I’m currently developing an intranet and I am using Justin Tadlock’s Members plugin to control roles and capabilities.
I have created a HR
role to allow Human Resources staff to create and edit user accounts. All staff created in WP are given the contributor
role with a select few members of staff given editor
and administrator
roles.
What I want is to stop staff from logging in and changing their own profile information. Only staff of the HR
role should be able to edit profile information.
5 s
great answer, to take this a step further and for anyone looking to apply this to all non-admin users (e.g. contributers, editors etc.)
// ===== remove edit profile link from admin bar and side menu and kill profile page if not an admin
if( !current_user_can('activate_plugins') ) {
function mytheme_admin_bar_render() {
global $wp_admin_bar;
$wp_admin_bar->remove_menu('edit-profile', 'user-actions');
}
add_action( 'wp_before_admin_bar_render', 'mytheme_admin_bar_render' );
function stop_access_profile() {
if(IS_PROFILE_PAGE === true) {
wp_die( 'Please contact your administrator to have your profile information changed.' );
}
remove_menu_page( 'profile.php' );
remove_submenu_page( 'users.php', 'profile.php' );
}
add_action( 'admin_init', 'stop_access_profile' );
}