How can I Remove user access to the contents of WordPress admin menus?

Question

I want to delete user access to some WordPress admin menus .

I use the following code, but this code only removes the menu links.

function remove_admin_menu() {
remove_submenu_page('edit.php','post-new.php');
}
add_action( 'admin_init', 'remove_admin_menu' );
add_action( 'admin_menu', 'remove_admin_menu' );

And the user can see the contents of the page by entering the menu address in the browser's address bar.

for example :

(domain)/wp-admin/post-new.php

I want the user to see the following message by entering the address in the browser ( for example ) : your Access is Denied

What code should I use?

Answer 1

By WP_Role we can easily update the role by removing or adding new capabilities. Bellow a sample example for user role Administrator.

WP_Roles => array(
  'roles' => array(
    'administrator' => array(
      'name' => 'administrator',
      'capabilities' => array(
        'switch_themes' => true,
        'edit_themes' =>  true,
        'activate_plugins' => true,
        // Much more
      ),
      // Other roles
    ),
   'role_names' => array(
    'administrator' => 'Administrator',
     // Other role names
   )
   // ...
 );

You can get full understanding to go through official documents.

Here is the link of official documents of WordPress Role and Permission. https://developer.wordpress.org/plugins/users/roles-and-capabilities/

Answer 2

The link provided by Sneher will show you how to create a new role.

If your admin menu is custom then you can restrict the access in the register_taxonomy.

If your admin menu is pre-built by Wordpress then you will have to hook into the menu in the function file.