post: Getting user roles in WordPress

Home

Getting user roles in WordPress

Working With WordPress

  

Articles

PHP User Meta WordPress

WordPress uses a combination of Roles and Capabilities to determine site access for admins, logged in users, and guests.

Capabilities determine what permissions or access a particular user has to parts of the WordPress code and/or plugin functionality.

A Role is essentially a group of permissions that define a set of tasks a user assigned the role is allowed to perform. The codex has a great deal more information. It’s a complex are of WordPress that gives a great deal of power to plugins.

WordPress has a set number of user roles: Subscriber, Contributor, Author, Editor, Administrator. For WordPress multi-site set-ups there is also the Super Admin / Network Admin.

Each user role has an increasing number of capabilities based on the CRUD philosophy: Create, Read, Update, Delete. The subscriber has the basic read only access, and the administrator full CRUD access to posts, pages, themes, plugins. Other roles are somewhere in-between.

Code snippets

Getting the logged in user’s role is relatively easy. WordPress sets a global variable: $current_user. There are other functions also capable of retrieving some or all of the user data. WordPress also sets a variable $wp_roles which contains all of the currently available roles – default and custom. Again there are built-in functions to access these:



/**
 * Retrieve a list of available roles to build checkboxes
 *
 *  @return     array
 */
function get_roles() {
        
    global $wp_roles;

    $the_roles = $wp_roles->roles;

    $roles = array();
    foreach ( $the_roles as $k=>$v ) { 
        $roles[$k] = __( $v['name'], $this->text );
    }

    return $roles;
}


/**
 * Get a user role. Assumes only one role, otherwise brings back first on list
 *
 *  @return string
 */
function get_user_role() {

	global $current_user;

	$user_roles = $current_user->roles;
	$user_role = array_shift($user_roles);

	return $user_role;
}


/**
 * Returns the translated role of the current user. If that user has
 * no role for the current blog, it returns false.
 *
 * @return string The name of the current role
 **/
function get_user_role_translate() {

	global $wp_roles;

	$current_user = wp_get_current_user();

	$roles = $current_user->roles;
	$role = array_shift($roles);

	return ( isset( $wp_roles->role_names[$role] ) ) ? translate_user_role( $wp_roles->role_names[$role] ) : false;
}



/**
 * Returns current user's role. Assumes single main role
 *
 * @return string 
 */
function get_user_role() { 
    
    global $current_user;
   
    //sometimes not set
    if ( !($current_user instanceof WP_User) ) { return; }

    // try again
    $current_user = wp_get_current_user();
       
    //last chance
    if ( !($current_user instanceof WP_User) ) { return; }

    //ok... has role get one
    $user_roles = $current_user->roles;
    $user_role = array_shift($user_roles);

    return $user_role;
}



/**
 * Sanitise roles
 *
 * @param   array   $values
 * @return  array
 * @access  public
 */
public function sanitize_roles( $values ) {

    $multi_values = ( !is_array( $values ) ) ? explode( ',', $values ) : $values;
    return ( empty( $multi_values ) ) ? array() : array_map( 'sanitize_text_field', $multi_values );
}

Users with multiple roles? Possible, though can get somewhat messy.

comments powered by Disqus