How to Add Permissions to WordPress Custom Post Types
A large number of PublishPress users have sites with custom post types.
Sometimes this is done using custom code. Sometimes it's done with a theme. Sometimes it's done with a plugin.
However, although these methods can provide many features, they rarely deal with permissions. This can be important … these custom post types often hold sensitive information.
By default, nearly all custom post types will inherit the same permissions as Posts. So a user in the “Editor” will role will automatically be able to write and edit in your custom post type.
In this guide, I'll show you how to add permissions to your custom post types. We'll use a plugin called PublishPress Capabilities.
The example post types we'll use are created using the Custom Post Type UI plugin. This provides an easy interface for generating your custom post types.
- After installing Custom Post Type UI, go to “CPT UI” then “Add/Edit Post Types”.
- On this screen you can create your new post type. I've called mine “New Posts”.
- Click “Add Post Type” to finish.
You should now see your new post type in the WordPress admin menu:
- Make sure you have PublishPress Capabilities installed.
- Go to “Capabilities” in your WordPress admin area
- In the top-right corner of the screen, load the user role that you want to customize. In this image below, I’ve chosen the “Editor” role:
- Also in the right sidebar, and check the “New Posts” box under “Type-Specific Capabilities”. Doing this will allow you control the permissions for the New Posts.
- Click “Update”.
Look in the center of the screen and you can now see custom permissions for your new post type. You can control editing, deletion and reading capabilities for your post type: