I’d like to prevent certain user roles from accessing the dashboard http://www.openeye.net/wp-admin/ at all. I’ve moved and restyled user profiles to a new page that’s viewable on the site. How would I go about doing this?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
To lock subscribers and contributors out of the admin:
function wpse23007_redirect(){
if( is_admin() && !defined('DOING_AJAX') && ( current_user_can('subscriber') || current_user_can('contributor') ) ){
wp_redirect(home_url());
exit;
}
}
add_action('init','wpse23007_redirect');
Hope that helps. All roles give the user a capability that is the name of that role, so you can use any role name as a capability.
Method 2
//If User Roll is Subscriber, It can not login in Dashboard
function wpse23007_redirect()
{
if( is_admin() && !defined('DOING_AJAX') && current_user_can('subscriber') )
{
wp_logout();
wp_redirect(home_url());
exit;
}
}
add_action('init','wpse23007_redirect');
Method 3
Yes, you would need to use the current_user_can( $capability ) function. Here is the official WordPress reference:
https://codex.wordpress.org/Function_Reference/current_user_can
Method 4
add_action('init', function(){
$redirect = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : home_url( '/' );
$user = wp_get_current_user();
if ( !defined('DOING_AJAX') && in_array( 'subscriber', (array) $user->roles ) ) {
wp_redirect($redirect);
exit();
}
});
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0