How To Change User Roles In WordPress – User Roles & Capabilities
Since the release of version 2.0, User Roles have been an
important and integral part of WordPress. Giving you the ability to control who
can do what with your site, the WordPress user management system not only helps
you manage your site efficiently and effectively but also minimizes the chances
of any mistakes or accidents happening that could bring disastrous consequences
to your site.
As a WordPress site owner, you must be familiar with User
Roles and their Capabilities especially if you run a large online publication
or collaborate with a group of users contributing to your site in one way or
another. This is very crucial to strike a perfect balance between permissions
and restrictions for each WordPress user. After reading this easy-to-follow
guide, you’ll have a solid understanding of how to manage WordPress User Roles
properly.
So, let’s start!
Understanding User Roles In WordPress
A Role in WordPress basically defines a set of tasks, called
Capabilities, which a person is allowed to perform. Each Role is assigned
a default set of capabilities that determine what that role can or can’t do;
however, you can assign or remove other capabilities using WordPress functions.
Without capabilities, a Role is nothing but just a name without any control. In
short, a role is an entity made up of a unique name and a set of capabilities
that define what features of WordPress the role is allowed to access and use.
Out of the box, WordPress ships with following default user
roles.
1. Super Administrator
The super admin user role is a multi-site-network-only role.
As the name itself describes, this user role has the maximum capability and
therefore, can access all the site network administration features. Users with
this most powerful role not only can access and manage multiple sites but also
can add and delete sites from a multi-site network.
2. Administrator
Administrator is the most powerful user role in a regular
WordPress installation. It is by default the first user on a WordPress site,
who can do everything from updating core to deleting users. Users with this
role have full access and control over all the administrative features within a
single site.
3. Editor
Users with the editor role have complete control over the
content, including all media files, of a WordPress site. They can publish and
manage all posts including those created by other users or labeled private.
They can also manage comments, categories, links, tags and pages, but can’t
make any changes to the settings of a WordPress site.
4. Author
A step down from the editor, an Author is able to publish
and manage their own posts but doesn’t have access to content created by other
users. While publishing, authors can add tags and media files to their posts.
However, they are not allowed to create, edit or delete categories and pages.
5. Contributor
A contributor is someone who can write, edit and delete
their own posts but is unable to publish them. Unlike Authors, contributors
don’t have the ability to upload files to the Media Library. However, they can
add tags to their posts. In general, this user role is reserved for guest
authors whose content needs to be reviewed by an Admin or Editor before
publishing.
6. Subscriber
A subscriber has the lowest access to WordPress’ features. Users with the subscriber role can only read your site, leave comments and create and manage their user profile. Besides, they can’t do anything else inside Dashboard. It’s important to note that WordPress by default labels all new users as Subscribers.Understanding Capabilities In WordPress
This is the real beauty of how the system works.
Capabilities are permissions. They’re a way of saying a role can or can’t do
something.
Capabilities are given to roles. So, users of a certain role
are limited by that role’s capabilities.
For Example:-
The administrator role (by default) is granted the capability of { edit_themes }. You don’t get to edit your theme because you’re an administrator. You are allowed to edit your theme because your role (administrator) has the capability of { edit_themes }. If you took away that capability, you would no longer be able to edit your theme in the WordPress admin, no matter how important you think your role is.
The administrator role (by default) is granted the capability of { edit_themes }. You don’t get to edit your theme because you’re an administrator. You are allowed to edit your theme because your role (administrator) has the capability of { edit_themes }. If you took away that capability, you would no longer be able to edit your theme in the WordPress admin, no matter how important you think your role is.
Basic WordPress Functions To Manage Roles And Capabilities
Now that you have understood User Roles and their
Capabilities in WordPress, let’s move to basic WordPress functions that are
used to create and manage roles and capabilities. These are five simple
functions.
{ add_role(): } - Enables you to add a new custom role to
WordPress.
{ remove_role(): } - Allows you to remove a custom role from
WordPress.
{ add_cap(): } - Lets you add a custom capability to a role
or specific user.
{ remove_cap(): } - Allows you to remove a custom capability
from a role or specific user.
{ get_role(): } - Enables you to fetch a role definition.
Let’s see these functions in action through the following
examples.
