Hide WP Admin Menu

November 18, 2024 · AI Conversations

User

wp-admin hide all left side menu except custom post type , and profile for sepcific user role

Assistant

To hide all left-side menu items in the WordPress admin dashboard for a specific user role, except for a custom post type and the user's profile, you can use the `admin_menu` action hook and the `remove_menu_page()` function in your theme's `functions.php` file or in a custom plugin.

### Step 1: Add the following code to your `functions.php` or a custom plugin

function hide_admin_menu_for_specific_role() {
    // Replace 'custom_role' with your specific user role
    if (current_user_can('custom_role')) {

        // List of admin menu items to remove
        $menu_items = [
            'index.php',                  // Dashboard
            'edit.php',                   // Posts
            'upload.php',                 // Media
            'edit.php?post_type=page',    // Pages
            'edit-comments.php',          // Comments
            'themes.php',                 // Appearance
            'plugins.php',                // Plugins
            'users.php',                  // Users
            'tools.php',                  // Tools
            'options-general.php',        // Settings
        ];

        foreach ($menu_items as $item) {
            remove_menu_page($item);
        }

        // Keep a specific custom post type and profile
        // Example: To keep "Books" custom post type, you don't need to do anything.
        // Example: User profile is automatically available at 'profile.php'
    }
}
add_action('admin_menu', 'hide_admin_menu_for_specific_role', 999);

### Step 2: Adjust the Code for Your Specific User Role and Custom Post Type
– Replace `'custom_role'` with the actual role you want to restrict, like `'editor'`, `'author'`, or any custom role you have created.
– If you want to hide other menu items or keep specific ones, adjust the `$menu_items` array accordingly.

### Explanation
– The `current_user_can('custom_role')` function checks if the current logged-in user has the specified role.
– The `remove_menu_page()` function hides specific admin menu pages.
– The profile page (`profile.php`) remains accessible for the users with that specific role.

### Optional: Restrict Submenus
If you want to restrict submenu items, you can use `remove_submenu_page()` as well:

function hide_admin_submenu_for_specific_role() {
    if (current_user_can('custom_role')) {
        remove_submenu_page('themes.php', 'themes.php'); // Hide Themes under Appearance
        remove_submenu_page('users.php', 'profile.php'); // Keep the profile page visible
    }
}
add_action('admin_menu', 'hide_admin_submenu_for_specific_role', 999);

This way, only your desired custom post type and the user profile section will be visible for users with a specific role.

User

display only their post in custom and and dont allow to see others listing

Assistant

To ensure that users with a specific role can only view and manage their own posts in a custom post type, you can use the `pre_get_posts` action hook. This will restrict the listing in the WordPress admin area so that users can only see posts they created, while still allowing administrators and other privileged users to see all posts.

### Step 1: Add the Following Code to Your `functions.php` or a Custom Plugin

function restrict_custom_post_type_to_own_posts($query) {
    // Check if we are in the admin dashboard and viewing a specific custom post type
    if (is_admin() && $query->is_main_query() && $query->get('post_type') === 'your_custom_post_type') {
        
        // Check if the user does not have the 'edit_others_posts' capability
        if (!current_user_can('edit_others_posts')) {
            // Limit posts to only those created by the current user
            $query->set('author', get_current_user_id());
        }
    }
}
add_action('pre_get_posts', 'restrict_custom_post_type_to_own_posts');

### Step 2: Adjust the Code
– Replace `'your_custom_post_type'` with the actual slug of your custom post type.
– The condition `!current_user_can('edit_others_posts')` ensures that only users without the capability to edit others' posts (like authors, contributors, etc.) are restricted. Administrators or Editors with higher capabilities can still see all posts.

### Explanation
– **`is_admin()`** checks if the current request is in the WordPress admin area.
– **`$query->is_main_query()`** ensures we're modifying the main query and not interfering with other admin queries.
– **`$query->set('author', get_current_user_id())`** restricts the query to only show posts where the author is the currently logged-in user.

### Step 3: Prevent Access to Other Users' Posts via Direct URL
To ensure users cannot access other users' posts by manipulating the URL, you can use the following hook:

function restrict_direct_access_to_own_posts() {
    global $pagenow, $post_type;
    
    // Check if the user is trying to access a post edit page in the admin area
    if (is_admin() && $pagenow == 'post.php' && $post_type === 'your_custom_post_type') {
        $post_id = $_GET['post'] ?? null;
        if ($post_id) {
            $post = get_post($post_id);
            
            // Check if the current user is not the author and lacks permission to edit others' posts
            if ($post && $post->post_author != get_current_user_id() && !current_user_can('edit_others_posts')) {
                wp_die(__('You are not allowed to edit this post.'));
            }
        }
    }
}
add_action('admin_init', 'restrict_direct_access_to_own_posts');

### What This Additional Code Does
– Prevents users from accessing and editing other users' posts via direct URLs in the admin dashboard.
– Displays a message if the user tries to access a post that they do not own and do not have the capability to edit others' posts.

This setup ensures that users with lower capabilities can only see and edit their own posts, both in the listing and when accessing posts directly.

Hide WP Admin Menu

Leave a Comment Cancel