WordPress will only prompt you for your FTP connection information while trying to install plugins or a WordPress update if it cannot write to /wp-content directly. Otherwise, if your web server has write access to the necessary files, it will take care of the updates and installation automatically. This method does not require you to have FTP/SFTP or SSH access, but it does require your to have specific file permissions set up on your webserver.
It will try various methods in order, and fall back on FTP if Direct and SSH methods are unavailable.
https://github.com/WordPress/WordPress/blob/4.2.2/wp-admin/includes/file.php#L912
WordPress will try to write a temporary file to your /wp-content directory. If this succeeds, it compares the ownership of the file with its own uid, and if there is a match it will allow you to use the 'direct' method of installing plugins, themes, or updates.
Now, if for some reason you do not want to rely on the automatic check for which filesystem method to use, you can define a constant, 'FS_METHOD' in your wp-config.php file, that is either 'direct', 'ssh', 'ftpext' or 'ftpsockets' and it will use that method. Keep in mind that if you set this to 'direct', but your web user (the username under which your web server runs) does not have proper write permissions, you will receive an error.
In summary, if you do not want to (or you cannot) change permissions on wp-content so your web server has write permissions, then add this to your wp-config.php file:
define('FS_METHOD', 'direct');
Permissions explained here:
This really shouldn't be terribly difficult.
The first step is to create a custom capability type to correspond to your custom post type, via the 'capability_type' parameter passed to register_post_type(). You're using the default, i.e.:
'capability_type' => 'post',
Set that to something else, perhaps 'employee', and as per the Codex, also set 'map_meta_cap' to true:
'capability_type' => 'employee',
'map_meta_cap' => true,
The next step is to add the related capabilities to your custom users, via the $capabilities parameter passed to your call to add_role(). For the "employee" user role, you'll want to add edit_employee et al (edit_, delete_, etc.), and for the "agent" user role, you'll want to include edit_employee et al, along with edit_others_employee et al.
Best Answer
Justin Tadlock is a WordPress heavy (wrote the popular Hybrid theme framework), recently released a comprehensive user management plugin called Members, which among other things can turn your blog into a login-only venue:
But I get the impression that you're looking to keep some part available to the public users and other parts only for registered users.
You can also use this plugin to restrict certain areas of your blog, screenshot example here: based on role
Hiding the tabs from the public user is the challenging part. Themes typically aren't designed with private portions in mind; you'd have to hack it yourself or get someone to do it for you.