WordPress siteadmin role from code


Sometimes it’s necessary to restrict your clients from certain WordPress features, It also helps creating a better experience for them with a less cluttered interface. There are many plugins that lets you do this but if you want to rock it by hand you can use add_role():

/*
|--------------------------------------------------------------------------
| SITEADMIN ROLE
|--------------------------------------------------------------------------
*/
$siteadmin_capabilities = array(
	"add_users" => false,
	"create_users" => false,
	"delete_others_pages" => false,
	"delete_others_posts" => false,
	"delete_pages" => true, // True allows that capability
	"delete_plugins" => false,
	"delete_posts" => true,
	"delete_private_pages" => true,
	"delete_private_posts" => true,
	"delete_published_pages" => true,
	"delete_published_posts" => true,
	"delete_themes" => false,
	"delete_users" => false, // Use false to explicitly deny
	"edit_dashboard" => true,
	"edit_files" => true,
	"edit_others_pages" => true,
	"edit_others_posts" => true,
	"edit_pages" => true,
	"edit_plugins" => false,
	"edit_posts" => true,
	"edit_private_pages" => true,
	"edit_private_posts" => true,
	"edit_published_pages" => true,
	"edit_published_posts" => true,
	"edit_theme_options" => true,
	"edit_themes" => false,
	"edit_users" => false,
	"export" => true,
	"import" => false,
	"install_plugins" => false,
	"install_themes" => false,
	"list_users" => false,
	"manage_categories" => true,
	"manage_links" => false,
	"manage_options" => false,
	"moderate_comments" => true,
	"promote_users" => false,
	"publish_pages" => true,
	"publish_posts" => true,
	"read_private_pages" => true,
	"read_private_posts" => true,
	"read" => true,
	"remove_users" => false,
	"switch_themes" => false,
	"unfiltered_html" => true,
	"unfiltered_upload" => true,
	"update_core" => true,
	"update_plugins" => true,
	"update_themes" => false,
	"upload_files"=>true,
);
$siteadmin = add_role('siteadmin', 'Site Admin', $siteadmin_capabilities );

Notice that add_role() works by adding an entry to the WordPress database. Once defined, it’s possible to change the capabilities of a role by use the functions add_cap() and remove_cap():

$siteadmin_role = get_role('siteadmin');
$siteadmin_role->add_cap( 'manage_options' );
$siteadmin_role->remove_cap( 'manage_options' );

Now, to change the role assigned to an user, we have to create a new WP_User object and update the current role trough the remove_role and add_role methods.

For this we need the user’s id first. This could either be from the current user or any other user registered.

$id = get_current_user_id();
$user = new WP_User($id);
$user->remove_role('somerole');
$user->set_role('siteadmin');

Hope you enjoyed. Thanks!

Reactions (4)

  1. I’m a big fan of your css sprite generator… that been said, this looks great as well.

    I’ve never played with roles (I’m a bit new to WordPress) but I’ll give this a try. Thanks for sharing.

    Cheers

  2. I changed manage_options to true but it doesn’t show up. Is there a prerequisite capability that needs to be changed for this to show up? Also is there a way I can hide the default setting pages (General, Writing, Discussion, etc.) but show the option pages that are added by plugins (i.e. WP E-Commerce)?

    Thanks Matt!