Limit any individual ClassifAI feature to specific roles or to named users, on a per-feature, per-site basis from the regular settings UI.
How it works
Every ClassifAI feature ships with a consistent block of access-control settings on its admin page: an allowed roles multi-select populated from the site’s editable roles (subscribers excluded), and an allowed users search field for adding individual usernames that do not match any role rule. The capability check runs every time the feature is invoked — whether through the editor UI, a REST request, or a WP-CLI command — and unauthorised users see no UI affordance at all rather than a broken button.
User-side opt-out
The same settings page also includes a user-based opt-out toggle, which lets individual users disable a feature for themselves through their profile screen even if their role allows it. This matters for newsrooms where some writers do not want AI suggestions in their flow at all.
Programmatic control
The roles list itself is exposed through a classifai_{feature}_roles filter, and the user list through a sibling filter, so a site can programmatically deny or extend access without touching the database. This is the common path for hosts that provision capabilities through environment-driven config rather than the admin UI.
Providers
None — the gating happens entirely inside ClassifAI before any provider is contacted, so this feature has no outbound API calls and no provider configuration of its own.