Cron job user/auth context

  • Resolved kgraversen

    (@kgraversen)


    2 years, 5 months ago

    When you use WP Crontrol to schedule jobs, what user/auth context is the job running in?

    Is it fx running without any auth and limitations, is it running as administrator or as the user that originally scheduled the job in WP Crontrol?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author John Blackbourn

    (@johnbillion)

    WordPress Core Developer

    There’s nothing different from an event created in WP Crontrol and an event created by WordPress itself or another plugin or theme.

    All cron events in WordPress run without a user context — although I just checked the documentation for WordPress cron events and it’s not mentioned there unfortunately ?? https://developer.www.ads-software.com/plugins/cron/

    Thread Starter kgraversen

    (@kgraversen)

    Thanks, John, but how does that actually work?

    I guess you can simplify authorisation to 1) access to nothing, 2) access to specified or 3) access to everything. And if there is no defined user context (t specify authorisation), it must be either all or nothing, right?

    Does that mean that a cron event has access to everything, but no user context to refer to (e.g., no current user)?

    Thanks for going beyond. I couldn’t find anything on this topic.

    Plugin Author John Blackbourn

    (@johnbillion)

    WordPress Core Developer

    The code in your cron event callback can do anything, as it always can.

    What it means in practice is if there’s any user authentication, capability, or role checking in the event callback it’ll return false. Hopefully a well built event callback will be decoupled from user capabilities though.

    Thread Starter kgraversen

    (@kgraversen)

    Thanks – well explained ??

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Cron job user/auth context’ is closed to new replies.