Custom post type and new role permissions

Replies: 0

I have created a new user role ‘authority’ and a custom post type ‘jobs’. I want the authority user role to log in and only see the jobs cpt and only be able to see their own posts they add under this jobs cpt.

There are taxonomies within the cpt to allow them to be categorised and searched on. Administrators and editors should be able to view, edit etc all jobs and taxonomies, whereas authority users should only be able to select taxonomies but not edit them.

With the code I have below

Authority users only see jobs in the nav – great
Authority users cannot edit taxonomies – great
However when clicking on jobs, they see the whole list – bad, should only see their own
They can also edit other users jobs – very bad

Admin users do not have the ability to see the job list
Admin users however can edit taxonomies

Can someone help me set these permissions? Thanks

/**
 * Custom post type for jobs and taxonimies
 */

add_action( 'init', 'create_custom_post_types' );
function create_custom_post_types() {


	register_post_type( 'sc_jobs',
		array(
			'labels' => array(
					'name' => 'Job',
					'singular_name' => 'Job',
					'add_new' => 'Add New',
					'add_new_item' => 'Add New',
					'edit_item' => 'Edit',
					'new_item' => 'New',
					'all_items' => 'All Jobs',
					'view_item' => 'View',
					'search_items' => 'Search',
					'not_found' =>  'No jobs found',
					'not_found_in_trash' => 'No jobs found in Trash',
					'parent_item_colon' => '',
					'menu_name' => 'Jobs'
			),
			'public' => true,
			'has_archive' => true,
			'rewrite' => array('slug' => 'job'),
			'capability_type' => 'job',
			'capabilities' => array(
				'publish_posts' => 'publish_jobs',
				'edit_posts' => 'edit_jobs',
				'edit_others_posts' => 'edit_others_jobs',
				'delete_posts' => 'delete_jobs',
				'delete_others_posts' => 'delete_others_jobs',
				'read_private_posts' => 'read_private_jobs',
				'edit_post' => 'edit_jobs',
				'delete_post' => 'delete_jobs',
				'read_post' => 'read_jobs',
			),
			'supports' => array('title', 'editor', 'thumbnail')
		)
	);

	register_taxonomy(
		'job_categories',
		array('sc_jobs'),
		array(
			'hierarchical' => true,
			'label' => __( 'Job Categories' ),
			'rewrite' => array( 'slug' => 'job-category' ),
			'show_ui' => true,
			'query_var' => 'job-category',
		)
	);

	register_taxonomy(
		'contract_type',
		array('sc_jobs'),
		array(
			'hierarchical' => true,
			'label' => __( 'Contract type' ),
			'rewrite' => array( 'slug' => 'job-contract-type' ),
			'show_ui' => true,
			'query_var' => 'job-contract-type',
		)
	);

	register_taxonomy(
		'working_pattern',
		array('sc_jobs'),
		array(
			'hierarchical' => true,
			'label' => __( 'Working Pattern' ),
			'rewrite' => array( 'slug' => 'job-working-pattern' ),
			'show_ui' => true,
			'query_var' => 'job-working-pattern',
		)
	);

	register_taxonomy(
		'salary_band',
		array('sc_jobs'),
		array(
			'hierarchical' => true,
			'label' => __( 'Salary Band' ),
			'rewrite' => array( 'slug' => 'salary-band' ),
			'show_ui' => true,
			'query_var' => 'salary-band',
		)
	);

	register_taxonomy(
		'the_advertiser',
		array('sc_jobs'),
		array(
			'hierarchical' => true,
			'label' => __( 'Advertiser' ),
			'rewrite' => array( 'slug' => 'job-advertiser' ),
			'show_ui' => true,
			'query_var' => 'job-advertiser',
		)
	);


}

function add_jobs_caps() {

    $admins = get_role( 'authority' );

    $admins->add_cap( 'edit_jobs' );
    $admins->add_cap( 'publish_jobs' );
    $admins->add_cap( 'read_jobs' );
    $admins->add_cap( 'read_private_jobs' );
    $admins->add_cap( 'delete_jobs' );
	$admins->remove_cap( 'edit_others_jobs' );
	$admins->remove_cap( 'delete_others_jobs' );
}
add_action( 'admin_init', 'add_jobs_caps');