WordPress comes with a basic user management system. It allows you to add users and control their permissions through built-in functions. Visitors can even register to your site as well. User management system is an integral part of WordPress architecture. Without this system, you won't be able to build a membership site where people pay to sign up and read member-only content.
There is a concept of User Roles, which let you define what permissions a particular user has. By default, there are five user roles. Unfortunately, WordPress does not allow adding or customizing these default roles as a native feature. However, there are many role editing plugins which can help you here. In this post, I will discuss what are the different user roles in WordPress, their importance and plugins to manage them effectively.
Understanding user roles is essential when you are building a membership site.
What Are User Roles in WordPress?
User Roles are a collection of permissions assigned to users. In a new WordPress installation, there are five user roles i.e. Administrator, Editor, Author, Contributor, and Subscriber. Each of these roles has their capabilities pre-defined. What a user can or cannot do depends on its role.
User Roles Permissions
Here are the key permissions of these default user roles:
- Administrator: This is the most powerful user role (for a single site WP install). An administrator has complete control over the site from accessing everybody’s content to configuring site settings. In addition to adding themes and plugins, they can also add, edit and delete users as well (even other admins).
- Editor: Editors have complete control over content-related sections of the site. They can create posts, pages, categories, upload files, publish and edit the posts written by others. But they cannot add or edit themes and plugins, nor can they access site-wide settings.
- Author: Users with this role can write, edit and publish their own posts. They cannot add or edit themes and plugins; they lack access to the site settings too. Since authors can delete (even published ones) and publish their posts, it's best only to award this role to people you trust.
- Contributor: Contributors role has the permissions of adding, deleting and editing their posts. Contributors cannot upload media files, nor can they publish posts. This is the ideal role to assign to guest writers.
- Subscriber: Users with this role can read content and edit their profile.
Now that you know what user roles are. Let's understand why they are important.
Importance of User Roles
For multi-author blog owners, it is important to know which role they should assign and how to customize their permissions. But like I have mentioned earlier, WordPress comes with a pre-defined set of user roles, and they can only be customized by extending WP with a 3rd party plugin.
The inability to customize user roles by default can be restrictive. The Contributor role lacks the media files uploading permissions, so if you assign it to a guest writer, they will be unable to add images to their posts. To let Contributors upload media files, you need to edit this user role which can’t be done with the default WordPress settings. Also, Contributors are capable of deleting their posts, which you may want to disable.
All these points clearly highlight the importance of customizing user roles in WordPress.
Another perk of adding roles is that you can define a custom user role for the person responsible for moderating comments on your site. Such a user will not have any other capabilities other than comment managing permissions.
Plugins for Managing User Roles Effectively
There are many user role managing plugins. You are going to learn a few of these right here.
User Role Editor
User Role Editor is an easy to use and friendly plugin. It can customize default roles and define custom roles.
- Getting Started: Once you’ve activated this plugin, you’ll find a new section added to it in Users > User Role Editor. Here, you will see a list of capabilities for the user role selected. To edit the capabilities of any role, select it from the dropdown at the top. To grant or deny a particular capability, check or uncheck a capability respectively.
- Customized Permissions: User Role Editor can also customize permissions of specific users. For example, you have 5 guest contributors, 4 of whom upload good and quality images. Whereas, the 5th user is not a good judge of relevant images. What would you do? You can indeed define a separate role and disallow to upload images.
- Pro Version: The plugin in question comes with most basic features. It also offer a Pro version, which has extra features like Export or import functionality to migrate roles and capabilities from one site to another, restrict posts and pages per role basis, enclose content in given shortcode to display it to only particular roles, block certain meta boxes from Edit Post/Page screen for a particular user role, etc.
WPFront User Role Editor
WPFront User Role Editor is a straightforward plugin with easy to use user interface. It makes the process of adding, editing and deleting user roles quite easy.
- Getting Started: Once you installed and activated the WPFront User Role Editor, a new menu called Roles appear in the left panel. From here you can configure all the basic and advanced settings.
- Users Redirect: You can also redirect users as they are logged in based on their role. It also lets you show menu items to logged in users and guest users.
- Additional Features: Its advanced features include restoring role, changing default role, cloning existing roles (and build on top of them), renaming roles and much more.
- Pro Version: The plugin also offers a premium version which extends the plugin feature-set with options like displaying menu items based on user role, controlling who can view menus inside the dashboard, advanced widget visibility permissions and login redirects, import and export roles, etc.
It is a cool plugin with more than 50,000 active installs. Its free version is effective for basic operations. However, the Pro version is always there for improved and enhanced capabilities.
Remove Dashboard Access
Sometimes, you don't want Subscribers to view the WordPress dashboard or admin bar on the front-end. You can use the Remove Dashboard Access plugin to disable this access to the dashboard. It offers three different options:
- Administrators only: Nobody except Admin can access the dashboard.
- Editors and Administrators: Only editors and administrators can see the dashboard.
- Authors, Editors, and Administrators: Contributors and Subscribers won't be able to view the dashboard.
- Restricts Dashboard Access For Custom Users: This plugin also comes in handy if you have created any custom user roles and you want to limit their access as well.
- Users Redirect: This is also useful for redirecting certain users to a given page. Let's say Subscribers should not view the dashboard, rather be redirected to Edit Profile page. You can configure this plugin to accomplish exactly that.
- Advanced Functionality: It, however, possesses an advanced capability specific access management. Which means, you can limit access according to a capability. If the given user has that capability, it can access the dashboard.
Members is one of the most effective membership plugins. It is very easy to use and understand. With Members, you can add, edit and delete user roles as well as their capabilities. It extends the user management abilities of the CMS.
- Multiple Roles: It allows you to assign multiple roles to users. Another useful feature is that of cloning roles, meaning you can duplicate the capabilities of a role.
- Creates Metabox: It adds a meta box in the Edit Post/Page, letting you limit said content on the go.
- Shortcodes and Add-ons: There are many other features like shortcodes to enclose content, privatizing the site with its feeds, etc. There is an add-on called Role Levels that allows access to user levels system in WordPress. It is one of the oldest role management plugins.
There are many scenarios when you need to create a custom user role or want to edit the capabilities of a default user role. There are WordPress functions that easily let you add capabilities and user roles. If you have time and you know how to code, then you can create your own user roles. However, for beginners, plugins like these will do the job quite effectively and in a time-saving manner.
Finally, you can catch all of my articles on my profile page, and you can follow me or reach out at Twitter @mrahmadawais; to discuss this article. As usual, don’t hesitate to leave any questions or comments below, and I’ll aim to respond to each of them.