Make WordPress Private Posts Visible to Subscribers

Out-of-the-box, WordPress provides a neat way to create Private Posts and Pages that are only visible to Administrator or Editor user roles. While this is useful, sometimes we might need to give read access to lower level WordPress users, while preserving read & write access for those on the higher level user roles.

Why Make WordPress Private Posts Visible to Subscribers

Lower level WordPress users (in this case Subscribers) fulfil at least one basic requirement we might have when it comes to accessing our website content and features: they are logged in! Sure, they are the lowest level of user in terms of permissions, but they are a significant cut above a public, non-logged-in user and, as such, you may wish to give them a few extra privileges on your website.

For example, we are sometimes asked to create a private, non-public, site within a site for our customers. Very often this can be in the form of company policy documents, staff notices or, as was the case most recently, an entire Intranet space.

There are, of course, many ways of doing this and the right solution depends very much on the precise requirements. A quick way of achieving it is to use Private Posts & Pages and restrict the ability to create or edit these by user role, while giving lower level users read access.

How to Make Private Posts Visible to Subscribers

To actually make Private Posts & Pages visible to your subscribers, we’re going to need to do two things. This is all quite easy to do, but if you have any difficulties whatsoever ask your web developer to assist you.

• Switch off the WordPress setting that says ‘Anyone can Register’
• Add a snippet of code to our functions.php file

The reason for disabling the ‘Anyone can register’ option is that, we don’t want public users from outside of the organisation creating accounts on our website. If we allow this, then we may need to create a brand new WordPress user role for them, which is a separate topic altogether. Otherwise, these users will register, login and then see all of our supposedly ‘private’ content.

Disabling the Anyone Can Register Setting

To disable registration of public users and therefore ensure that only your administrators can add user accounts to your WordPress website, simply go to the Settings page in your WordPress backend admin and untick the ‘Anyone can Register’ Membership option. This will then remove the entire registration options and process from the login sections of your website. The screenshot below illustrates this.

Adding the Code Snippet

Copying and pasting the code snippet below into your functions.php file will take care of adding the capability for Subscribers to view Private Posts & Pages. Remember, if you are running a child theme, then it is the functions.php file inside your child theme parent directory that needs to have this snippet pasted in.

/*
* Make Private Posts visible to Subscribers
* Typically only visible to admin or editor
*/
<?php
function whitespider_private_posts_subscribers(){
 $subRole = get_role( 'subscriber' );
 $subRole->add_cap( 'read_private_posts' );
$subRole->add_cap( 'read_private_pages' );
}
add_action( 'init', 'ws_private_posts_subscribers' );
?>

What this Code Does

The code simply grabs the role object for the Subscriber role and then changes the user Capability property for reading Posts & Pages. It does all of this when it encounters the ‘init’ action hook during the WordPress page load cycle.

WordPress Private Posts – Now You See Me?

Now that all of the above has been done your basic Subscriber user can see Private posts and pages, but still does not have the ability to create or edit them.

However, to make this even better, we should really consider a Private Menu also. This would make it possible for logged in users to see a separate menu, which is not visible to non-logged-in users. This menu, then, could hold all of the links to your private pages, making navigation a breeze.