Standard user roles and their access rights
A user role is a set of access rights that a user has. In fresh WordPress installations, there are five default sets of user rights. Each of them has its own predefined capabilities. Each subsequent type includes the capabilities of the previous plus some additional ones. Now let’s understand the rights of the standard ones that are available in WordPress by default:
1. Subscriber. The most limited of all default WordPress user types. Has access only to the profile settings.
2. Contributor. In addition to changing profile settings and reading posts the contributors can:
- View the headings of the blog posts, including those that haven’t yet been published. Only the headers, it’s forbidden to look at the content.
- Write articles and send to the administrator for approval.
- View comments, but not edit them.
- If the blog has a Contact Form 7 plugin installed, then the contributor can view the feedback code that can be added to the article.
3. Author. In addition to privileges of the contributor the authors can:
- Independently publish articles without the approval of the administrator.
- Add media files to the website.
- If there’s a WP-Filebase plugin installed, then it provides authors with the ability to upload various kinds of files to the server.
4. Editor. This user has all the rights associated with the publication and editing of the site’s materials. The settings of the WordPress admin panel and most of the plugins aren’t available to this sort of user. And so, in addition to author permissions, the editors can:
- Publish materials on the blog, as well as modify existing ones.
- Create categories, tags and external links.
- Exercise full control over the comments: delete, create, edit.
- In Contact Form 7 all the feedback form settings are available; In WP-Filebase the uploaded files can be grouped by categories.
5. Administrator. This is the most powerful type. The administrator controls the site completely , starting from access to any content and ending with site settings. Admins can add themes and plugins and delete other users, including other admins.
6. If we are talking about a multisite installation then one more type is added: Super Admin, the one who has access to the administrative network and all the functions of the sites within it.
Why are user rights so important? If you have a lot of authors on your design studio site, it’s important to know which permissions to assign to them and how to change the access rights of these users. But here you need to understand that user access rights cannot be managed effectively without using additional WordPress plugins. What if you need to expand the capabilities of some users, give them additional rights? The help comes with a special plugin, which allows you to adjust the rights of existing user groups and create new ones. Imagine this situation. The type “Subscriber” can’t download media files, so if you assign such an account type to an invited author, he won’t be able to add pictures to his posts. So here it won’t hurt to edit this group. You might also need an account that would only allow a person to moderate the comments. So let’s see how this plugin will help you to achieve your goals in the best possible way.
Creating and editing user roles
User Role Editor plugin. Its settings are available at the “Users” → “User Role Editor”. In the first field you can change the rights for existing user groups. The procedure is as follows:
- Choose the user type that you want to edit;
- Put a checkmark in the “Display access rights in readable form” checkbox for better perception of the list of available options;
- Click the necessary rights and save settings;
You can also add a new user type. To do this use the option of the same name. Some of the rights can be taken from standard groups. After creating, check the available options and save settings.
In addition, the plugin allows you to adjust the capabilities of each registered user individually. In the “Users” section of the WordPress admin panel, a new “Capabilities” button will appear. Click on it and in the window that appears select the rights that you want to give this person. The free version offers basic functionality, but there’s a Pro version that provides functions such as import and export of roles, content distribution, putting content in the shortcode, so that it’s displayed only for the specific users, blocking certain meta boxes on pages for records management, etc.