How to add a Capability to a User Role?

2 comments

1. You can use WP_Role class,

   // get the the role object
   $role_object = get_role( $role_name );
   
   // add $cap capability to this role object
   $role_object->add_cap( $capability_name );
   
   // remove $cap capability from this role object
   $role_object->remove_cap( $capability_name );
   

   So to address your original question about how to enable Admins to enter SCRIPT and IFRAME tags into post content, you’re looking for the ‘unfiltered_html’ capability, which in Multisite is only granted to Super Admins.

   // get the the role object
   $admin_role = get_role( 'administrator' );
   // grant the unfiltered_html capability
   $admin_role->add_cap( 'unfiltered_html', true );
   

   or you can run this once in your functions:

   /* Roles & Capabilities */
   add_role('professional', 'Professional User', array(
       'read' => true, // True allows that capability, False specifically removes it.
       'edit_posts' => true,
       'delete_posts' => true,
       //'edit_published_posts' => true,
       //'publish_posts' => true,
       //'edit_files' => true,
       'upload_files' => true //last in array needs no comma!
   ));
   

   Log in to Reply

2. In order to allow another role other than Super Admin or Admin (depending if the WordPress installation is a network/MU instance or not) to add unfiltered html to a post or comment WordPress’ KSES filter must be removed.

   Check if a user has a particular capability.

   if ( current_user_can( 'unfiltered_html' ) ) { … }
   

   If so than remove KSES

   kses_remove_filters();
   

   This functionality is already wrapped up in unfiltered-mu, allowing admins and editors to add unfiltered html.

   Log in to Reply