Human beings may be created equal, but admin users–not so much. Some admins know their roles and stick to them, while others behave like over-stimulated children in a toy store, touching everything in sight until something breaks.
In this post, we’ll show you how to use Branda, WPMU DEV’s ultimate white label branding plugin, to customize the default WordPress user role system and put the expensive toys out of reach of your more accident-prone users.
More specifically we’ll be covering:
- Understanding user roles and capabilities
- Customizing WordPress user roles with the Branda white label plugin
- Creating custom menus for each role
- Why give users the power to white label WordPress
Let’s get to it…
Understanding User Roles and Capabilities
Does the person who delivers your mail have a set of keys to your house? Is it OK if the plumber tinkers with the electrical system when he gets tired of repairing the kitchen sink?
The answer in both cases is likely no.
The postman doesn’t need your house key to perform that job, and the plumber should leave electricity to the electrician.
Likewise, it’s a mistake to view user roles as job titles or see them as a hierarchy in which some roles are superior to others.
User roles should be defined by the degree of access required to accomplish a given task or set of tasks.
WordPress User Roles And Capabilities – Good Practices
Good user role policies should:
- Help secure your WordPress site by ensuring users don’t have access to things they shouldn’t.
- Improve workflow by limiting access to unnecessary and distracting features, while funneling users to their assigned tasks.
A capability is a permission to perform one or more types of tasks. Each user of a WordPress site might have some permissions, but not others, depending on their role.
For example, users who have the Author role usually have permission to edit their own posts (the “edit_posts” capability), but not permission to edit other users’ posts (the “edit_others_posts” capability).
WordPress comes with six pre-defined user roles that provide access to various areas of the site:
- Super Admin – a user with access to the site network administration features and all other capabilities.
- Administrator – a user who has access to all the administration features within a single site.
- Editor – a user who can publish and manage posts including the posts of other users.
- Author – a user who can publish and manage their own posts.
- Contributor – a user who can write and manage their own posts but cannot publish them.
- Subscriber – a user who can only manage their profile.
WordPress also provides over fifty capabilities in its role-based access system.
This article was written by Martin Aranovitch and originally published on WPMU DEV Blog.