WordPress User Roles are one of the first things you learn about when working with a team inside WordPress. When you install a WordPress site, you also create a user with the user role administrator. In this tutorial, I will show you how you can create different roles and also how to add custom capabilities to roles or users.
You may wonder why would you use the code and programmatically set some of the WordPress user roles or capabilities. In my career as a developer, especially WordPress developer, I have encountered various projects where I needed custom user roles.
User Roles & Capabilities
The user roles & capabilities can be used to add a specific feature to a particular user role or a particular user. The system of roles & capabilities is really great in WordPress and it can allow you to do various things.
You can add a feature to a specific role or user, but you can also remove one. This means that a user could be an editor, but for some reason, you don’t want them to edit the posts. You can disable that capability from that user while retaining the user role.
Why would you manage them with Code
To get you the idea closer to you, I will show you a simple example.
Example
Let’s imagine a shop done with WooCommerce. We want a feature that will enable a special discount of 30% only to customers that have already bought 10 of our products.
Would you do that with a WordPress user role? You could, but is that really a good approach? We could forget to add a capability from a role that the user has and thus disable a feature.
Why not just add a capability to that user that says use_special_discount?
We could then use the function current_user_can('user_special_discount')
and see if that is enabled or not.
WordPress User Roles
User roles can be accessed through the global variable $wp_roles
. This variable is actually an object of WP_Roles
.
Here is a simplified view of this object. I have written it as an array for easier reading. You can always check this variable by using the PHP function var_dump
. This will get you the whole object.
To check the whole definition of the class WP_Roles
, check the WordPress Code Reference.
User Role Object
Each role that is created is also instantiated as an object of WP_Role
. When we want to retrieve a role, we will also receive this object.
By using the WP_Role
we can easily update the role by removing or adding new capabilities. Here is a simple example of a single object for the WordPress user role Administrator.
Adding a User Role
To add a new WordPress user role, we need to use the function add_role
:
The first parameter is the role slug (name), the second one is the display name which will be shown in the WordPress dashboard and other areas. The last parameter is an array of capabilities that this role does enable for a user.
Updating a User Role
To update a WordPress user role, you will need to get the role using the function get_role
. This function will return an object of WP_Role
. You can use the methods from that object to update the role.
Whenever we add or remove a capability, the database will be updated and this will then remain until we remove or add (again) the capability.
Removing a User Role
WordPress user roles can be easily removed by using the function remove_role
.
What will happen here? First, role objects, names and role definitions will be unset for that role. After that, WordPress will update the roles and also reset the default role if that role was set as a default role.
Warning: be sure to check users with those roles and add them to a new role if they don’t have any.
I am not really sure how this would work out if you don’t manage those users. I assume they will have the default role then, but I have not tried it yet.
Manage Roles for a User
We can also manage all the roles a user has. To do that, we need the object WP_User
.
WordPress User Capabilities
The capabilities are the flags that enable a feature for a user. When a user has various roles, all those capabilities are merged together. This enables us to have roles with completely different capabilities.
You can add a capability to a role or a user. If the capability is set specifically to a user, it will overwrite the current capability value (true/false).
Check the capability
When we are checking if a user can do something (ex. edit a post, create a page), we need to check the capability for that user. This can be done with several functions:
user_can
current_user_can
current_user_can_for_blog
author_can
Manage Capabilities for a User
To add or remove a capability from a user, we need to get the WP_User
object of the user. This can be done by using the function get_userdata
where we provide the User ID.
Manage Capabilities for a Role
We have already seen how to add or remove a capability to a Role when we learned how to update a Role. It won’t hurt, repeating it.
Hooking into the WordPress User
There are various hooks there that can be used to add additional events when a function occurs.
Adding a Role
Removing a Role
Setting a Role
When Should you Create a Role?
You don’t want to create a role on each WordPress load because it will access the database for no reason.
Before WordPress 4.7, you had to create the WordPress user roles on plugin activation. That is a fine approach, and you can use it now also. I would actually advise you to do so still if you want the roles to be permanently saved.
As of WordPress 4.7 there is a new hook wp_roles_init
. When using this hook, you have direct access to the object WP_Roles
. You could add roles or capabilities on each WordPress load but without any database usage.
Conclusion
In this tutorial, you have learned how to set a role, create one or remove one. You have also seen how to add a capability to a specific user and thus overwrite the default capability value.
The roles and capabilities can be used to provided various parts of your solution to many users or to just one user. This can come in handy if you are providing a connection to a service and need to check the capability of a single user.
Have you ever worked with WordPress User roles and capabilties? If you have written a solution or know a scenario where the roles have been programmatically added or removed, please do share in the comments below:)
Become a Sponsor
Hi, Igor! Thank you for this . We’ve already exchanged an email about sending emails to Editor via contact form i coded.
Please don’t mind my second question:
would it be possible to create a contact form with the code you have above where one says:
function hook_user_add_role( $user_id, $role ) {
if( $role == ‘administrator’ ) {
// This user is administrator, so send email to xy@xy
}
else if ( $role=editor) {send email to abc@xy}
etc…
Thanks a lot !
Pozdrav! 🙂
If you want to send an email to editor, then you’ll have to get the email from the editor. I am not sure this one would be of benefit to you. You would need to store the email somewhere and then retrieve to send the message to that email.
The function you have provided would only have any sense if a registered user is sending the email. Since I am not sure how do you intend to use this function, I can’t help you much. But you can always save some emails where you want to send the messages and then based on some criteria retrieve the correct ones.
Yes, i was thinking more about already registered users. Like:iIf i register my client with the editor role, and I stay admin, i’d use the above code ( the variation of it ) to make the form decide which one gets the email. I thought it could be logically possible.
For that, I don’t think you need a form. You just have to hook into an action that will be triggered when a user has been created (or changed the role).
Really useful post. Thanks a lot!
Igor, hello. How are you?
I’m trying to get all users (and every new one ) and change the user role based on zip code. Let’s say some users use a zip code of USA and others use some Argentina zip code. I want to modify the customer role that’s being set by default (customer) and set two new ones customer_usa and customer_argentina if the zip code matches some country zip ( eg: 33801 USA, and 1058 arg)
Thanks in advance
Hello. My name is pranay. I try to set the capability to the user indivisually not via user roles. But i unable to do it. Can you please check what i am doing wrong? Here is my stack overflow post for the same problem. https://stackoverflow.com/questions/59645251/add-cap-added-the-capability-but-still-doesnt-able-to-perform-the-action-w