Beginning with version 4.6.0, Event Espresso has introduced a number of WordPress capabilities for restricting access to various actions and views in the users dashboard.
Most of you know WordPress has a powerful user management system via its roles and capabilities system. We’d like to get things off to a great start with EE4 and so one of the most powerful things we have added to EE 4.6 core is the intelligently placed capabilities that we use for restricting access to various parts of EE4.
Event Espresso registers an Events Administrator role when first activated, and grants additional capabilities to the admin. These capabilities are prefixed with ee_ and are listed in this Google docs spreadsheet.
Events Administrator Role
The Events Administrator role is a role you can give someone to manage events and registrations without making them an admin. They’ll have all of the ee_ capabilities and the general WordPress Editor capabilities.
Customizing User Roles with EE4 Capabilities
You can customize the Events Administrator role and any other WordPress role to include all or some of the Event Espresso capabilities. Before you get started, you can familiarize yourself with the “EE Capability System” and install a third party plugin, such as Members or User Role Editor, to use its extensive role and capability management system to grant users (by role) access to attendee data, events, registrations, and WordPress pages and post content.
In order for the Event Espresso menu to load you’ll need a minimum of ee_read_ee and ee_read_events.
You can install the User Switching plugin to allow you to switch between your user account and the account you want to test easily OR open up an incognito/private window of your browser and log into the other account there. This way you can add capabilities in one window, refresh the other and you’ll get instant changes.
Troubleshooting
If the admin user is missing some capabilities, you can reset the capabilities by going to Event Espresso > Maintenance > Reset page and click on the Reset Capabilities button.
Use cases
- Restrict publishing of events where they require approval: Remove the
ee_publish_events
capability - Restrict access to only the user’s authored events: Remove the
ee_read_others_events
,ee_edit_others_events
capabilities
Extending the EE4 Capability System
In EE4 we’ve provided a handy api for developers to quickly integrate add-ons with different core components of Event Espresso. The EE Capabilities system takes care of initializing new roles and adding capabilities to existing roles. It is also used for users to reset default roles easily if needed. When you hook in your new capabilities using this system you are automatically integrated with all the stuff the EE Capabilities system does.
This document highlights the EE_Register_Capabilities
plugin API.