WordPress.org

Ready to get started?Download WordPress

Forums

Restrict a user role to only be able to alter another user to the same or lower (2 posts)

  1. mtulett
    Member
    Posted 1 year ago #

    Hi all,

    I have created a sub admin role that allows the users with that role to be able to update a users role but not do things like alter themes or plugins. However I cannot figure out a way of stopping them from being able to promote a user to a level above themselves eg Admin, which is not ideal as there was a good reason for not giving them this role in the first place...

    I am probably being thick and/or blind, but I have not managed to find a way to do this or figure it out. Anyone got any thoughts or pointers?

    Thanks

  2. bcworkz
    Member
    Posted 1 year ago #

    It may be useful to create a special capability like manage minor roles or something and assign it to sub-admins. Probably could do without, but controlling what happens by capability is much easier than by role.

    Hook the filter 'editable_roles'. You will be passed an array of roles. If the current user can only manage minor roles, simply unset the Administrator role and any others you might want to limit before returning the array.

Topic Closed

This topic has been closed to new replies.

About this Topic