4wp.dev

Custom User Roles with Special Capabilities

by

admin
in

WordPress development of client solutions very often requires non-standard approaches and additional allocation of special user roles.

In our own many years of experience developing projects on WordPress, we have repeatedly encountered the need to introduce special types of users with unique access rights.

A similar situation can arise both when developing WooCommerce projects and any WordPress projects that provide access to limited content.

Let’s start! Development Custom User Role for WordPress project

Roles and Capabilities
Use official WordPress handbook resources, first of all.

4WP.dev Adding Custom Roles

function your_custom_role() {
	add_role(
		'your_custom_role',
		'Yout Custom Role',
		array(
			'read'         => true,
			'edit_posts'   => true,
			'upload_files' => true,
		),
	);
}

// Add the your_custom_role.
add_action( 'init', 'your_custom_role' );

After that, we can already see this type of user in the list of types when adding or editing a user.

But this is not enough to separate and grant specific rights for this Custom User Type.

When you Added if necessary, don’t forget deleting if not necessary…

Full Stack WordPress developer with open eyes for small details.

4WP.dev Removing Custom Roles

function your_custom_role_remove() {
	remove_role( 'your_custom_role' );
}

// Remove the your_custom_role.
add_action( 'init', 'your_custom_role_remove' );

Create function with parameter for remove role and add_action for init it.

4WP.dev Let’s looks on real practice case development Custom User Role basic APP TaskBook

<?php
/**
 * Register a new "TaskBook User" role and grant capabilities for various roles.
 *
 * Called from taskbook.php.
 * 
 * @package  Taskbook
 * @link     https://developer.wordpress.org/plugins/users/roles-and-capabilities/
 */


/**
 * When plugin is activated, register TaskBook User role.
 * 
 * Called using register_activation_hook().
 */
function taskbook_register_role() {
	add_role( 'taskbook_user', 'TaskBook User' );
}

/**
 * When plugin is deactivated, remove TaskBook User role.
 * 
 * Called using register_deactivation_hook().
 */
function taskbook_remove_role() {
	remove_role( 'taskbook_user', 'TaskBook User' );
}

/**
 * When plugin is activated, grant task-level capabilities
 * to Administrator, Editor, and TaskBook User.
 * 
 * Called using register_activation_hook().
 */
function taskbook_add_capabilities() {

	$roles = array( 'administrator', 'taskbook_user' );

	foreach( $roles as $the_role ) {
		$role = get_role( $the_role );
		$role->add_cap( 'read' );
		$role->add_cap( 'edit_tasks' );
		$role->add_cap( 'publish_tasks' );
		$role->add_cap( 'edit_published_tasks' );
	}

	$manager_roles = array( 'administrator' );

	foreach( $manager_roles as $the_role ) {
		$role = get_role( $the_role );
		$role->add_cap( 'read_private_tasks' );
		$role->add_cap( 'edit_others_tasks' );
		$role->add_cap( 'edit_private_tasks' );
		$role->add_cap( 'delete_tasks' );
		$role->add_cap( 'delete_published_tasks' );
		$role->add_cap( 'delete_private_tasks' );
		$role->add_cap( 'delete_others_tasks' );
	}

}

/**
 * When plugin is deactivated, remove Task-level capabilities 
 * from Administrator, Editor, and TaskBook User.
 * 
 * Called using register_activation_hook().
 */
function taskbook_remove_capabilities() {

	$manager_roles = array( 'administrator' );

	foreach( $manager_roles as $the_role ) {
		$role = get_role( $the_role );
		$role->remove_cap( 'read' );
		$role->remove_cap( 'edit_tasks' );
		$role->remove_cap( 'publish_tasks' );
		$role->remove_cap( 'edit_published_tasks' );
		$role->remove_cap( 'read_private_tasks' );
		$role->remove_cap( 'edit_others_tasks' );
		$role->remove_cap( 'edit_private_tasks' );
		$role->remove_cap( 'delete_tasks' );
		$role->remove_cap( 'delete_published_tasks' );
		$role->remove_cap( 'delete_private_tasks' );
		$role->remove_cap( 'delete_others_tasks' );
	}

}

From code comments, you can clearly distinguish the sequence of actions for:

  • Register a new “TaskBook User” role and grant capabilities for various roles;
  • When the plugin is activated, register TaskBook User role;
  • When the plugin is deactivated, remove TaskBook User role;
  • When the plugin is activated, grant task-level capabilities;
  • When the plugin is deactivated, remove Task-level capabilities;

And if you were attentive, you must have noticed that for a user with a stub taskbook_user, access to creation and editing is granted: Custom Post Type – Tasks.

Let’s talk about the use of Custom Post Type in WordPress development in an excellent article on How to create and use Custom Post Type in WordPress development.