PHPMatters Help You Better Hosting Your PHP-based Sites
How to Control WordPress User Roles and Permissions

How to Control WordPress User Roles and Permissions

WordPress is a powerful CMS that allows you to have multiple users to handle your website, each of which has exclusive roles and assigned permissions. At present, there are 6 default user roles including Subscriber, Contributor, Author, Editor, Administrator and Super Admin, along with dozens of user permissions such as editing posts, publishing posts, moderating comments and many more.

If you are the site owner who has the power to decide which users can and cannot do within your WordPress site, you’d better go through this beginner guidance about WordPress user roles and capabilities.

WordPress User Roles

First of all, we’d like to introduce WordPress user roles that define a set of tasks allowed to perform on your website.

  • Super Admin – If you have set up the WordPress Multisite Network, this user role simply encompasses all the possible permissions within a network of WordPress websites.
  • Administrator – This user role allows the access to all the administrative permissions within a website. It is similar to the Super Admin, but can only work for one single site.
  • Editor – This user role allows you to publish, edit, remove and manage all the posts in your website, no matter they are contributed by you or any other users.
  • Author – This role allows you to publish, edit, remove and manage all your own blog posts.
  • Contributor – This role allows you to edit and manage your own posts, but disallow you to publish them. This means you can only submit your posts for review.
  • Subscriber – This role only allows you to leave comments or change your own profile.

Here, we have to note that the pre-configured user role of the webmaster is Administrator, and the Super Admin user role is only available on WordPress Multisite.

As for the default user role of any newly-added users, you can make changes from General Setting of WordPress admin.

General Setting

WordPress User Permissions

The major permissions and capabilities include the management of posts, webpages, plugins, templates, comments, links, categories, files, imports, exports and many more. We are not going to list all of them as they are too many. However, you can check this WordPress Codex page to check all the permissions allowed within a WordPress site, along with which permissions are allowed by which user role by default.

How to Customize the Permissions of User Roles

By default, the permissions of each user role are per-determined by WordPress. To be frank, the settings are quite suitable for all the common webmasters.

In some special cases, however, you may want to customize the permissions assigned to each user role to meet your special needs. For instance, you only want to provide your editors with all the managing powers on unpublished posts. Once the posts are online, there are no one else can delete them.

To achieve this, the best method is by utilizing the User Role Editor plugin. After installing it on your WordPress website, you can go to the Users tab and click the User Role Editor button.

User Role Editor

Now, you can select your target user role that you want to make some changes on permissions and capabilities. Then, you will be presented with all the capabilities. Note that you’d better show them in a human readable form by ticking the corresponding box. Besides that box, you can find another one that allows showing the deprecated permissions.

Select Role

Next, you can browse all the listed capabilities and choose some or even all of them to assign to your target user role. You can find a question mark next to some capabilities. Simply click on it to acquire the further information about that permission. In addition, you are also allowed to add and delete some capabilities as you wish.

Create New User Roles

If you want to create an exclusive user role to meet your special requirements, you can click the Add Role button, enter the Role ID/name and copy all the permissions of one existing user role. Then, you can decide the permissions based on your needs.