One of the key features of WordPress that is often overlooked is that there are a number of different user roles available. These user roles can help ensure that only authorized people have access to certain features, and they also help minimize the chances of accidents.

In this tutorial we will look at these user roles briefly and also see how to create our own custom roles.

User roles have been integrated into WordPress since version 2.0. Most users don't even know they exist and assign admin rights to anyone who has access to their dashboard (obviously that's not a good thing for a whole bunch of reasons). By default, WordPress comes with 6 user roles:

  • Administrator : someone who has access to all administrative functions and functions within a site.
  • Editor : someone who can publish and manage the articles of all users, including his own.
  • Author : someone who can publish and manage their own articles.
  • Contributor : someone who can write and manage their own messages but cannot publish.
  • Subscriber : someone who can only manage their profile and read published articles.

Why have personalized roles?

Most of the default user roles are sufficient. But there are times when you will need a user role that does not fit into the default role settings. And in this tutorial, I'll show you how to create your own custom user roles without using a plugin.

Let me walk you through how you might need custom user roles. I typically use custom user roles to make sure my clients only have access to what they need. If I don't have a maintenance contract with a customer, I can give them the role of administrator, otherwise to make my life easier, I restrict their access. However, I may need to give it a few additional privileges, such as creating users, updating items, changing WordPress settings and anything that I find complicated I don't. occupies myself.

WordPress Basic Functions

In order to effectively manage roles and capabilities, there are five very simple functions:

  • add_role () : Allows you to add a custom role.
  • remove_role () : Allows you to delete a custom role.
  • add_cap () : Allows you to add a capacity to a role.
  • remove_cap () : Used to remove capacity from a role.
  • get_role () : Gets information about a role, as well as capabilities associated with the role.

We will only use the add_role () function for this article. Because it will allow us to create a personalized user role for our fictitious client.

Define user role

So before we dive into the code we need a plan, because diving into code without a plan is never a good idea.

So we need to give a name to the role. We will keep things simple and call the role "customer".

So what is the roleclientCan actually do? There are more than 50 different capabilities available in a WordPress installation. For our purposes, we want the customer to be able to do the following:

  • Create articles
  • Edit Articles
  • Edit items from all over the world
  • Manage categories
  • Edit pages

Equally important is what we don't want them to be able to do:

  • Edit Themes
  • Add or remove Plugins
  • Update of WordPress

Code writing

We will put this code in the functions.php file for our active theme. So, let's start by adding the following code:

// Add a custom user role $ result = add_role ('client', __ ('Client'), array ());

By adding this piece of code, you've technically created a new user role (you can check it in the drop-down menu on the page to add a new user). The problem is that this role has no capabilities assigned to it. So the next step is obviously to add some capabilities that we had previously identified in our requirements above. Just add the code table to what you have already entered in your file functions.php.

// Add a custom user role $ result = add_role ('client', __ ('Client'), array ('read' => true, // enable this read capability 'edit_posts' => true, // Allow user to edit own posts 'edit_pages' => true, // Allows user to edit pages 'edit_others_posts' => true, // Allows user to edit other posts not just his own 'create_posts' => true, // Allows the user to create new articles 'manage_categories' => true, // Allows the user to manage the categories of articles 'publish_posts' => true, // Allows user to post, otherwise posts remain in draft mode 'edit_themes' => false, // User cannot edit a theme 'install_plugins' => false, // User cannot add new plugins 'update_plugin' => false, // User cannot update plugins 'update_core' => false // user cannot perform Wo updates rdPress));

How to know if the user's role is configured correctly

Check that the new user role works as expected, requires you to set up a new user with the correct role, you need to log out and log in as a user of this role. If necessary you will have to create a new user.

Depending on what abilities you have allowed and what you have refused, the first thing you should notice is a change in the dashboard menu. Indeed, by activating or deactivating some abilities, some menu items will disappear.

That's it for this tutorial. Hope you now know how to create a role in WordPress. Feel free to share this tutorial with your friends on your favorite social networks.