How to create a custom user role in WordPress in 2024

Written April 11, 2024
How to create a custom user role in WordPress in 2024

Creating custom user role in WordPress can be an effective way to manage and delegate responsibilities within your website. Each role can be tailored with specific capabilities to align with the tasks required for a particular function. This guide will delve into how to create custom user roles with a focus on creating an ‘Author Pro’ role that has increased capabilities for comment moderation.

Understanding WordPress Roles

In WordPress, a user role defines the permissions for a user to perform certain tasks. There are six pre-defined roles: Super Admin, Administrator, Editor, Author, Contributor, and Subscriber. Each role is allowed to perform a set of tasks called Capabilities. For example, only users with the role of ‘Editor’ and above can moderate comments.

Before you go and create any custom user roles, you need to know about the default user roles of WordPress. The user roles are:

  • Administrator: The Administrator role has the highest level of access and control over the WordPress site. Administrators can manage all aspects of the site, including installing plugins, creating and editing content, managing user accounts, and modifying site settings. They have full control over the site’s functionality and can perform any administrative tasks.
  • Editor: Editors have the ability to create, edit, publish, and delete their own content, as well as content created by other users. They can manage and moderate comments, create categories, and perform various editorial tasks. However, editors do not have access to sensitive site settings or the ability to install plugins or themes.
  • Author: Authors can create, edit, publish, and delete their own posts. They have control over their own content and can manage comments on their posts. However, authors cannot modify or delete content created by other users, and they do not have access to plugins or site settings.
  • Contributor: Contributors can write and submit their own posts for review but cannot publish them. Once submitted, their posts must be approved by an editor or administrator before they are published. Contributors cannot modify or delete posts created by other users and have limited access to site settings.
  • Subscriber: Subscribers have the most limited access among the default user roles. They can log in to the site and update their profile information. Subscribers can also leave comments on posts, but they do not have the ability to create or edit content. Subscribers are primarily used for user registration and membership purposes.

Example 1: Adding a Author Pro custom user role in WordPress

To add a custom user role via code, you can use one of the following methods:

  1. Add code to the functions.php file in your theme
  2. Use a code snippet plugin
  3. Create a custom plugin for this purpose.

Let’s look at an example of creating a custom ‘Author Pro’ role that has enhanced capabilities for comment moderation. This code can be added to the functions.php file in your theme or implemented via a code snippet plugin.

/* Create Author Pro User Role */
add_role(
    'author_pro', //  System name of the role.
    __( 'Author Pro'  ), // Display name of the role.
    array(
        'read'  => true,
        'delete_posts'  => true,
        'delete_published_posts' => true,
        'edit_posts'   => true,
        'publish_posts' => true,
        'edit_published_posts'   => true,
        'upload_files'  => true,
        'moderate_comments'=> true, // This user will be able to moderate the comments.
    )
);

After adding this snippet to your functions.php file, you can create a new user and assign them the ‘Author Pro’ role in the WordPress dashboard. To learn more about the add-role function, read the developer documentation from WordPress.

Author Pro is a modified custom user role in wordpress

Please note that if the new role doesn’t appear immediately, you may need to clear all caches, as the host’s cache could prevent the new role from showing up immediately.

Testing the custom user role in WordPress

To verify the capabilities of the new role, you should test it out. To do so, first, set the site’s comments to require manual approval. You can do this by navigating to Settings → Discussion in the WordPress dashboard and selecting the “Comment must be manually approved” option. Once this setting is enabled, users with the ‘Author Pro’ role can approve or reject comments on their posts.

Restricting access to certain pages in the admin area

If you want to restrict the ‘Author Pro’ users from accessing certain pages in the admin area, you can use the remove_menu_page and remove_submenu_page functions.

remove_menu_items() {
    // Main menu items
    remove_menu_page( 'edit.php' ); // Posts
    remove_menu_page( 'upload.php' ); // Media
    // Submenu items
    remove_submenu_page( 'themes.php', 'widgets.php' ); // Appearance -> Widgets
}
add_action( 'admin_menu', 'remove_menu_items' );

In the above code, ‘edit.php’ is the main menu item for Posts and ‘upload.php’ is for Media. ‘widgets.php’ is a submenu item under ‘themes.php’ (Appearance). Adjust the parameters of these functions according to the pages you want to restrict.

