Skip to:
Content
Pages
Categories
Search
Top
Bottom

Restrict access to wp-admin and disable admin bar for forum participants


  • p3t3rr
    Participant

    @p3t3rr

    Hi there,

    I am currently setting up a bbpress forum. This is why I post a view threads atm because I have questions. Hopefully, it’s not perceived as spam.

    I know that this is not a bbpress issue, more of a wordpress thing in general. However, I guess that most bbpress developers/admins have solved this issue – therefore I ask it here.

    I want to disable access to wordpress admin dashboard for all normal forum participants (role: subscriber/participant).

    I have done some searching and found that it could be achieved through the following custom php.

    disable wp-admin:

    // redirect back to homepage and not allow access to wp backend for subscribers
    function rkk_redirect_admin(){
    	if ( ! wp_doing_ajax() && ! current_user_can( 'edit_posts' ) ) {
            wp_redirect( site_url() );
            exit;
        }
    }
    add_action( 'admin_init', 'rkk_redirect_admin' );

    disable wp admin toolbar:

    // disable wp toolbar on the frontend of website for subscribers
    function rkk_disable_admin_bar() {
        if( ! current_user_can('edit_posts') )
            add_filter('show_admin_bar', '__return_false');
    }
    add_action( 'after_setup_theme', 'rkk_disable_admin_bar' );

    I included that code in functions.php of childtheme. However, it does not seem to have an effect. Subscriber can still access wp-admin and can see the wp toolbar in the front end.

    Anybody have a good solution for this? I don’t want to use an extra plugin for that.

    thank you for helping. best regards, peter

Viewing 9 replies - 1 through 9 (of 9 total)

  • p3t3rr
    Participant

    @p3t3rr

    link to the forum: https://hatopia.de/community/


    Robin W
    Moderator

    @robin-w


    p3t3rr
    Participant

    @p3t3rr

    Hi Robin,

    thank you for your reply. The code in that resource isn’t quite satisfactory but it gave me a head start.

    I came up with the following function to disable the wp toolbar:

    // disable wp toolbar on the frontend of website for role:'subscriber'
    function disable_admin_bar() {
    	if (current_user_can( 'subscriber' ) ) {
    		show_admin_bar( false );
    	}
    }
    add_action( 'after_setup_theme', 'disable_admin_bar' );

    and the following to disable wp-admin:

    // not allow access to wp-admin backend for role:'subscriber'
    function sub_no_read_wpadmin(){  
        $role = get_role( 'subscriber' );
        $role->remove_cap( 'read' );    
    }
    add_action( 'admin_init', 'sub_no_read_wpadmin' );

    Hopefully this is sound. Do you see any problems with this implementation?


    Robin W
    Moderator

    @robin-w

    if it works, code looks fine, but I haven’t looked at in detail 🙂


    Robin W
    Moderator

    @robin-w

    not sure why you need the second bit of code?


    p3t3rr
    Participant

    @p3t3rr

    not sure why you need the second bit of code?

    I thought it’s necessary to in case subsribers have the link ‘mysite.com/wp-admin’. However, I just commented the second function out and it seems a subsriber still does not have access to /wp-admin.

    So, I guess

    function disable_admin_bar() {
    	if (current_user_can( 'subscriber' ) ) {
    		show_admin_bar( false );
    	}
    }
    add_action( 'after_setup_theme', 'disable_admin_bar' );

    takes care of both (and second function is obsolete)?


    Robin W
    Moderator

    @robin-w

    yep – that should do it


    p3t3rr
    Participant

    @p3t3rr

    ok. thank you very much for your input!


    Robin W
    Moderator

    @robin-w

    🙂

Viewing 9 replies - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.
Skip to toolbar