Using EDD Content Restriction with Custom Post Types

This tutorial was written using version 2.2.6 of EDD Content Restriction.

While developing the functionality for the We Start With Good Themes course, I ran into a problem. We are using Easy Digital Downloads (EDD) and the EDD Content Restriction extension to make the course area of the website function, however, it wasn’t working.

Use EDD Content Restriction-with Custom Post Types - We Start With Good

The EDD Content Restriction extension documentation makes it seem that the plugin is already equipped to handle custom post types and merely installing and using the plugin will just work. And it’s true, it does just work for posts and pages, but that’s it. In fact, it will just work on your Custom Post Type (cpt) too! As long as all the content on your post (whether it’s a post/page/cpt) is contained within the_content().

If it isn’t (think any kind of custom fields), then that data will be freely available to anyone who lands on the page despite any restrictions you have set up. Now I don’t know about you, but often when I create a Custom Post Type, it usually means I’ll be adding custom fields (with say Advanced Custom Fields) and other functionality to it too.

I was frustrated with the documentation so I went googling to see if anyone had written a tutorial. Curiously, I couldn’t find any; my best guess is that everyone realizes what I realized – I’d have to look at the plugin code. As much as I enjoy EDD, this is a bit annoying for me because it was not a problem I had anticipated. So now that I’ve got it figured out, I’ve decided to write a short and sweet tutorial on how to make the Content Restriction extension work with any Custom Post Type you create; or any custom fields you create on pages and posts as well.

The good thing is that not only is the the plugin code very clean, the plugin has very good inline documentation; that made my life a lot easier.

Here’s How You Integrate Content Restriction

Within the Content Restriction plugin files, you’ll find two files of note: template-functions.php and user-functions.php.

These two files provide you with the functions you’ll use to include Content Restriction functionality anywhere it doesn’t already exist. What we want to do is check if a user has access (according to the Content Restriction metabox settings on that page), if they do, display as usual. If they don’t have access, grab the correct message and display that instead of the contents of the page.

The second function in the user-functions.php file is edd_cr_user_can_access(). This is an easy to use function that has no required parameters (which the very helpful inline documentation tells us) and you can use it to check if the current user is allowed to view the page or not – it either returns true or false (a boolean response).

So in my course template file, I would have the following code:

if ( !edd_cr_user_has_access() ) { // Check if current user has access to this page with EDD CR
    // We will display our no-access message here.
} else {
    while ( have_posts() ) : the_post();
        get_template_part( 'template-parts/content', 'course' );
    endwhile; // End of the loop.
}

That’s pretty simple, right? You can do that with any other area of the file too if needed (although if you need to perform the check in multiple areas, I suggest you do it once at the top of the page, save the information in a variable and use that to write out your conditionals).

Now we just need to grab the correct message based on the restriction set up. The first function in the user-functions.php file is the function for the job: edd_cr_user_can_access(). Here is the inline documentation for this function:

/**
 * Check to see if a user has access to a post/page
 *
 * @since       2.0
 * @param       int|bool $user_id Optional. The ID of the user to check. Default is false.
 * @param       array $restricted_to The array of downloads for a post/page
 * @param       int|false $post_id Optional. The ID of the object we are viewing. Default is false.
 * @return      array $return An array containing the status and optional message
*/

As you can see, the parameters are:

  1. $user_id – This is an optional integer or boolean, if you don’t include it, the function will grab the current user (have to read the code to see that).
  2. $restricted_to – This should be an array of the downloads this post/page is restricted to.
  3. $post_id – This is an integer and defaults to false, but you should be passing in the ID of the page/post we are checking for.

The first isn’t needed and the last parameters is easy to get, the current post ID can easily be retrieved with get_the_ID(). But how do we get the array of downloads this post is restricted to?

For that, we need to read the template-functions.php file. If you’ve dabbled with custom fields before, you can probably guess that the information is being stored in a custom field – we just need to find out what it’s called.  In template-functions.php, you’ll find the following function:

/**
 * Check if a post/page is restricted
 *
 * @since       1.0.0
 * @param       int $post_id the ID of the post to check
 * @return      bool True if post is restricted, false otherwise
 */
function edd_cr_is_restricted( $post_id ) {
	$restricted = get_post_meta( $post_id, '_edd_cr_restricted_to', true );

	return $restricted;
}

Line 9 is exactly what we are looking for. Unfortunately, this function returns boolean, or we would just use this, but instead we’re going to grab line 9 and paste it into our code. Then we’ll use that to call edd_cr_user_can_access().

if ( !edd_cr_user_has_access() ) { // Check if current user has access to this page with EDD CR
    // We will display our no-access message here.
    $restricted = get_post_meta( get_the_ID(), '_edd_cr_restricted_to', true );
    $edd = edd_cr_user_can_access('', $restricted_to, get_the_ID());
    echo $edd['message'];
} else {
    while ( have_posts() ) : the_post();
        get_template_part( 'template-parts/content', 'course' );
    endwhile; // End of the loop.
}

As we read in the inline documentation, this function returns an array including the appropriate message to display to anyone who doesn’t have access. So we simply echo that element from the array.

That’s it! You can take a look at some of the other functions in those two files to see what else you can do yourself, but this tutorial should get you most of the way!

If you want to learn more about how to dig into code to learn from and other useful WordPress coding practices, you should check out our course on WordPress theme development, We Start With Good Themes.

Sign up below to learn more about it!

Awesome! 🙂

It looks like you're already subscribed. Yay!