I've defined a custom user role in functions.php called "Dashboard Admin" with the capabilities defined below. The site has a number of custom post types- all with capability post- and I'd basically like to lock down this role's capabilities to only creating/editing/deleting posts (of any type), and not pages, managing categories or any other higher level admin tasks. For some reason, using the array below, when logging in as this user type one can only create new posts and "Submit for review" and not open or edit any existing posts of any post type- what am I missing here? Thanks in advance!
$result = add_role(
'dashboard_admin',
__( 'Dashboard Admin' ),
array(
'read' => true,
'publish_posts' => true,
'edit_posts' => true,
'edit_others_posts' => true,
'edit_published_posts' => true,
'delete_posts' => true,
'delete_others_posts' => true,
'delete_published_posts' => true,
'read_private_posts' => true,
'edit_private_posts' => true,
'delete_private_posts' => true,
'upload_files' => true,
'publish_pages' => false,
'edit_pages' => false,
'edit_others_pages' => false,
'delete_pages' => false,
'delete_published_pages' => false,
'delete_others_pages' => false,
'manage_categories' => false,
'install_plugins' => false,
'activate_plugins' => false,
'update_plugins' => false,
'edit_plugins' => false,
'delete_plugins' => false,
'edit_dashboard' => false,
'switch_themes' => false,
'edit_theme_options' => false,
'create_users' => false,
'list_users' => false,
'edit_users' => false,
'delete_users' => false,
'promote_users' => false,
'remove_users' => false,
'customize' => false,
'manage_options' => false,
'delete_site' => false,
'import' => false,
'export' => false,
)
);
I've defined a custom user role in functions.php called "Dashboard Admin" with the capabilities defined below. The site has a number of custom post types- all with capability post- and I'd basically like to lock down this role's capabilities to only creating/editing/deleting posts (of any type), and not pages, managing categories or any other higher level admin tasks. For some reason, using the array below, when logging in as this user type one can only create new posts and "Submit for review" and not open or edit any existing posts of any post type- what am I missing here? Thanks in advance!
$result = add_role(
'dashboard_admin',
__( 'Dashboard Admin' ),
array(
'read' => true,
'publish_posts' => true,
'edit_posts' => true,
'edit_others_posts' => true,
'edit_published_posts' => true,
'delete_posts' => true,
'delete_others_posts' => true,
'delete_published_posts' => true,
'read_private_posts' => true,
'edit_private_posts' => true,
'delete_private_posts' => true,
'upload_files' => true,
'publish_pages' => false,
'edit_pages' => false,
'edit_others_pages' => false,
'delete_pages' => false,
'delete_published_pages' => false,
'delete_others_pages' => false,
'manage_categories' => false,
'install_plugins' => false,
'activate_plugins' => false,
'update_plugins' => false,
'edit_plugins' => false,
'delete_plugins' => false,
'edit_dashboard' => false,
'switch_themes' => false,
'edit_theme_options' => false,
'create_users' => false,
'list_users' => false,
'edit_users' => false,
'delete_users' => false,
'promote_users' => false,
'remove_users' => false,
'customize' => false,
'manage_options' => false,
'delete_site' => false,
'import' => false,
'export' => false,
)
);
1 Answer
Reset to default 2Ok, in case anyone else experiences a similar issue in defining a custom user role, it seems I've managed to sort the issue by following these instructions in the WordPress Codex:
If you are defining a custom role, and adding capabilities to the role using add_role(), be aware that modifying the capabilities array and re-executing add_role() will not necessarily update the role with the new capabilities list. The add_role() function short-circuits if the role already exists in the database.
The workaround in this case is to precede your add_role() call with a remove_role() call that targets the role you are adding.
This is for development only. Once you have nailed down your list of capabilities, there's no need to keep the remove_role() code, though there is, in fact, no harm in doing so.
So, in my case, I added the following before add_role():
if ( get_role('dashboard_admin') ) {
remove_role('dashboard_admin');
}