Organize capabilities and levels of wordpress users (no plugin)


First I will explain the scenario, I want to make a system where there will be 4 different types of people accessing. The Administrator, "moderators", authors, and partners. I wanted to use wordpress' own admin panel for everything, so I created a partner post_type . In this system, each partner can have a page on the website. Also, use the standard wordpress blog posts system. So to manage all this I thought about changing the existing roles to be organized like this:


  Editor -
    Pode Cadastrar novo post
    Ver todos os posts de qualquer autor
    Editar o post de qualquer autor
    Publicar posts e deixar para revisão pendente

    Cadastrar página de parceiro
    Ver todas as páginas de parceiros
    Editar as páginas de parceiros de qualquer autor
    Publicar página de parceiro e deixar para revisão pendente

  Autor -
    Pode cadastrar novo post
    ver apenas seus proprios posts
    editar apenas seus proprios posts
    não pode publicar (sempre lançar como revisão)

  Colaborador -
    Ver apenas as suas página de parceiro
    Editar apenas sua página de parceiro
    Não pode publicar página de parceiro (sempre lançar como revisão)

  Subscriber -

Then the question arose, is this the best way to organize this? Or it would be better to create new roles (at least to manage partners).

And besides, now technical doubts, to create new capabilities in a custom post_type , would be passing the capabilities argument like this:

'capabilities' => array(
  'edit_post' => 'edit_partner',
  'edit_posts' => 'edit_partners',
  'edit_others_posts' => 'edit_other_partners',
  'publish_posts' => 'publish_partners',
  'read_post' => 'read_partner',
  'read_private_posts' => 'read_private_partners',
  'delete_post' => 'delete_partner'

And then add in each role:

$admins = get_role( 'administrator' );
$admins->add_cap( 'edit_post' );
$admins->add_cap( 'edit_posts' );
$admins->add_cap( 'edit_others_posts' );
$admins->add_cap( 'publish_posts' );
$admins->add_cap( 'read_post' );
$admins->add_cap( 'read_private_posts' );
$admins->add_cap( 'delete_post' );

$editors = get_role( 'editor' );
$editors->add_cap( 'edit_post' );
$editors->add_cap( 'edit_posts' );
$editors->add_cap( 'edit_others_posts' );
$editors->add_cap( 'publish_posts' );
$editors->add_cap( 'read_post' );
$editors->add_cap( 'read_private_posts' );
$editors->add_cap( 'delete_post' );

$partners = get_role( 'subscriber' );
$partners->add_cap( 'edit_post' );

Because I tried exactly as I showed above, but it didn't register the custom post_type with the capabilities argument.

In short: I do not know if it is right move in the capabilities of roles wordpress standards, nor exactly how to do this and do not know how to give permission only for a custom post_type , I did not want users Colaboradores could see / change / edit the posts normal, just the post_type parceiro , and still just the linked to its user. And even if users Autores could view / edit / modify post_type parceiro .



Single User Login to WordPress

You can download a roler plugin… another one for redirect and create a new template like that

Template Name: Página de login

// Dados do formulário de login
$argumentos_login = array(
    'echo'           => true,
    'redirect' => ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'],
    'form_id'        => 'tp-login-form',
    'label_username' => __( 'Username' ),
    'label_password' => __( 'Password' ),
    'label_remember' => __( 'Remember Me' ),
    'label_log_in'   => __( 'Log In' ),
    'id_username'    => 'tp-user-login',
    'id_password'    => 'tp-user-pass',
    'id_remember'    => 'tp-remember-me',
    'id_submit'      => 'tp-submit-btn',
    'remember'       => true,
    'value_username' => null,
    'value_remember' => false,
<style type="text/css">
.tp-login-container {
    text-align: center;

<div class="tp-login-container">

    <?php if ( ! is_user_logged_in() ): ?>

        <?php wp_login_form( $argumentos_login );?>


        // Usuário atual
        $usuario_atual = wp_get_current_user();

        // URL da página SAIR DA AREA VIP
        $pagina_login = ' http://localhost/natureza/';

        // Mensagem para o usuário
        echo '<p>Você já fez login <b>' . $usuario_atual->user_firstname . '</b>.';
        echo ' Clique <a href="' . wp_logout_url( $pagina_login ) . '">aqui</a>';
        echo ' para sair.';
        echo '</p>'; 

    endif; // is_user_logged_in

</div> <!-- tp-login-container -->



Then just create the new page .. add the new template .. then the login is ready

Then you go to Users > Role > Add role , create a role with the user name… or department name… the role can be individual or for groups.

If it is for single user it is important to create an individual role if not it can be one for many users.

We created the role (role or function of each user) with the user's name, as each one has their access to their reserved area.

Then we register the user and give permission, there are several types of permissions, for subscriber I left only the Read option marked, the user being registered, the next step is to redirect, as the role was already created in the first step, the last step just add the redirect with a redirect plugin that's right. Ask me how… rerere

Scroll to Top