How to Customize WordPress Roles and Capabilities Without Hacking the Core

Here’s a handy tip for site admins who want to customize what user roles can and cannot do. The best thing is that you can make these changes without hacking the WordPress core. You can add the changes directly to your functions.php file. Here are a few examples, courtesy of wp-snippets.com:

1
2
3
4
5
6
7
8
# Get the user role #
$edit_contributor = get_role('contributor'); 

# Contributor can upload media #
$edit_contributor->add_cap('upload_files')

# Contributor can no longer delete posts #
$edit_contributor->remove_cap('delete_posts');

It’s important to note here that these capabilities are written to the database. If you need to give back a capability to a role, you have to use the add_cap-function.