Websites, no matter if simple blogs, corporate sites or e-commerce stores, usually have more then one contributor to the end product. There are designers and administrators who create and build the whole site. But there are also editors who only enter new content but it needs to be approved and published by someone else. Or there are shop managers, who take care of the e-commerce functions, but don’t need to be able to administer the whole backend. And there are readers, who will only see the front-end at all times.
In WordPress this is controlled through the user system. When installing WordPress, there are five default user roles available:
- Administrator: User can access all administrative options and features.
- Editor: User can manage and publish posts.
- Autor: User can write and publish posts.
- Contributor: User can write posts, be he cannot publish. Instead they submit them for review (e.g. to the editor).
- Subscriber: User has basic front-end functionalities like leaving comments and changing their profile.
These default roles cannot be changed out of the box. Their capabilities are given by WordPress. Some Plugins add additional roles, like WooCommerce adds a store manager or WP Car Manager adds a Car Seller. But if you want to change what users can and cannot do and add new user roles, you will need to either code them or use plugins. This article will focus on the latter.
Reasons For Additional User Roles
Why would you want additional roles anyways? For many websites, you don’t need them. The basic roles are enough. But there are sites where more flexibility is needed. You as an administrator might want to make sure that users can only access what they need. It could be the actual owner of the site, if you have a maintenance agreement with them and they don’t need access to all settings. This way you can be sure the site won’t crash due to site owners test of a simple checkmark.
Or you may have plugins like Download Monitor and you need some users to be able to see the download logs, but you don’t want them to get into the settings and plugins. And so on. In all cases, when the default roles cannot give you what you need, you should create new roles and add only the necessary capabilities. For the security of your website you should always try to provide individuals with the least possible amount of access that allows them to do just what they need.
The WordPress Capabilities
The different permissions for the actions one can perform in WordPress are called capabilities. There are around 60 different capability options in WordPress. It’s too many to explain them all in detail. Luckily, the naming is quite obvious. If you want an overview of all of them, check the WordPress Codex.
It’s important to note, that the permissions are usually exactly what the name says. But also not more. delete_posts will let the assigned person delete Posts. But the user cannot delete pages or do anything else with the post. I therefore highly recommend looking at all capabilities and then deciding consciously what is needed and what not.
Creating User Roles and Assigning Capabilities
To be able to create as many different capability versions as needed, just editing the existing roles usually isn’t enough. Instead, you can create new roles and give each role the required capabilities. You will even be able to assign more than one role to a user. Creating new roles instead of changing the existing ones will make your site easier manageable and you can always add and delete roles to you liking.
The basic steps are, that you create a new role and give it a name. The name should describe the permissions you will give in a way you (and other admins) can remember. Then you assign the needed capabilities, save the role and assign it to users.
If you assign users more than one role, you will have to define beforehand, if permissions of one role override restrictions of the other or the other way around. If one is a subscriber and an editor, the additional editor capabilities for example should overwrite the restrictions of the subscriber. Test these options thoroughly, as they can lead to a lot of confusion if mixed up.
Members is a very strong plugin to control user roles. The plugin will let you create new user roles and add capabilities. You can also deny options, which is useful when assigning different roles to one user. But further than that, you can also explicitly select post content for different roles to display or make the whole site private all together. You can also create shortcodes to deny access to specific pages and you can add a login form widget to your sidebar. I like using it most as it develops the least plugin conflicts and many plugins integrate their roles straight into it.
User Role Editor
The User Role Editor is probably the most famous plugins for role management. Like Members next to generating new user roles and assigning/denying capabilities, it will also provide a shortcode to restrict view of content to a specific user role and it allows to regulate view of certain content types to users.
WPFront User Role Editor
WPFront User Role Editor is a lightweight and simple to use solution to create new user roles. It will easily let you manage your existing user roles and you can create, edit, clone and manage capabilities of roles.
Capability Manager Enhanced
Last but not least the Capability Manager Enhanced also lets you create and manage user roles and their capabilities. It perfectly integrates into multisites, so you can copy roles from any of your sites and it will let you backup and restore user roles to revert changes. What I also like is that you can order the displayed permissions by post type, operation or origin
Hiding Admin Menu Items
Another way to restrict access to certain options and settings is to hide menu items of the admin menu, depending on the user or the user role. That way, you don’t have to go through the capabilities and test and understand each one. Or, if the possible capabilities of a plugin for example still offer too much insight into menu parts, you just hide the items a role is not supposed to access.
Admin Menu Editor
If you are looking for a solution to show and hide navigation menus based on user types, Admin Menu Editor might be right for you. You can manage permissions to any menu item depending on capabilities or roles. Additionally, you can change menu titles, URLs and icons, reorganize them and create custom menus.
If you need to hide certain Admin menu items from non-admin users, you can also use Adminimize. You will be able to activate and deactivate every part of the menu and you can even choose submenu items to hide depending on the user role. Meta fields can be administered separately for posts and pages. And you can minimize the header of the backend and change the menu order.
Testing the Roles
Once you set up your user roles and set their permissions, it’s time to test the results. While it is always possible to log out and then log in as a different user, you can also use plugins to test the roles directly as administrator. They will let you switch to another users view and you can go through all the items and settings they can access.
With just one click, User Switching will log you out and back in as any user you have on your site. Simply find the user in you user list, hover over the name and select switch to. You can switch back just as easy with an always visible „switch back to …“ and you can even simulate a logout and get back in immediately. While logged in as a user, you can do anything that specific person would do.
View Admin As
A little different approach is taken by View Admin As. If you don’t like turning into a certain user, with this plugin you can also view the admin area as a specific user role would right from your admin bar. You basically change your capabilities for a short time and can test a user role. Though if you want, you can also select a user and change to his view (including the possibility to change his preferences, etc.)