Chapter 6. Users, Roles, and Capabilities

In Chapter 1, we established logins as a crucial component of any web app. One of the great things about using WordPress for your apps is that you get fully featured user management out of the box. The core WordPress app includes:

  • Secure logins with passwords that are salted and hashed

  • User records with an email address, username, display name, avatar, and bio

  • Administrator views to browse, search, add, edit, and delete users

  • User roles to separate administrators from editors, authors, contributors, and subscribers

  • Pages for users to log in, register, and reset passwords

By using various WordPress functions and APIs, we can do the following:

  • Add and manage user meta or profile fields for each user.

  • Define custom roles and capabilities for finer control over which users can access which areas.

Managing users in WordPress is a fairly straightforward affair. The User tab in the dashboard makes it easy to browse, search, add, edit, and delete users. It’s easy to manage users via code as well.

This chapter will cover these areas:

  • How to access user data in your code

  • How to add custom fields to users

  • How to customize the user profiles and reports in the dashboard

  • How to add, update, and delete users

  • How to define custom roles and capabilities

  • How to extend the WordPress User class to create your own user-focused classes

Getting User Data

In this section, we’ll explore how to instantiate a WordPress user object ...

Get Building Web Apps with WordPress, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.