Custom user role that can only edit specific (non-custom-type) page and all child pages [duplicate]

There’s no way in WordPress to assign the capability for editing (or any action) a specific post to a role.

However, you can filter capabilities checks and change them on the fly using the map_meta_cap.

When handling post permissions, WordPress ultimately deals in just 4 capabilties:

  • edit_post
  • read_post
  • delete_post
  • publish_post

Then whenever an action is performed on a post it maps these capabilities to the ‘primitive’ capabilities. These are the capabilities you’ll be more familiar with:

  • publish_posts
  • edit_posts
  • edit_others_posts
  • edit_private_posts
  • edit_published_posts
  • read
  • read_private_posts
  • delete_posts
  • delete_private_posts
  • delete_published_posts
  • delete_others_posts

There is also create_posts, but as far as I can tell this is only used in some REST endpoints and for controlling whether some UI appears. When saving a post create_posts is mapped to edit_posts.

What map_meta_cap() does is that when someone tries to edit a post it determines which primitive capability is required.

So if a user tries to edit a post, map_meta_cap() checks if they are the author of that post. If they are then the edit_post meta capability will be mapped to edit_posts. If they are not the author it will be mapped to edit_others_posts. WordPress will then check if the user has the mapped capability and respond accordingly.

So if you want to change permissions on a per-page basis, you need to filter map_meta_cap to change the way it assigns the meta capabilities.

In your example, you want to let users edit_page for the Internal Resources page (and others), but not edit any other pages. This is a little bit tricky because to do this they need access to the Pages menu in the Dashboard. So you’ll need to grant your student role the edit_pages and publish_pages capabilities, and then use the filter to revoke those capabilities on a page-by-page basis:

function wpse_293259_map_meta_cap( $required_caps, $cap, $user_id, $args ) {
    if ( in_array( $cap, ['edit_post', 'publish_post'] ) ) {
        $page_id = $args[0]; // The ID of the post being edited.
        $student_pages = [1,2,3]; // The IDs of the pages students are allowed to edit.

        /**
         * If the page being edited is not one students can edit, check if the user
         * is a student. If they are, set the required capabilities to 'do_not_allow'
         * to prevent them editing.
         */
        if ( ! in_array( $page_id, $student_pages ) ) {
            $user = new WP_User( $user_id );

            if ( in_array( 'students', $user->roles ) ) {
                $required_caps = ['do_not_allow'];
            }
        }
    }

    return $required_caps;
}
add_filter( 'map_meta_cap', 'wpse_293259_map_meta_cap', 10, 4 );

This will prevent publishing or editing of pages that aren’t in the $student_pages.

I have not been able to figure out a good way to allow users to publish pages but only if they’re a child of a particular page. Every mix of editing and publishing capabilities I’ve tried has resulted in weird behaviour. I don’t think child pages are a good way to manage permissions because they are a thing that can be changed on the page editor. This means that you would be changing permissions between publishing a post and being redirected back to edit it.

You might be best off using the technique I described to allow editing of the Internal Resources page, but then break the sub-pages out into a separate post type with its own permissions.

Related Posts:

