WordPress: User with custom role cannot access wp-admin

2
votes

First of all I am a WordPress learner. So sorry if my code looks stupid!

I have created a custom theme with a custom user role. I am not developing any plugin.

In my fucntions.php file I have written the following code to create a User role. Users assigned to this role are supposed to login to the admin but only be able to access their Profile pages.

add_action('init', 'yrc_cst_register_role_customer_service_rep');

/**
 * Register new user role
 */

function yrc_cst_register_role_customer_service_rep() {

    $wp_roles = new WP_Roles();

    $wp_roles->remove_role('subscriber');
    $wp_roles->remove_role('editor');
    $wp_roles->remove_role('contributor');
    $wp_roles->remove_role('author');

    $service_rep_caps = array(
        'read'              => false,
        'create_posts'      => false,
        'edit_posts'        => false,
        'edit_others_posts' => false,
        'publish_posts'     => false,
        'manage_categories' => false,
        'manage_options'    => false,
    );

    add_role('customer_service', __('Customer Service'), $service_rep_caps);
}

I have removed all roles except Administrator, because no other role is required for this portal. Administrator will only create Users with Customer Service role.

I have no third party plugin installed in the system.

Users with the custom role are able to login to the system through a custom login page which is working OK. But whenever they are trying to access their Profile page the following error message comes up:

Sorry, you are not allowed to access this page.

Is there anything like 'edit_profile' => true?

I must be doing something wrong but my limited knowledge is not enough to figure this out. Any suggestion would be highly appreciated.

3
wordpressuser-roles
I think he neads 'read' => true - Stender
but then again - a subscriber is , by default, only allowed to access their profile page, right? - Stender
yeah - the role should only have 'read' - Stender
In that case do I need to add 'capabilities' => 'subscriber'? Changing to 'read' => true is not making any difference. Also for a custom role what is the right way to define the capability so that he can only access his profile page? - Subrata Sarkar
look at this : codex.wordpress.org/Roles_and_Capabilities#Subscriber - Stender

3 Answers

4
votes

You might be able to do it like this :

This should clone the subscriber role capabilities and create your role for it.

add_action('init', 'CreatecloneRoleSubscriber');

function CreatecloneRoleSubscriber()
{
    global $wp_roles;
    if ( ! isset( $wp_roles ) )
        $wp_roles = new WP_Roles();

    $sub = $wp_roles->get_role('Subscriber');
    //Adding a 'new_role' with all subscriber caps
    $wp_roles->add_role('customer_service', 'Customer Service', $sub->capabilities);
}

EDIT : Read discussion in question comments

1
votes

Just change the manage_options to true in your case But note that by allowing manage_options to true, those user will have access to other parts of dashboard as well

 $service_rep_caps = array(
    'read'              => false,
    'create_posts'      => false,
    'edit_posts'        => false,
    'edit_others_posts' => false,
    'publish_posts'     => false,
    'manage_categories' => false,
    'manage_options'    => true, // Most plugins and pages check for manage_options for checking access level to allow access to pages and settings.
);
0
votes

Just found this solution which i consider really clean to enter wp-admin with a new role:

Add access cap to backend

Add the cap view_admin_dashboard & read to your new role.

Show the admin bar

Add this function to your wordpress.

# functions.php

add_filter( 'show_admin_bar', function () {

    if ( current_user_can( 'view_admin_dashboard' ) )
        return true;
    
    return false;

}, 10);