Using WP 5.2.4, I am registering my custom post type with this code:

$args = array(
    'labels'          => $labels,
    'public'          => false,
    'show_ui'         => true,
    'show_in_menu'    => true,
    'query_var'       => true,
    'has_archive'     => false,
    'menu_position'   => null,
    'map_meta_cap'    => false,
    'capability_type' => ['note','notes'],
    'rewrite'         => [ 'slug' => 'note', 'with_front' => false ],
    'supports'        => [ 'editor' ],
    'menu_icon'       => 'dashicons-format-aside',
);

register_post_type( 'note', $args );

Now I want my custom user role to edit/read/delete this post type. I added this caps to my custom user role:

$role = get_role( 'my_custom_role' );

$role->add_cap('read_private_notes');
$role->add_cap('read_note');
$role->add_cap('read');
$role->add_cap('publish_notes');
$role->add_cap('edit_note');
$role->add_cap('edit_notes');
$role->add_cap('edit_others_notes');
$role->add_cap('edit_private_notes');
$role->add_cap('edit_published_notes');
$role->add_cap('edit_notes');
$role->add_cap('delete_note');
$role->add_cap('delete_notes');
$role->add_cap('delete_private_notes');
$role->add_cap('delete_published_notes');
$role->add_cap('delete_others_notes');

Everything is OK for the administrator role and post type item shows in the admin menu. For other roles, it shows the admin menu item but in the post type list page give permission error.

How can I fix this problem ?

Using WP 5.2.4, I am registering my custom post type with this code:

$args = array(
    'labels'          => $labels,
    'public'          => false,
    'show_ui'         => true,
    'show_in_menu'    => true,
    'query_var'       => true,
    'has_archive'     => false,
    'menu_position'   => null,
    'map_meta_cap'    => false,
    'capability_type' => ['note','notes'],
    'rewrite'         => [ 'slug' => 'note', 'with_front' => false ],
    'supports'        => [ 'editor' ],
    'menu_icon'       => 'dashicons-format-aside',
);

register_post_type( 'note', $args );

Now I want my custom user role to edit/read/delete this post type. I added this caps to my custom user role:

$role = get_role( 'my_custom_role' );

$role->add_cap('read_private_notes');
$role->add_cap('read_note');
$role->add_cap('read');
$role->add_cap('publish_notes');
$role->add_cap('edit_note');
$role->add_cap('edit_notes');
$role->add_cap('edit_others_notes');
$role->add_cap('edit_private_notes');
$role->add_cap('edit_published_notes');
$role->add_cap('edit_notes');
$role->add_cap('delete_note');
$role->add_cap('delete_notes');
$role->add_cap('delete_private_notes');
$role->add_cap('delete_published_notes');
$role->add_cap('delete_others_notes');

Everything is OK for the administrator role and post type item shows in the admin menu. For other roles, it shows the admin menu item but in the post type list page give permission error.

How can I fix this problem ?

• custom-post-types
• plugin-development
• wp-admin
• user-roles
• capabilities

2 Answers 2

You definitely need to set map_meta_cap to true instead of false to create custom capabilities.

I haven't seen the 'capability_type' => ['note','notes'] way of creating capabilities before - maybe it's shorthand, but if just changing map_meta_cap doesn't work, you might want to spell everything out the long way:

<?php
$args = array(
    'labels'          => $labels,
    'public'          => false,
    'show_ui'         => true,
    'show_in_menu'    => true,
    'query_var'       => true,
    'has_archive'     => false,
    'menu_position'   => null,
    // The most crucial change: true
    'map_meta_cap'    => true,
    // Possibly required: spelling out every capability individually
    'capabilities'      => array(
        'edit_post'                 => 'edit_note',
        'read_post'                 => 'read_note',
        'delete_post'               => 'delete_note',
        'create_posts'              => 'create_notes',
        'delete_posts'              => 'delete_notes',
        'delete_others_posts'       => 'delete_others_notes',
        'delete_private_posts'      => 'delete_private_notes',
        'delete_published_posts'    => 'delete_published_notes',
        'edit_posts'                => 'edit_notes',
        'edit_others_posts'         => 'edit_others_notes',
        'edit_private_posts'        => 'edit_private_notes',
        'edit_published_posts'      => 'edit_published_notes',
        'publish_posts'             => 'publish_notes',
        'read_private_posts'        => 'read_private_notes'
    ),
    'rewrite'         => [ 'slug' => 'note', 'with_front' => false ],
    'supports'        => [ 'editor' ],
    'menu_icon'       => 'dashicons-format-aside',
);
register_post_type( 'note', $args );
?>

You may also want to grant your custom role a few other capabilities:

<?php
$role = get_role( 'my_custom_role' );
// Read (front end) all post types
$role->add_cap('read');
// Adjust their dashboard
$role->add_cap('edit_dashboard');
// Upload files
$role->add_cap('upload_files');
// See the list of users (but not manage them)
$role->add_cap('list_users');
// Allow taxonomy management - Categories and custom taxonomies
$role->add_cap('manage_categories');
// Use the Customizer
$role->add_cap('edit_theme_options');
// Only if you really need to, allow them to paste in HTML/JS
$role->add_cap('unfiltered_html');
?>

At a minimum I usually grant "read" to custom roles so they can see the front end of the site.

My problem was the same and here that worked for me:

Add this line to capabilities: $role->add_cap('create_notes');

And this plugin is very useful to clear custom rules and capabilities when you modify somthing and changes don't apply: Reset roles and capabilities

Plus you can try this plugin: https://wordpress/plugins/capability-manager-enhanced/