  1. How to check if a user is in a specific role?
  2. How to restrict dashboard access to Admins only?
  3. Admin Page Redirect
  4. Check if user is admin by user ID
  5. How to display the user that published a pending post?
  6. Add a button to users.php
  7. create users to site with specific language
  8. Display sortable User meta column in admin panel user’s page
  9. How to display multiple custom columns in the wp-admin users.php?
  10. Hooking into register_admin_color_schemes
  11. Removing user fields [duplicate]
  12. wp-admin edit user url wont show up correct url [closed]
  13. Users Unable to Access Dashboard/Posts/Pages
  14. Stop loading “collaborators” users on add new post or page?
  15. Distinguish profile user and admin user IDs / get ID of user being edited
  16. Uncheck the box “Send User Notification” by default on new-user.php
  17. Detecting all admins that are logged in
  18. Subscribers become Authors after Upgrade? / Mass Update of Users?
  19. Stopping user deletion from running on error
  20. Filter dropdown in users.php “delete user” bulk edit screen
  21. Add count for new registered user in Users tab
  22. Users disappeared from wp-admin
  23. Logout USER form backoffice after 30 minutes of inactivity [closed]
  24. WP admin user search doesn’t return all users
  25. Hide username discovery
  26. How to get Role Subscribe Users on Admin Menu only in Pages in WordPress
  27. I accidentally deleted an admin user and all their content is now gone from the site. [closed]
  28. Restrict submitters from wp-admin [duplicate]
  29. Nickname field isn’t appearing in Admin
  30. How to allow WordPress updates to only one specific administrator?
  31. Is there a filter to edit html of user-edit.php
  32. Create new user from phpMyAdmin
  33. How do I make it so that the all users page is not a white screen?
  34. define two login page url
  35. Newly created user role not displaying on users screen
  36. How to check if a user is in a specific role?
  37. On Users (user.php) in wp-admin disable/hide “Bulk Actions” and “Change Role To”
  38. Login issue with subdomain installs
  39. Hook into form handle from admin users table
  40. restrict admin panel sections to users
  41. How do I list subpages in post editor view?
  42. CSRF attack to create USER
  43. How to keep the plugin submenu open on viewing a custom version of users.php?
  44. Cannot login in WordPress even after changing hash password in phpmyadmin
  45. WordPress User profile page fields missing
  46. Anyone Can Register
  47. Is it possible to tell if a user is logged into WordPress from looking at the cookies which are set?
  48. Extend user search in the users.php page to allow for searching by role and excluding specified email domains from the “users search” input box
  49. Extend user search in the Wp backend area on the users.php page to allow for searching by email domain and role from the “users search” input box
  50. WordPress Users page missing user count next to different types of users
  51. Searching for a custom meta from user.php in the admin
  52. wp_list_tables bulk actions
  53. How do I find all admin users using phpmyadmin?
  54. Using Image insert control in code
  55. Wrong canonical link on wp-admin pages
  56. How can I make WordPress work with a Symfony app?
  57. wp-login.php — redirect logged in users to custom URL
  58. Can’t access admin dashboard with wp-admin without /index.php after it
  59. How to change “wp-admin” to something else without search-replacing the core?
  60. How can I add an extra admin column showing the word-count of a page or post?
  61. Always show same size tags for Tag Cloud in WordPress Admin
  62. Why should I password protect WP-Admin?
  63. Using /wp-admin works, using /login gives a 404. Why?
  64. Why can’t I delete original user in multisite? Options for manual removal
  65. Cannot log into WordPress Dashboard after removing/adding .htaccess
  66. How to debug “You do not have sufficient permissions to access this page”? [closed]
  67. How to check if upload window came from the featured image link?
  68. admin_post action not usable if admin access denied to user
  69. Can’t log into wp-admin after migration from localhost to server
  70. Add menu option to “New Post” menu in admin bar
  71. Linking table cells to network folders
  72. Remove bulk option row
  73. Admin menu in front-end
  74. wp-admin page redirecting to 404 error page
  75. Require Login Redirect to Login Page
  76. How to fix ob_end_flush() failed to send buffer of zlib output compression (1)?
  77. How to replace “Password Protected” text with icon in Admin
  78. Delete the “wp-admin” folder – what could go wrong?
  79. How can I limit page parent dropdown to show only author’s own pages?
  80. Creating custom admin panel pages without making a plugin?
  81. Change users.php WP_User_Query
  82. Blank page when viewing wp-admin
  83. Is it possible to display my theme sidebar in wordpress admin?
  84. Programtically selecting image URL in Media Library modal
  85. wp-admin: “Sorry, you are not allowed to access this page.”
  86. How to access wordpress from domainB which is installed at domainA
  87. How to optimize the opening speed of admin panel?
  88. How to change the URL of sub menu page?
  89. Change wordpress admin home page
  90. Strange wp admin edit buttons issue
  91. Cannot access wp-admin after migration to another place
  92. Regular users logs in as ADMIN if Admin logged in recently
  93. Not able to access WP admin Page, redirected and a drop down login menu appears 401 error
  94. OSX El Capitan local install Maximum upload file size: 2 MB But php.ini set to 64M
  95. Is it possible to outsource wp-admin to another server?
  96. Wp mwnu not works at all
  97. Search box for hierarchical taxonomies in admin interface
  98. Custom Admin Message from external source to multiple users
  99. After Upgrade: $user becomes unknown (id: 0) after successful login?
  100. Redirect users based on their roles, is_admin()

Leave a Comment