WP snippet: restrict gallery access – with override

Galleries are great but sometimes you just want to keep your photo’s private to just a limited group unless you choose to share them with the entire internet community. This WordPress snippet will help you by restricting the ability to view your galleries by default.

To see the galleries you must be (1) logged in and (2) assigned to an user role with the ‘view_gallery’* capability granted. You can also make a specific gallery (or better, all galleries in a specific post) accessible to anyone by simply adding the override tag ‘public gallery’ to the post.

* You’ll need to add this custom capability to your WordPress installation with the help of, for example, the Members or the User Role Editor plugin. I did also create a clone of the Subscriber user role and called it Subscriber Plus and granted that one new role and the higher user roles with the ‘view_gallery’ capability so whenever someone registers he/she still need to be assigned to an appropriate user role. This is to allow anyone to register to your side but still gives you control over who is entitled to see the galleries and who’s not.

// paste the code in the functions.php of your (child) theme
// source: https://golabs.nl/wp-snippet-restrict-gallery-access-with-override/

// only run this code when showing the front-end
if( !is_admin() ) {
  // replace the original gallery shortcode on init
  add_action( 'init', 'update_gallery_shortcode');

  function update_gallery_shortcode() {
    remove_shortcode('gallery', 'gallery_shortcode');
    add_shortcode('gallery', 'gallery_shortcode_enhanced');

  function gallery_shortcode_enhanced( $atts ){
    // the need for the user being logged in and having the view_gallery capability assigned to his/her user role
    // can be overridden by adding the 'public gallery' tag to the post!!
    if( ( is_user_logged_in() && current_user_can('view_gallery') ) || has_tag( "public gallery" ) ) {
      // user is logged in and has the view_gallery capability assigned to his/her user role...
      // OR we are allowing access to anyone in case it's tagged as a 'public gallery'...
      // cool, let's show the gallery
      echo gallery_shortcode( $atts );
    } else {
      // oh no, this user is not allowed to see the gallery, let's see what the reason is...
      if( !is_user_logged_in() ) {
        // not logged in, then offer the login form
        echo "<p>Viewing the gallery is restricted to logged in users only.</p>";
        echo wp_login_form();
      } else {
        // logged in BUT the view_gallery capability is not assigned to the user role
        echo "<p>Humm... it appears that you're assigned user role is missing the rights to view the gallery.
        Please ask the admin if you're entitled to an user role upgrade so you can see the galleries as well.</p>";

Suggestions to improve / extend the snippet are always welcome and can be posted as a comment below or send via the contact form.

Footnote: disabling your (child) theme will make all galleries visible to anyone again. Therefor I’ll turn this into a plugin shortly as well. Stay tuned!