By default, WordPress allows authors to see all images on your site’s media library. This could be problematic if you invite a lot of guest authors. In this article, we will show you how to restrict WordPress media library access to user’s own uploads.
Why Restrict Media Library Access to User’s Own Uploads?
WordPress allows authors to see all files in the media library. They can also see images uploaded by an administrator, editor, or other authors.
To learn more, see our article on WordPress user roles and permissions.
Let’s say you are creating a new post to announce an upcoming product or deal. Authors and guest authors on your website will be able to see the images you upload to that article in the media library.
Your uploads will also be visible on the ‘Add Media’ popup which users see when adding images to their own articles.
For many websites, this may not be a big deal. However, if you run a multi-author website, then you may want to change this.
Let’s take a look at how to easily restrict media library access to user’s own uploads.
Method 1: Restrict Media Library Access Using a Plugin
This method is easier and is recommended for all users.
The first thing you need to do is install and activate the Restrict Media Library Access plugin.
This plugin works out of the box, and there are no settings for you to configure.
Upon activation, it filters the media library query to see if the current user is an administrator or editor. If the user role does not match either of them, then it will only show the user’s own uploads.
Users with the administrator or editor user role will be able to see all media uploads as usual.
Method 2: Restrict Media Library Access Manually
The first method would work for most websites as it limits media library access and allows only administrator and editor to view all media uploads.
However, if you want to add a custom user role or simply don’t want to use a plugin, then you can try this method instead. It uses the same code used by the plugin, but you will be able to modify it to meet your needs.
This method requires you to add code to your WordPress files.
You’ll need to add the following code to your WordPress functions.php file or a site-specific plugin.
|
1
2
3
4
5
6
7
8
9
10
11
12
|
// Limit media library access add_filter( 'ajax_query_attachments_args', 'wpb_show_current_user_attachments' );function wpb_show_current_user_attachments( $query ) { $user_id = get_current_user_id(); if ( $user_id && !current_user_can('activate_plugins') && !current_user_can('edit_others_posts') ) { $query['author'] = $user_id; } return $query;} |
This code uses the current_user_can function to check if the user has the capability to activate plugins or edit other user’s posts. If they don’t, then it changes the query used to display media files and limit it to the user’s ID.
We hope this article helped you learn how to restrict WordPress media library access to user’s own uploads.