I’m writing a plugin which creates a new post_type and a corresponding role which can only add/edit/etc the new post_type. Everything works as expected, but the user assigned my custom role cannot view the dashboard. Once the user logs in, they immediately get the following error:
“You do not have sufficient permissions to access this page.”
However, the login is successful, and the “edit” links appear on the custom posts when the user browses the site. This user can even edit/add new custom posts via the toolbar, but as soon as he/she clicks “Dashboard” or any other link not directly linked to the custom post_type they get the above error message.
I think this means my custom capabilities are working… but TOO well (as in too strictly). I’d like to also permit the basic “subscriber” permissions along with the capabilities I defined for the custom post_type. I’ve read and re-read the codex about capabilities & roles and it appears that I should be able to do what I want by adding 'read' => true to my array of capabilities, but it doesn’t seem to be working. Here’s my code:
add_action('init', 'setup_dictionary_post');
//Register custom post type
function setup_dictionary_post() {
$capabilities = array(
'publish_posts' => 'publish_dictionary_entry',
'edit_posts' => 'edit_dictionary_entry',
'edit_others_posts' => 'edit_others_dictionary_entry',
'delete_posts' => 'delete_dictionary_entry',
'delete_others_posts' => 'delete_others_dictionary_entry',
'read_private_posts' => 'read_private_dictionary_entry',
'edit_post' => 'edit_dictionary_entry',
'delete_post' => 'delete_dictionary_entry',
'read_post' => 'read_dictionary_entry'
);
$labels = array(
'name' => 'Dictionary Entries',
'singular_name' => 'Dictionary Entry',
'menu_name' => 'Dictionary Entries',
'add_new' => 'Add New',
'add_new_item' => 'Add New Dictionary Entry',
'edit' => 'Edit entry',
'edit_item' => 'Edit Dictionary Entry',
'new_item' => 'New Dictionary Entry',
'view' => 'View Dictionary Entry',
'view_item' => 'View Dictionary Entry',
'search_items' => 'Search Dictionary Entries',
'not_found' => 'No Dictionary Entries Found',
'not_found_in_trash' => 'No Dictionary Entries Found in Trash',
'parent' => 'Parent Dictionary Entry',);
register_post_type('dictionary_entry', array(
'label' => 'Dictionary Entries',
'description' => '',
'public' => true,
'show_ui' => true,
'show_in_menu' => true,
'capability_type' => 'dictionary_entry',
'capabilities'=>$capabilities,
'hierarchical' => false,
'rewrite' => array('slug' => ''),
'query_var' => true,
'supports' => array('title','comments','revisions','thumbnail','author','page-attributes',),
'labels' => $labels,
)
);
flush_rewrite_rules(false);
/********************** CUSTOM ROLE *****************************/
add_role('dictionary_entry_author', 'Dictionary Helper', array(
'publish_dictionary_entry' => true,
'edit_dictionary_entry' => true,
'edit_others_dictionary_entry' => true,
'delete_dictionary_entry' => true,
'delete_others_dictionary_entry' => true,
'read_private_dictionary_entry' => true,
'edit_dictionary_entry' => true,
'delete_dictionary_entry' => true,
'read_dictionary_entry' => true,
// more standard capabilities here
'read' => true,
));
//I do some other stuff later in this function that isn't important.
//For example, I define a custom taxonomy for the new post_type...
}
I’m not sure why the 'read'=>true, isn’t accomplishing what I want. I’ve read several tutorials, and received some code from in which “meta capabilities” get mapped, but I’m not using it in my code because I don’t understand how it works and it doesn’t seem to be necessary. I could be wrong.
I have no idea WHY this worked, but I added this immediately after add_role():
…and it worked! I’d love to know why the
add_capmethod worked whereas declaring it in the capabilities array did not.You will get NULL, because you already have role
dictionary_entry.You can create another one with different role_name, moreover- you can remove or change the cap for the exists.