[p3t3rr]

Hi there,

I am currently setting up a bbpress forum. This is why I post a view threads atm because I have questions. Hopefully, it’s not perceived as spam.

I know that this is not a bbpress issue, more of a wordpress thing in general. However, I guess that most bbpress developers/admins have solved this issue – therefore I ask it here.

I want to disable access to wordpress admin dashboard for all normal forum participants (role: subscriber/participant).

I have done some searching and found that it could be achieved through the following custom php.

disable wp-admin:

// redirect back to homepage and not allow access to wp backend for subscribers
function rkk_redirect_admin(){
	if ( ! wp_doing_ajax() && ! current_user_can( 'edit_posts' ) ) {
        wp_redirect( site_url() );
        exit;
    }
}
add_action( 'admin_init', 'rkk_redirect_admin' );

disable wp admin toolbar:

// disable wp toolbar on the frontend of website for subscribers
function rkk_disable_admin_bar() {
    if( ! current_user_can('edit_posts') )
        add_filter('show_admin_bar', '__return_false');
}
add_action( 'after_setup_theme', 'rkk_disable_admin_bar' );

I included that code in functions.php of childtheme. However, it does not seem to have an effect. Subscriber can still access wp-admin and can see the wp toolbar in the front end.

Anybody have a good solution for this? I don’t want to use an extra plugin for that.

thank you for helping. best regards, peter

[p3t3rr]

link to the forum: https://hatopia.de/community/

[Robin W]

How to disable the WordPress admin bar for users on your site

[p3t3rr]

Hi Robin,

thank you for your reply. The code in that resource isn’t quite satisfactory but it gave me a head start.

I came up with the following function to disable the wp toolbar:

// disable wp toolbar on the frontend of website for role:'subscriber'
function disable_admin_bar() {
	if (current_user_can( 'subscriber' ) ) {
		show_admin_bar( false );
	}
}
add_action( 'after_setup_theme', 'disable_admin_bar' );

and the following to disable wp-admin:

// not allow access to wp-admin backend for role:'subscriber'
function sub_no_read_wpadmin(){  
    $role = get_role( 'subscriber' );
    $role->remove_cap( 'read' );    
}
add_action( 'admin_init', 'sub_no_read_wpadmin' );

Hopefully this is sound. Do you see any problems with this implementation?

[Robin W]

if it works, code looks fine, but I haven’t looked at in detail 🙂

[Robin W]

not sure why you need the second bit of code?

[p3t3rr]

not sure why you need the second bit of code?

I thought it’s necessary to in case subsribers have the link ‘mysite.com/wp-admin’. However, I just commented the second function out and it seems a subsriber still does not have access to /wp-admin.

So, I guess

function disable_admin_bar() {
	if (current_user_can( 'subscriber' ) ) {
		show_admin_bar( false );
	}
}
add_action( 'after_setup_theme', 'disable_admin_bar' );

takes care of both (and second function is obsolete)?

[Robin W]

yep – that should do it

[p3t3rr]

ok. thank you very much for your input!

[Robin W]

🙂