Filter blocks based on roles/permissions required to use blocks

[mkaz]

Is your feature request related to a problem? Please describe.

The issue that inspired this feature request is blocks that insert SVG into the post content can only be authored by Admins or Editors who have the unfiltered_html capability, otherwise wp_kses will strip out the content without notification, warnings, or errors.

This makes it impractical to create a block that requires this because Authors or other roles might try to use it and get frustrated since it will not work, and difficult to troubleshoot.

Describe the solution you'd like

One solution that would work is a block declares what roles are required to use the block, by default it could be any, so works with all previous blocks. The inserter could then limit showing blocks to users based on what roles they have.

[simison]

How would the limitation work when user without access to a block opens a post where the block already is? Would they be stopped from saving the post until the block is removed?

[mkaz]

@simison Great question. I like your suggestion, make it explicit. Currently, the user could open the post and save and it would fail without the user knowing. For example, if you have a block that adds SVG and a user without the capability opens and saves, the SVG would be stripped with no notification.

[simison]

Yep! Could be great to have "saving this will invalidate blocks" -tester mechanism even before any role dependencies are implemented.

[pablinos]

Yes, I think being able to test if wp_kses will alter the block content could be really useful. The markdown block suffers from this problem as > gets encoded to &gt without the unfiltered_html capability.

This means that the content could be fine for you to edit unless it has a blockquote in it, so it's dependent on both your role and the content.