If you want to control which users have access to your custom post types, you can simply by adding some extra code to your existing code which registers your CPT.
This PHP code enables you to add different capabilities to restrict access to what your members can do with your CPT’s.
It includes a array of capabilities which can easily be modified according to your needs.
The code above enables anyone with the Contributor role access to:
- Create & submit new custom post type pages for review by an Administrator
- Edit their own existing CPT’s
- View their own existing CPT’s
- View others custom post types
- Edit or Delete others CPT’s
- Delete their own CPT pages
Using this code
If you haven’t yet created a custom post type, you can copy all this code from the view raw link in the Gist and paste it at the end of your child themes functions.php file using a text editor like Notepad++.
Then all you need to do is change all instances of yourcpt & YourCPT to the name you want to give your custom post type.
User Roles & Capabilities
If you want to learn more about the very basics of user roles and capabilities as well as check out what plugins are available for this purpose, here’s a very simple post which explains the very basics.
Otherwise, the WordPress Codex has several pages with more detail on this topic.