. That
said it's just a wrapper for has_cap() in pretty much the same way as
user_can() so the effect will be the same. At least that way you protect
yourself against some theoretical future where has_cap() stops working for

Seems to me that the PHPDoc for has_cap() implies that the behavior is
intended and not deprecated at all, which at least in the current system
makes sense:

"Whether user has capability or role name."

So just use has_role() to check roles and everything will be beautiful.
There's nothing wrong with the current API, it's just a complicated system
because it is so maleable and you are forced to make almost no assumptions
about the state of roles and capabilities in a given site.

Jeremy Clarke • jeremyclarke.org
Code and Design • globalvoicesonline.org

More information about the wp-hackers mailing list