By Jonnybojangles


2011-03-29 17:31:17 8 Comments

I am managing a Wordpress network and would like to add the unfiltered_html user capability to the already predefined user role of Admin. In a standard installation of Wordpress the Admin account would already have this capability but in an MU installation only Super Admins are afforded this capability. Wordpress Roles and Capabilities.

How can I augment the Admin role from within a theme or plugin?

2 comments

@Philip 2011-03-30 05:39:58

You can use WP_Role class,

// get the the role object
$role_object = get_role( $role_name );

// add $cap capability to this role object
$role_object->add_cap( $capability_name );

// remove $cap capability from this role object
$role_object->remove_cap( $capability_name );

So to address your original question about how to enable Admins to enter SCRIPT and IFRAME tags into post content, you're looking for the 'unfiltered_html' capability, which in Multisite is only granted to Super Admins.

// get the the role object
$admin_role = get_role( 'administrator' );
// grant the unfiltered_html capability
$admin_role->add_cap( 'unfiltered_html', true );

or you can run this once in your functions:

/* Roles & Capabilities */
add_role('professional', 'Professional User', array(
    'read' => true, // True allows that capability, False specifically removes it.
    'edit_posts' => true,
    'delete_posts' => true,
    //'edit_published_posts' => true,
    //'publish_posts' => true,
    //'edit_files' => true,
    'upload_files' => true //last in array needs no comma!
));

@Jonnybojangles 2011-03-30 16:01:07

Thanks Philip. In regards to the WP_Role class when should execute the code? I am guessing this affects the global role object? I am glad that you brought up the second block of code mentioning that I could run this once in my functions file. I have found similar solutions on some of the Wordpress support forums but I find it odd to have run once code in a theme or plugin in. Especially without a check if the change already exists. Perhaps the role write is actually negligible. To check for the capability vs just write the capability to the role as your first example shows.

@Osu 2011-03-30 18:49:00

I'm also interested in how you would execute the WP_Role class if you get a moment free to tell us. Thanks

@Philip 2011-03-31 05:39:36

@Jonnybojagles & @Osu, check this out: Ultimate Guide to Roles & Capabilities garyc40.com/2010/04/ultimate-guide-to-roles-and-capabilities

@Jonnybojangles 2011-04-05 23:52:18

I have already read that article in my pursuit, but I did take the opportunity to run through it all again, thank you! Eventually, after dissecting the unfiltered-mu (mentioned above by Rev. Voodoo) plugin I eventually found out that changing roles by adding capabilities is not enough. I needed to unfilter Wordpress’ KSES filters.

@nyedidikeke 2017-05-31 10:40:00

I prefer adding a comma to the last element in arrays. Even though it may seem irrelevant as it is not necessary to make the code work nor resulting in error(s), it comes handy when using a version control when visualising modifications; you wouldn't see an old line of array item deleted, re-added and highlighted as new with just a comma as addition or change made for that line. Though little, it helps save lots of time when analysing modifications.

@Jonnybojangles 2011-04-06 18:17:14

In order to allow another role other than Super Admin or Admin (depending if the Wordpress installation is a network/MU instance or not) to add unfiltered html to a post or comment Wordpress’ KSES filter must be removed.

Check if a user has a particular capability.

if ( current_user_can( 'unfiltered_html' ) ) { … }

If so than remove KSES

kses_remove_filters();

This functionality is already wrapped up in unfiltered-mu, allowing admins and editors to add unfiltered html.

@Jonnybojangles 2011-04-12 18:30:27

The functionality is also wrapped in a plugin register and deregister so that the logic does not need to be preformed on each WP instance.

Related Questions

Sponsored Content

1 Answered Questions

[SOLVED] Add capability to a role , so user is only able to view his own posts

1 Answered Questions

1 Answered Questions

[SOLVED] How to check if a role has a specific capability

1 Answered Questions

[SOLVED] Update User Role

1 Answered Questions

2 Answered Questions

[SOLVED] What do unfiltered_html and unfiltered_upload actually filter?

1 Answered Questions

[SOLVED] How to Structure a New Role/Capability Scheme?

Sponsored Content