I'd like to prevent certain user roles from accessing the dashboard / at all. I've moved and restyled user profiles to a new page that's viewable on the site. How would I go about doing this?
I'd like to prevent certain user roles from accessing the dashboard http://www.openeye/wp-admin/ at all. I've moved and restyled user profiles to a new page that's viewable on the site. How would I go about doing this?
Share Improve this question asked Jul 14, 2011 at 21:06 Zach ShallbetterZach Shallbetter 1,2147 gold badges22 silver badges45 bronze badges 1- I requested WooCommerce to change their setup, so it is possible to manage authorisations for their part of the menu. The idea needs votes on: https://ideas.woocommerce Please give it your maximum 3 points, thanks! – Stefan Commented Nov 21, 2019 at 7:55
4 Answers
Reset to default 27To lock subscribers and contributors out of the admin:
function wpse23007_redirect(){
if( is_admin() && !defined('DOING_AJAX') && ( current_user_can('subscriber') || current_user_can('contributor') ) ){
wp_redirect(home_url());
exit;
}
}
add_action('init','wpse23007_redirect');
Hope that helps. All roles give the user a capability that is the name of that role, so you can use any role name as a capability.
//If User Roll is Subscriber, It can not login in Dashboard
function wpse23007_redirect()
{
if( is_admin() && !defined('DOING_AJAX') && current_user_can('subscriber') )
{
wp_logout();
wp_redirect(home_url());
exit;
}
}
add_action('init','wpse23007_redirect');
Yes, you would need to use the current_user_can( $capability ) function. Here is the official WordPress reference: https://codex.wordpress/Function_Reference/current_user_can
add_action('init', function(){
$redirect = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : home_url( '/' );
$user = wp_get_current_user();
if ( !defined('DOING_AJAX') && in_array( 'subscriber', (array) $user->roles ) ) {
wp_redirect($redirect);
exit();
}
});