Use the coupon code BLACKFRIDAY40 and save 40% OFF! Buy Now

Introduction to WordPress user roles and capabilities

Last Updated On
Introduction to WordPress user roles and capabilities WordPress template

WordPress defines what a user can and can’t do by using a system of roles and capabilities, but what does this actually mean? Below we’ll analyze roles and capabilities a bit and see how we can alter them with the use of a plugin.

User roles

Roles are essentially user groups, WordPress comes with six out of the box. These go from the most basic of subscriber all the way up to the most powerful one of Super Admin. Let’s learn a bit more about them.

  • Subscriber: the most basic role a user can have. A subscriber can only read published posts and pages and modify their own profile.
  • Contributor: a contributor can create new posts and modify their content, but can’t publish them.
  • Author: an author can create, modify and publish their own posts.
  • Editor: the editor can do anything an author can do and additionally has the capability of modifying, publishing and deleting other users’ posts.
  • Administrator: along with all the above permissions and administrator can handle administrative tasks, such as installing plugins and themes, modifying site settings and more.
  • Super Admin: the final user role can only be found on multisite installations and grants the user the ability to create and delete sites, install and activate themes and plugins network wide and more.

Capabilities

Capabilities are essentially permissions, each one grants the user a certain ability. For example publish_posts allows a user to publish a post they have created, this capability is available to users with the role of author and upwards. As you might imagine the more capabilities a user has, the more powerful they become. A subscriber has a single capability, that of read which means that the only thing they can visit in the WordPress dashboard is their own profile page under Users > Your Profile. At the moment of writing there are about 60 default capabilities which can be found here.

The default roles and their assigned capabilities will cover the needs of most websites out there. However in some cases they might not be perfect. For example, while contributors can create posts they can’t upload files of any kind, so they can’t add featured or inline images. Another thing that may cause trouble to multi author site owners is that the author role allows users to delete posts that have been already published, which is problematic because an author can create the post, get paid for it and then delete it after it’s published.

By default WordPress does not allow administrators to modify capabilities for user groups, making it hard to fine tune permissions to match their needs. This can be amended by writing some code to add or remove permissions from specific groups, or luckily, by using one of the many role manager plugins available in the plugin directory. Some of the most popular are User Role Editor, MembersAdvanced Access ManagerWPFront User Role EditorCapability Manager Enhanced and User Roles & Capabilities. Basic functionality on all plugins is the same, they will all allow you to modify the capabilities of existing user roles, create new user roles only with the capabilities you need and even create and assign new capabilities.

Creating roles and modifying capabilities

Most likely you are already familiar with WooCommerce, the most popular eCommerce plugin for WordPress. Once activated, WooCommerce introduces a new user role, that of Shop Manager which can be assigned to users that are in charge of maintaining your shop by adding new products, fixing errors, handling orders etc. However this role comes with all the capabilities of an editor, which is something that you might not like. Below we’re going to take a look at how we can create a new role by duplicating the Shop Manager one and then we will remove all capabilities related to the editor role. The plugin we’ll use is WPFront User Role Editor.

After you install and activate the plugin you can go to Roles > All Roles, you should see something like this.

default_roles

You’ll notice that there are seven roles, the extra ones are Shop Manager and Customer which are added by WooCommerce. If we click on Shop Manager we’ll see what capabilities are assigned to that user role.

shop_manager_caps

There are quite a lot as evident by the image above, luckily their names are pretty descriptive and you can get a pretty good idea of what each one does just by reading them. Now let’s see how the WordPress dashboard looks like for a user with the Shop Manager role.

shop_manager_dashboard

The shop manager role provides the user with access to WooCommerce options, along with all other capabilities an editor has such as creating, editing and deleting posts, pages and attachments. Now let’s create our more restricted shop manager role. To do that let’s navigate to Roles > Add New. Give the role a name and from the drop down menu select Shop Manager and click Apply.

new_role

This will copy over all the capabilities from the Shop Manager role to the new Shop Director one. Now to remove unneeded capabilities. For this example I have unchecked all capabilities related to Posts, Pages, Comments and Links. This will prevent our shop director from modifying posts, pages and comments. This is what I’ve ended up with.

shop_director_caps

You can fine tune this to make it even more restrictive if you wish so. For example you can remove all capabilities related to orders so only you can manually approve them. Once you are satisfied with the capabilities assigned to your new role click the Add New Role button towards the end of the page to create it. In order to test it we need to assign that role to a user. To do that we need to navigate to Users > All Users. Locate the user you want to assign the role to and click the Assign Roles link.

assign_role

In the next screen select the Shop Director role from the Primary Role drop down and click the Assign Role button.

assign_director

That’s it, the role is assigned. Now we’ll login with that account and see if our changes have worked.

assignment_success

Success! As you can see the shop director now has access only to shop related functionality, such as creating and modifying products, handling orders and configuring WooCommerce itself. Post and pages are no longer available for modification which is what we were aiming for.

Signing out

We hope that after reading this you have a better grasp of what roles & capabilities are on WordPress and how to adjust them to get the functionality you want. If you have any questions please let us know in the comments below.

One response to “Introduction to WordPress user roles and capabilities”

  1. Anton says:

    Thank you for this review. I think that User Role Editor it’s best plugin.

Leave a Reply

Your email address will not be published. Required fields are marked *

Get access to all WordPress themes & plugins

24/7 Support Included. Join 115,000+ satisfied customers.

Pricing & Sign Up

30-day money-back guarantee. Not satisfied? Your money back, no questions asked.

Back to top