How to restrict Gravity Forms Entries to specific WordPress users?

Gravity Forms is a powerful WordPress plugin that allows you to create and manage forms with ease. While it offers a variety of features to control form submissions, restricting entries to certain users requires additional steps.

Here’s a quick code snippet that you can place in your functions.php file to restrict all users except those in the $AllowedUsers variable from viewing individual Gravity Forms entries:

add_action('gform_pre_entry_detail', function($form, $entry) {

	$FormIDs = [97,98,99,100,101];
	$AllowedUsers = [1,272,856,73,70];

	if(in_array($form['id'], $FormIDs) && !in_array(get_current_user_id(), $AllowedUsers)) {

		wp_die('Access Denied!');

	}

}, 10, 2);

The snippet checks the form ID and user ID. If the user doesn’t have access, it uses wp_die to display an error message and prevent access to the entry details.

Make sure you change the variables $FormIDs and $AllowedUsers to the Gravity Forms ID and WordPress user ID. For example, if you’re form was ID 666 and your WordPress user ID is 999, you’d have the following code in your functions.php file:

add_action('gform_pre_entry_detail', function($form, $entry) {

	$FormIDs = [666];
	$AllowedUsers = [999];

	if(in_array($form['id'], $FormIDs) && !in_array(get_current_user_id(), $AllowedUsers)) {

		wp_die('Access Denied!');

	}

}, 10, 2);

Restrict Gravity Form’s entries list

The above snippet only works on the individual entry; if you want to restrict access to the entry list, you’ll need to use the gform_pre_entry_list hook, and that snippet looks like this:

add_action('gform_pre_entry_list', function($form_id) {

	$FormIDs = [97,98,99,100,101];
	$AllowedUsers = [1,272,856,73,70];

	if(in_array($form_id, $FormIDs) && !in_array(get_current_user_id(), $AllowedUsers)) {

		wp_die('Access Denied!');

	}

});

There are many variations of code you could use here. You can customize the check based on your specific user roles and permissions. For example, you might use a custom capability or check for a specific user role that should have access e.g. current_user_can('manage_options')

As always, when implementing custom code, it’s essential to thoroughly test it on a staging site before applying it to a live website to ensure that it behaves as expected and doesn’t disrupt other functionalities.