This website uses cookies to ensure you get the best possible experience. See our Cookies Policy.

PMG Digital Made for Humans

An Introduction to WordPress Roles & Capabilities

3 MINUTE READ | August 10, 2012

An Introduction to WordPress Roles & Capabilities

WordPress comes with a set of access controls that allow you to give certain roles capabilities. Those roles, in turn, get assigned to users. This is why contributors can write and edit their own posts, but administrators can edit and work with everyone’s posts in the WordPress admin. Contributor and Administrator are both roles with differing sets of capabilities.

In this post, I’ll explain how you can add your own roles and add additional capabilities to role.

The first rule of adding roles and capabilities is that you only need to do it once. The best place to do that, of course, is a plugin activation hook. Roles are stored in the database, so you need not add them on every page load in the same way that post types are added.

The concept is simple: call register_activation_hook to set up a function that gets called during plugin activation and call add_role in the hooked function. add_role tags three arguments: the role key/id, the role’s label, and an array of capabilities.

Let’s add a new role that only has the read capability, giving the role’s users access to the admin area and their profile but nothing else.

<?php

register_activation_hook(__FILE__, ‘pmg_roles_activate’);

/**

* Activation hook. Adds roles and capabilities.

*

* @since   1.0

* @uses    add_role

* @return  null

*/

function pmg_roles_activate()

{

add_role(‘former_employee’, __(‘Former Employee’, ‘pmg’), array(

‘read’ => true

));

}

And of course, we need a deactivation function to remove that role as well with delete_role.

<?php

register_deactivation_hook(__FILE__, ‘pmg_roles_deactivate’);

/**

* Remove our additional roles and caps.

*

* @since   1.0

* @uses    remove_role

* @return  null

*/

function pmg_roles_deactivate()

{

remove_role(‘former_employee’);

}

While you can add capabilities when adding a role, you can also add capabilities to an already existing role. Capabilities, like roles themselves, are stored in the database – you only need to add caps on plugin activation and remove them on deactivation.

The process is simple: call get_role to retrieve and WP_Role object. You can then call that object’s add_cap method to grant the permission you want.

Let’s allow our authors and contributors to post unfiltered HTML (maybe a bad idea? but we trust ’em, right?!).

<?php

register_activation_hook(__FILE__, ‘pmg_roles_activate2’);

/**

* Activation hook. All contributors and authors to post unfiltered HTML

*

* @since   1.0

* @uses    add_role

* @return  null

*/

function pmg_roles_activate2()

{

foreach(array(‘contributor’, ‘author’) as $r)

{

$role = get_role($r);

if($role)

{

$role->add_cap(‘unfiltered_html’);

}

}

}

The corresponding deactivation hook called the remove_cap method.

<?php

register_deactivation_hook(__FILE__, ‘pmg_roles_deactivate2’);

/**

* Remove our additional roles and caps.

*

* @since   1.0

* @uses    remove_role

* @return  null

*/

function pmg_roles_deactivate2()

{

foreach(array(‘contributor’, ‘author’) as $r)

{

$role = get_role($r);

if($role)

{

$role->remove_cap(‘unfiltered_html’);

}

}

}

Stay in touch

Bringing news to you

Subscribe to our newsletter

WordPress’ user management system and roles and capabilities have a lot more to offer than this, of course. One could build entire membership sites and much more.


Posted by Christopher Davis

Related Content

thumbnail image

Get Informed

PMG Innovation Challenge Inspires New Alli Technology Solutions

4 MINUTES READ | November 2, 2021

Get Informed

Applying Function Options to Domain Entities in Go

11 MINUTES READ | October 21, 2019

thumbnail image

Get Informed

My Experience Teaching Through Jupyter Notebooks

4 MINUTES READ | September 21, 2019

Get Informed

Trading Symfony’s Form Component for Data Transfer Objects

8 MINUTES READ | September 3, 2019

Get Inspired

Working with an Automation Mindset

5 MINUTES READ | August 22, 2019

Get Informed

Parsing Redshift Logs to Understand Data Usage

7 MINUTES READ | May 6, 2019

Get Inspired

3 Tips for Showing Value in the Tech You Build

5 MINUTES READ | April 24, 2019

thumbnail image

Get Informed

Testing React

13 MINUTES READ | March 12, 2019

Get Inspired

Tips for Designing & Testing Software Without a UX Specialist

4 MINUTES READ | March 6, 2019

Get Informed

A Beginner’s Experience with Terraform

4 MINUTES READ | December 20, 2018

ALL POSTS