1. Creating Your Own Custom User Roles
In addition to five default user roles, WordPress allows you
to add (and remove) custom roles to the system. To add a new custom role, all
you need to use the { add_role() } function, which takes three parameters
– { $role } (role name), { $display_name } (display name for role) and { $capabilities } (list
of capabilities).
<?php $result = add_role( 'comment_moderator', __('Commment Moderator', 'testdomain' ), array( 'read' => true, 'moderate_comments' => true, ‘edit_comment’ => true, 'edit_themes' => false, 'install_plugins' => false, 'update_plugin' => false, 'update_core' => false ) ); ? >
The above code snippet, which you can use within a plug-in
or your active theme’s { functions.php } file, adds a new role called
‘Comment Moderator’ with three capabilities read, ‘{ moderate_comments }‘ and ‘{ edit_comment }’,
and four restrictions ‘{ edit_themes }‘, ‘{ install_plugins }‘, ‘{ update_plugin }‘ and ‘{ update_core }‘.
<?php remove_role( 'comment_moderator' ); ?>
2. Adding / Removing Custom Capabilities From A User Role
Despite each user role in WordPress comes with a pre-defined
set of capabilities, you can add or remove other capabilities from a role or
specific user by making use of { add_cap() } and { remove_cap() } functions.
<?php function add_capability() { $role = get_role( 'author' ); $role->add_cap( 'edit_others_posts' ); $role->remove_cap( ‘upload_files’ ); } add_action( 'admin_init', 'add_capability'); ?>
3. Changing A Specific User’s Capabilities
If you want to change the capabilities of a specific user,
you can do so by using following code.
<?php function wp_specific_user() { $user_id = 5; $user = new WP_User( $user_id ); $user->add_cap( 'delete_posts' ); $user->remove_cap( 'edit_posts' ); } add_action( 'admin_init', 'wp_specific_user'); ?>
4. Checking A User’s Capabilities
To check if a particular user has capability or role, use the { user_can() } function that takes user ID as its first parameter.<?php if ( user_can( 5, 'moderate_comments' ) ) { echo 'The current user is able to moderate comments'; } ?>
To get the ID of a particular user, consider using a plug-in
like Reveal IDs.
5. Changing The Name Of An Existing User Role
In WordPress, you’re not allowed to change the name of a
user role but using the following code, you can change a default role name to
what you actually want.
function change_default_role_name () { global $wp_roles; if ( ! isset( $wp_roles ) ) $wp_roles = new WP_Roles(); $wp_roles->roles['editor']['name'] = 'Owner'; $wp_roles->role_names['editor'] = 'Owner'; } add_action('init', 'change_default_role_name');
Plug-Ins To Manage User Roles And Capabilities
If you’re not a developer-type, don’t panic! There are several WordPress plug-ins that allow you to easily manage user roles and capabilities without writing a single line of code. The most popular ones are listed below.1. User Role Editor
User Role Editor is an easy to use WordPress plug-in using
which you can quickly add, edit or delete user roles and capabilities with a
few clicks of mouse. All you need to do is to select a role, turn on check
boxes of capabilities that you want to add and click the update button.
However, you can’t make any changes to Administrator user role.
2. Capability Manager Enhanced
The Capability Manager Enhanced provides you the simplest way to manage user
roles and capabilities in WordPress. With Capability Manager Enhanced, not only
you can add new roles but also can add or remove capabilities from any role.
Best of all, this amazing plug-in fully supports role networking and capability
negation.
3. Members
Members is a powerful WordPress plug-in built to let you
manage users, roles, and capabilities without any hassle. It comes with a
user-friendly interface to give you complete control over WordPress roles and
permissions. What’s more interesting is that you can control who will have
access to the content of your site or even can make the site completely private.
4. WPFront User Role Editor
The WPFront User Role Editor enables you to manage user roles in WordPress.
Not only you can create, edit or delete user roles and capabilities but also
can change default user role and clone existing roles. A pro version with
additional features is also available for advanced users.
5. User Roles And Capabilities
User Roles and Capabilities is another simple plug-in that
allows you to manage roles and permission in WordPress. Using this plug-in, you
can create new roles, delete or clone existing roles, manage user capabilities
and more. However, it doesn’t allow you to modify any capability for
administrator and delete default user roles.
I have tried to collect every informational data regarding the topic mentioned above. Hope this is very fruitful to WordPress lovers. Suggest anything if you have in your thoughts. Share and comment below.
No comments:
Post a Comment