Extend WordPress User Roles: Theme Options for Editors

userroles_wordpress_1

I’ve set up a new blog for a friend recently, and I didn’t want to give her administrative privileges, so I assigned her the role of editor. But she should be able to change the look of the theme. It is her site after all, not mine.

By default, WordPress doesn’t allow editors to do that, so I had to change this role.

Roles and capabilities in WordPress

What each user can do depends on her or his role. Each role is a name for a set of capabilities.

The role administrator for example has capabilities like delete_users, update_core, edit_theme_options and many others.

The role editor does not have the capability edit_theme_options, so editors cannot change theme options.

Every role has the capability exist. Isn’t that nice?

Roles are not hierarchical, they work more like taxonomies: We can assign multiple roles to each user. There is no user interface for that, but technically it is possible. We can create new roles and capabilities, for example edit_pending_posts, and we can remove existing ones.

Roles and their capabilities are stored in the options table under $wpdb->prefix . 'user_roles'.

There is also a nice Codex page: Roles and Capabilities.

What is visible and editable for a user is decided in the source code with current_user_can( $capability ).

If current_user_can( 'edit_theme_options' ) is TRUE, WordPress will show the theme options.
And if current_user_can( 'install_themes' ) is TRUE, WordPress will show the option to install a new theme.

The plugin

My friend has the role editor, so I decided to add just the capability edit_theme_options. There are many plugins to manage user roles, but all of them have some side effects, I haven’t seen a single one without any bugs.

And because this change is permanent, the plugin has to run just once. It can be deactivated after the database update.

The update is made during plugin activation, so I used register_activation_hook().

Now the deactivation. I could deactivate the plugin silently, but I think it is better to tell the user what is going on and why the plugin doesn’t show up in the list of active plugins.

And that’s all. Editors can now tweak the appearance of the site, add widgets and menus, change backgrounds and headers and use the customizer.

You can find the source code for the complete plugin in our new repository Mini Plugins or just download it as a ZIP file: Theme options for editors.

Post Sharing

Author Avatar

I am a developer and author for MarketPress. In my free time, I am a moderator for several WordPress communities.

Also Interesting

slack-blog

New Plugin: Slack Connector - Connect WordPress, WooCommerce and Slack

by Michael Firnkes

Initially we merely wanted to optimize our own Slack-processes. With automated notifications from our MarkettPress shop, the blog and our forums. The resul ...

Read more
vip

Inpsyde is the first WordPress.com VIP partner in Germany

by Michael Firnkes

Automattic has given us the title of WordPress.com VIP Service Partner, the first in Germany, Austria and Switzerland. Worldwide, there are only eleven com ...

Read more
wooexperts

Inpsyde is a WooExperts Gold Partner of WooCommerce

by Michael Firnkes

A few weeks ago, Inpsyde GmbH with MarketPress became a certified WooExperts Gold Partner. This is confirmation from WooThemes of our agency’s know-h ...

Read more
muenchen-blog-1000

New: WooCommerce Shop Theme München

by Michael Firnkes

A WordPress and WooCommerce theme that not only looks great, but also excels in functionality? Welcome to München. The template is an addition to our WooC ...

Read more

Comments

5 Comments

  1. #1

    This can actually be done much more easily, without modifying the database or even requiring a plugin.

    See Andrew Nacin’s talk about capability filters: http://wordpress.tv/2013/08/10/andrew-nacin-current-user-can-watch-this-talk/

    Here’s a gist I just cooked up in a minute to do what you need: https://gist.github.com/mannieschumpert/7200062

  2. #3

    That is a really good point. I need to run some tests to see what the performance hit is if using that filter.

  3. #4

    Nice light weight solution. Quick question – do I need to keep the plugin installed (but deactivated) once it’s run or can it be removed entirely?

    Thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">