One of the best part of WordPress is often overlooked is that it comes with many types of different user role available. These user role can help to make sure that only the people can have access to just areas they need. In this article we will look at those user role briefly and also shows you how to create custom user roles in WordPress.
Luckily, WordPress offers you to create new user roles by plugins. But here we not used any plugins. By default, WordPress comes with 6 different user roles:
- Administrator : Access all the administrative features and functions within a website.
- Editor : Who can only publish and manage posts of all users, including their own.
- Author : The person who can publish & manage own posts.
- Contributor : A person who can write and manage their own posts but can’t publish them.
- Subscriber : Who can only manage their profile.
Basic WordPress Functions
In order to effectively manage user roles and capabilities, there are 5 very straightforward functions available in WordPress:
- add_role() : Let you to add a custom new role.
- remove_role() : Enables you to remove a custom role.
- add_cap() : Add a custom capability to a role.
- remove_cap() : Remove a custom capability from a role that you created.
- get_role () : Gets complete information about a role as well as the capabilities associated with the custom role.
Here we can only use the add_role() function for this article as we are going to create a custom user role for our fictitious client.
Defining The User Role
Before digg into the code here we need to have a plan, so in this article for example we need to give the user role a name ‘Client’.
Now think what can the user role ‘Client’ can actually do? Here am gives you some of that capabilities, that are creating a new posts, edit posts, edit other users posts, manage categories and edit pages.
The important is what we don’t want them to be able to do:
- Edit themes
- Add or Remove Plugins
- Update core
- Create users
- Change Settings
- Etc..
Writing the Code
Now we need to put this code into the functions.php file of our currently active theme. So what are you waiting for? Lets start by adding this below code to the file:
[crayon lang=”php”]
// Add a custom user role
$result = add_role( ‘client’, __(
‘Client’ ),
array( ) );
[/crayon]
By adding this above code, you have technically created a new user role. If you want to check it just go to Add New User page and see the drop down. After that add the functionality which we had previously identified it above. And add the array code to what you have entered in your function.php file.
[crayon lang=”php”]
// Add a custom user role
$result = add_role( ‘client’, __(
‘Client’ ),
array(
‘read’ => true, // true allows this capability
‘edit_posts’ => true, // Allows user to edit their own posts
‘edit_pages’ => true, // Allows user to edit pages
‘edit_others_posts’ => true, // Allows user to edit others posts not just their own
‘create_posts’ => true, // Allows user to create new posts
‘manage_categories’ => true, // Allows user to manage post categories
‘publish_posts’ => true, // Allows user to publish, otherwise posts stays in draft
)
);
[/crayon]
It will gives the functionality which we want the client to have. But we still need to restrict them from doing things that could potentially cripple the website. So now we can need to add that by adding below code:
[crayon lang=”php”]
// Add a custom user role
$result = add_role( ‘client’, __(
‘Client’ ),
array(
‘read’ => true, // True allows reading capability
‘edit_posts’ => true, // Edit their own posts
‘edit_pages’ => true, // Allows user to edit pages
‘edit_others_posts’ => true, // Allows user to edit others posts also
‘create_posts’ => true, // Allows user to create new posts
‘manage_categories’ => true, // Allows user to manage categories
‘publish_posts’ => true, // Allows the user to publish the posts
‘edit_themes’ => false, // false denies user can’t edit your theme
‘install_plugins’ => false, // User cant add new plugins
‘update_plugin’ => false, // User can’t update any plugins
‘update_core’ => false // user cant perform core updates
)
);
[/crayon]
That’s it! You’ve just made your own custom user roles in WordPress. Remember, before go “Live” test this role on a test-user! If any problem we always love to hear from you. Just comment below. 😉