Home > Software design >  Wordpress role capabilities issue
Wordpress role capabilities issue

Time:06-10

I need some help with capabilities for a CPT. I register a new CPT with a capability type 'agenda'. To do this I use the code below in the register array

'capability_type' => 'agenda'

After that I added two new roles

add_role('owner', 'Eigenaar', 
    array(
        'read'                  => true,
        'publish_agendas'       => true,
        'edit_agenda'           => true,
        'edit_agendas'          => true,
        'delete_agenda'         => true,
        'delete_others_agendas' => true,
        'delete_others_agenda'  => true
    )
);

add_role('employee', 'Personeel', 
    array(
        'read' => true,
        'publish_agendas'       => true,
        'edit_agenda'           => true,
        'edit_agendas'          => true,
        'delete_agenda'         => true
    )
);

The issue what I have

The employee can delete and edit also the agenda from the owner and this is not the intention.

The employee must be only allowed to edit and delete the own agenda post. The owner had more capabilities and is allowed to edit and delete agenda posts from the employee.

Who can help me in the right direction?

CodePudding user response:

You can try to explicitly deny the capability in your employee user role capabilities.

'delete_others_agendas' => false,
'delete_others_agenda'  => false

CodePudding user response:

I solved the issue!

If you create a new CPT with the function register_post_type

You have to add this line in the array with arguments

'map_meta_cap' => true,

Now you can set capabilities to a role like below

add_role('owner', 'Eigenaar', 
    array(
        'read'                  => true,
        'publish_agendas'       => true,
        'edit_agenda'           => true,
        'edit_agendas'          => true,
        'delete_agenda'         => true,
        'delete_others_agendas' => true,
        'delete_others_agenda'  => true
    )
);

add_role('employee', 'Personeel', 
    array(
        'read'                  => true,
        'publish_agendas'       => true,
        'edit_agenda'           => true,
        'edit_agendas'          => true,
        'delete_agenda'         => true,
        'delete_others_agendas' => false,
        'delete_others_agenda'  => false
    )
);
  • Related