I’m currently developing an intranet and I am using Justin Tadlock’s Members plugin to control roles and capabilities.
I have created a HR role to allow Human Resources staff to create and edit user accounts. All staff created in WP are given the contributor role with a select few members of staff given editor and administrator roles.
What I want is to stop staff from logging in and changing their own profile information. Only staff of the HR role should be able to edit profile information.
great answer, to take this a step further and for anyone looking to apply this to all non-admin users (e.g. contributers, editors etc.)
// ===== remove edit profile link from admin bar and side menu and kill profile page if not an admin
if( !current_user_can('activate_plugins') ) {
function mytheme_admin_bar_render() {
global $wp_admin_bar;
$wp_admin_bar->remove_menu('edit-profile', 'user-actions');
}
add_action( 'wp_before_admin_bar_render', 'mytheme_admin_bar_render' );
function stop_access_profile() {
if(IS_PROFILE_PAGE === true) {
wp_die( 'Please contact your administrator to have your profile information changed.' );
}
remove_menu_page( 'profile.php' );
remove_submenu_page( 'users.php', 'profile.php' );
}
add_action( 'admin_init', 'stop_access_profile' );
}