Example 2: Simplified admin custom user role in WordPress

Rather than creating an upgraded custom user role in WordPress, another approach is to simplify an existing role by removing certain capabilities. This method is useful when you need to add a more secure admin user role. Let’s take a look at an example of how to create a simplified admin role.

function create_simple_admin_role() {
    // First, remove the role if it exists
    remove_role('simple_admin');
    
    // Get the administrator role
    $admin_role = get_role('administrator');
    $admin_capabilities = $admin_role->capabilities;
    
    // Remove specific capabilities
    $capabilities_to_remove = [
        'activate_plugins',
        'delete_plugins',
        'edit_plugins',
        'install_plugins',
        'update_plugins',
        'switch_themes',
        'edit_themes',
        'delete_themes',
        'install_themes',
        'update_themes',
        'update_core'
    ];
    
    foreach ($capabilities_to_remove as $capability) {
        unset($admin_capabilities[$capability]);
    }
    
    // Add the Simple Admin role with the modified capabilities
    add_role('simple_admin', 'Simple Admin', $admin_capabilities);
}

In the code above, we start by removing any existing “simple_admin” role if it exists. Then, we retrieve the capabilities of the “administrator” role. Next, we specify the capabilities we want to remove from the admin role using the $capabilities_to_remove array. We loop through this array and unset each capability from the $admin_capabilities array.

Finally, we add the “simple_admin” role with the modified capabilities using the add_role function. The role is named “Simple Admin” and has the capabilities that were left after removing the specified ones.

By following this approach, you can create a simplified admin user role by deducting capabilities from an existing role, ensuring a more secure and tailored user experience.

Other capabilities that can be deducted

In addition to the capabilities mentioned in the previous example, there are various other capabilities that can be deducted or modified when creating custom user roles. One such capability is “manage_options,” which can be removed to restrict users from accessing and modifying general settings and options for the website. Deducting this capability can be useful for creating more limited administrative roles that focus on specific tasks without granting full control over all aspects of the site.

Furthermore, when defining custom user roles, you can also deduct or modify other user capabilities to fine-tune the permissions of the role. User capabilities, such as “edit_posts,” “publish_posts,” or “delete_posts,” can be removed or adjusted to limit the ability to create, publish, or delete posts, respectively. By carefully deducting or modifying these capabilities, you can create custom user roles with tailored permissions that align with your desired level of access and control.

Using a plugin

While adding custom user roles using PHP code snippets provides flexibility and control, it may require some coding knowledge. If you prefer a more user-friendly approach, plugins can be a convenient option for creating custom user roles in WordPress.

WordPress offers a wide range of plugins specifically designed to manage user roles and capabilities. One popular plugin is the User Role Editor plugin, which provides an intuitive interface for creating and modifying user roles. Here are some advantages of using plugins for custom user roles:

  1. User-Friendly Interface: Plugins often offer a user-friendly interface that simplifies the process of creating and managing custom user roles. They provide intuitive options and settings, making it accessible even for users with limited coding experience.
  2. Convenience and Time-Saving: Using a plugin eliminates the need to write code snippets manually. With just a few clicks, you can create, modify, and assign capabilities to custom user roles, saving time and effort.
  3. Extensive Functionality: Many user role management plugins offer additional features and functionalities beyond creating custom roles. They may include options to set granular permissions, manage access to specific content, and control user capabilities more precisely.
  4. Compatibility and Updates: Plugins are developed to work seamlessly with WordPress and are regularly updated to ensure compatibility with the latest WordPress versions and security standards. This ensures that your custom user roles remain functional and secure over time.
  5. Support and Documentation: Plugins often come with comprehensive documentation and support channels. If you encounter any issues or have questions, you can rely on the plugin’s support team or community forums for assistance.

Another plugin to consider is the Members plugin.

Conclusion

Creating custom user roles in WordPress is an effective way to delegate responsibilities and manage access to different functions on your website. The ‘Author Pro’ role we created is just an example – you can create as many custom roles as you need, each with its own set of capabilities. Happy coding!

FAQ

What are custom user roles?

WordPress, a user role defines the permissions for a user to perform certain tasks. There are six pre-defined roles: Super Admin, Administrator, Editor, Author, Contributor, and Subscriber. Each role is allowed to perform a set of tasks called Capabilities. For instance, only users with the role of ‘Editor’ and above can moderate comments. However, you can create custom user roles to suit your specific needs. Each custom role can be tailored with specific capabilities to align with the tasks required for a particular function.

How do I create a custom user role in WordPress? How do I add a user role in WordPress without plugins?

To add a custom user role in WordPress without plugins, you can add specific code to the functions.php file in your theme, use a code snippet plugin, or create a custom plugin for this purpose. For example, to create an ‘Author Pro’ role with enhanced capabilities for comment moderation, you can add a code snippet to your functions.php file. After adding the code, you can create a new user and assign them the ‘Author Pro’ role in the WordPress dashboard.

How do I create a user role?

You can create a new user role by simplifying an existing role by removing certain capabilities. For example, you can create a simplified admin user role by deducting capabilities from an existing role. This approach ensures a more secure and tailored user experience.

Table of Contents

Read more