How do I remove dashboard access from specific user roles?

The question:

I’d like to prevent certain user roles from accessing the dashboard http://www.openeye.net/wp-admin/ at all. I’ve moved and restyled user profiles to a new page that’s viewable on the site. How would I go about doing this?

The Solutions:

Below are the methods you can try. The first solution is probably the best. Try others if the first one doesn’t work. Senior developers aren’t just copying/pasting – they read the methods carefully & apply them wisely to each case.

Method 1

To lock subscribers and contributors out of the admin:

function wpse23007_redirect(){
  if( is_admin() && !defined('DOING_AJAX') && ( current_user_can('subscriber') || current_user_can('contributor') ) ){
    wp_redirect(home_url());
    exit;
  }
}
add_action('init','wpse23007_redirect');

Hope that helps. All roles give the user a capability that is the name of that role, so you can use any role name as a capability.

Method 2

//If User Roll is Subscriber, It can not login in Dashboard 
function wpse23007_redirect()
{
    if( is_admin() && !defined('DOING_AJAX') && current_user_can('subscriber') )
    {
        wp_logout();
        wp_redirect(home_url());
        exit;
    }
}
add_action('init','wpse23007_redirect');

Method 3

Yes, you would need to use the current_user_can( $capability ) function. Here is the official WordPress reference:
https://codex.wordpress.org/Function_Reference/current_user_can

Method 4

 add_action('init', function(){

      $redirect = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : home_url( '/' );
      $user = wp_get_current_user();
      if ( !defined('DOING_AJAX') && in_array( 'subscriber', (array) $user->roles ) ) {

          wp_redirect($redirect);
          exit();
      }
});


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Comment