Managing a WordPress site can be challenging, especially when it comes to security and access control. Often, you may want to restrict certain plugins from being accessible to specific user roles to ensure data privacy and security. Fortunately, with a bit of PHP code, you can easily disable a specific plugin based on the logged-in user’s role.
In this blog post, we will guide you through the process of how to disable WordPress plugins based on user role with some simple code edits.
Getting Started
To get started, you will need to add the following code to your WordPress site’s functions.php
file:
function disable_plugin_by_user_role() { //Enter the user roles that should be disabled $disabled_roles = array('editor', 'author'); //Get the current user's role $user = wp_get_current_user(); $user_role = (array) $user->roles; //Enter the plugin that should be disabled $plugin_to_disable = 'plugin-folder/plugin-file.php'; //Check if the user's role matches the disabled roles if (array_intersect($disabled_roles, $user_role) && is_plugin_active($plugin_to_disable)) { deactivate_plugins($plugin_to_disable); add_action('admin_notices', 'disabled_plugin_notice'); } } add_action('admin_init', 'disable_plugin_by_user_role'); function disabled_plugin_notice() { _e('The plugin has been disabled for your user role.', 'my-plugin-textdomain'); }
Understanding the Code
Let’s break down the code above to understand how it works.
The first part of the code defines the disable_plugin_by_user_role()
function that disables a specific plugin based on the logged-in user’s role.
The $disabled_roles
variable is an array of user roles that should be disabled from accessing the plugin. In this example, we are disabling the plugin for the editor
and author
roles.
The wp_get_current_user()
function retrieves the current user’s role, and the $user_role
variable stores the retrieved role as an array.
The $plugin_to_disable
variable is the path to the plugin that you want to disable. In this example, we are disabling a plugin located in the plugin-folder
directory with the file name plugin-file.php
.
The is_plugin_active()
function checks if the specified plugin is active. If the plugin is active, the deactivate_plugins()
function deactivates the plugin. Additionally, the add_action()
function adds an error message to the WordPress admin dashboard.
The disabled_plugin_notice()
function displays a message on the admin dashboard informing the user that the plugin has been disabled.
Conclusion
In summary, with the PHP code provided above, you can easily disable a specific plugin based on the logged-in user’s role. By adding the code to your WordPress site’s functions.php
file, you can restrict plugin access for specific user roles, ensuring data privacy and security.
Remember to test the code before implementing it on your live WordPress site to avoid unexpected results.