Categories
PHP wordpress

How to prevent someone or some role from accessing the WordPress admin panel

It might be required sometime to prevent a user or all users with a specific role from accessing the WordPress admin panel. It’s not tough. Let’s think that we want that all users with author role will not be able to access the admin panel. All you have to do is just add the following code in your functions.php and you’re done

add_action( "init", "prevent_from_admin_panel" );
function prevent_from_admin_panel() {
  if ( ! current_user_can( "manage_categories" ) ) {
    if ( is_admin() && !defined( 'DOING_AJAX' ) ) {
      $pageurl = get_author_posts_url( get_current_user_id() );
      wp_redirect( $pageurl );
    }
  }
}

The code checks if the currently logged in user has the necessary capability manage_categories. This particular capability is only available to the users with Editor or higher roles, like an Administrator. So, if the current user doesn’t have it, he must be someone with an Author role. Now we will just get the url of his posts page and redirect him over there.

this particular code is_admin() && !defined( 'DOING_AJAX' ) makes sure that for ajax calls, we will not perform this redirection.

If you want to block a particular user from accessing the admin panel, then just get his id by using get_current_user_id() function. And then redirect him to homepage if it matches with the user id that you want to prevent.

That’s it. I hope you’ve enjoyed this article.

2 replies on “How to prevent someone or some role from accessing the WordPress admin panel”

Leave a Reply

Your email address will not be published. Required fields are marked *