Bug in WordPress custom role creation

After some slightly off-topic posts, we’re back to the ins and outs of developing with WordPress.

I needed some custom roles, each with a number of custom capabilities, for a plugin I’m creating for a client. Exactly what the plugin does is covered by a non-disclosure agreement, but I can still talk in general terms and hopefully help someone out there who’s finding that custom roles don’t always seem to work.

Within my plugin’s activation hook I had created a custom role like this, according to the information in the WordPress Codex:

[code]$role = add_role(‘role_slug’, ‘Role Name’, array(
‘capability1’,
‘capability2’,
‘capability3’,
));[/code]

Then, elsewhere in the plugin, I needed to know if a user had a certain capability, so I tested it like this:

[code]if (current_user_can(‘capability1’)) {
# do something
}[/code]

However, this wasn’t working. When a user with the custom role was logged in, the code within the ‘IF’ block was not executing.

I did some digging, and found a WordPress bug: the capabilities in the user object were structured differently for users with this custom role, than for the normal built-in roles (editor, author, etc).

Also, when I used the add_cap function to add custom capabilities to built-in roles, it worked fine.

This led me to deduce that using the add_cap function to add the capabilities to the custom role object, instead of defining them within the add_role function, should mean that the capabilities get added to the role correctly. I tested it and it worked.

So, here’s my solution for creating a custom role with specific capabilities. Simply create the role first, without any capabilities, then add the capabilities to it afterwards, rather than doing the whole thing in one function call:

[code]$role = add_role(‘role_slug’, ‘Role Name’);
$role->add_cap(‘capability1’);
$role->add_cap(‘capability2’);
$role->add_cap(‘capability3’);[/code]

Once I changed all my roles so that they were created this way, all my current_user_can tests started working properly. And for info, my project is using WordPress 3.5.1.

Hope this helps someone 🙂

8 Comments

  1. You always have a new and unique post regarding WordPress. It is always helpful.

  2. Glad to see a new post regarding WordPress. Always informational and helpful.

  3. I can still use user levels there because we don’t have a good way of getting the same list via capabilties.

  4. Always glad to see Great WP info sites

  5. Wow! these are wonderful tips. Thanks for sharing them with us.

  6. You are a WordPress genius. And you are so kind for sharing what you learn and discover.

  7. Love Role Scoper and all of the options that it has. I have run into a bit of an issue with it though. I have created custom Tags for my Blog, but when I try to add these Tags to a post it won’t let me. If I go in and deactivate Role Scoper I can add the Tags fine, but if I try to re-activate Role Scoper and then update the Tags they are all removed.

    Thanks for the help.

  8. Thanks for the tip. Think I need to bookmark it.

Add a Comment

If you have used this form and would like a copy of the information held about you on this website, or would like the information deleted, please email info@zigpress.com.