access the plugins for each role in WordPress multisite

You cannot enable or disable plugins wholesale for specific user roles. A plugin’s ‘active-ness’ is not determined per-user. If you attempted to actually deactivate a plugin for a specific user role, then any time a user with that role logged in the plugin would be deactivated for every user that visited your site. A user has logged in that’s not allowed to manage WooCommerce? Now your store is down until a user that does have access logs in.

So ‘activating’ and ‘deactivating’ entire plugins for user roles is not the way to think about this. So what is?

The first thing to be aware of is how WordPress grants users permission to perform certain tasks. Under the hood, each user role has a list of “capabilities”. WordPress uses these capabilities to determine whether a user has permission to do certain things, and modifies the UI to reflect the user’s permissions and enforces security policies accordingly. You can see a list of the core WordPress roles and which capabilities they have here.

The second thing to be aware of is that plugins are typically not monoliths that grant or restrict access to their entire functionality with a binary yes or no. WooCommerce, for example, has functionality for adding products, viewing and managing orders, and configuring the plugin settings, among other things. As with WordPress, different users need different levels of access to these different parts of WooCommerce, so WooCommerce adds its own roles and capabilities that can be used to grant access to these various parts of the plugin. To grant users access to different sections of WooCommerce, you need to assign their role the correct capabilities. You can do this using code, or a plugin like User Role Editor.

However, that’s just WooCommerce. Every plugin is going to be different, and do its own thing. There is no standard that applies to every plugin that you can follow. Some plugins will do what WooCommerce does and add their own capabilities and let you assign them how you wish, but others might use WordPress’ core capabilities to grant or restrict access. A (frustratingly) large number of plugins are hard-coded to require the Administrator role to access their functionality, for example. In those cases there’s no workaround: You must be an Administrator to use the plugin.

So really, you’re going to need to go through every plugin one-by-one and check its documentation to find out how you can grant access to its functionality (or parts of it) to your users. The answer will be different every time. No one here can give you a definitive answer that will apply for every plugin.

That being said, there are plugins out there that claim to be able to manage this for you more simply, but be careful. Often these plugins merely hide the UI, and don’t actually securely remove access to the plugins or their functionality. A determined user might be able to bypass this type restriction.

Sometimes these plugins might be able to properly secure a plugin, but in those cases they very likely would have been built to specifically integrate with that plugin, and they just won’t have that integration for every plugin that’s available. If you use one of these plugins make sure you test them thoroughly to make sure the lower-level users truly don’t have access to things they’re not supposed to.

Another consideration with these plugins is that they won’t be able to selectively grant access to a plugin that is hard-coded to require Administrator access. Not without actually making the user an Administrator just merely hiding the other stuff they shouldn’t have access to. I can tell you from experience that many plugins are very bad at this, and simply won’t have an option to grant access to a user without making them an Administrator, no matter which plugin you use.

Related Posts:

  1. Troubleshooting a “You do not have sufficient permissions to access this page” error
  2. Restrict users on multisite WordPress install
  3. Give users acces to admin a single post or set up WP network?
  4. Where are available Roles Defined in the wp_ database?
  5. Why are my roles not visible in a Multi-site/Network?
  6. Site admin in a network install can’t edit users?
  7. Issue with Custom Roles in Multisite
  8. How to enable a site administrator to edit users in a WordPress network/ multisite setup?
  9. How can I display all Multisite blogs where this user is administrator?
  10. Add role across network in multisite
  11. Possible to make custom role in multisite that can add sites?
  12. Prevent user creating new users with specific roles
  13. Can you have multi-site WP and keep users separate?
  14. Restrict the user access in multi site for non-assigned blogs
  15. WordPress Multisite Layered Admins
  16. Multisite Independent User Base
  17. How To Remove Dashboard Menu Items for Multisite Users?
  18. How to get a user role of a specific blog in multisite?
  19. Can wp-cli display all users and their roles across all sites in a multisite instance?
  20. Can simple Admin save options in a Multisite?
  21. Identical members roles on all sites in a multisite
  22. How can I get multisite primary blog (url or path) for current user?
  23. WPMU – new users are automatically subscribed to the main blog – how to prevent that?
  24. WordPress Multisite prevent direct access to subdomain
  25. create_users capabilities on a role on multisite
  26. Within the database, where is the flag which says that a user has Super Admin rights?
  27. Update User Role Across Network when Main Site User is Updated
  28. Assign role to user on first login, if they are first (after admin)
  29. Avoid having infinite loops
  30. Get the User ID Who Owns a Given Blog ID in Multisite
  31. Create custom role, multisite, add users/sites?
  32. Make a user administrator to a sub directory site and a contributor to main site in multisite network
  33. How to change user starting role in WordPress MultiSite?
  34. Allow Author on Site A capability to upload files on Site B in Multi Site
  35. How to protect post attachments related to a custom post type, from non-logged in users, on 1 subsite of a multisite installation?
  36. Multisite registration problem [closed]
  37. Good way to block users within a multisite setup without deleting them?
  38. Subsite access without being a member of the subsite in wp multisite network
  39. Multisite user roles – capabilities not working
  40. Create Custom Multisite User Role to Reduce Capabilities
  41. Restrict Capability of Administrator to Create, Edit and Delete Pages in Multisite
  42. Multi-Site Subfolder User Permission Issue
  43. Admin permission for creating blogs in multisite
  44. Add access control origin header information across multisite
  45. Remove superadmin role from the “change role to” menu in user listing
  46. Copy user role on multisite so the user can access subsites with same role
  47. One Site as a part of Multisite to be hidden (Un-published) from Public?
  48. How to change a user role after registering in multisite?
  49. How to sync roles across Multisite?
  50. Multisite network admin – User’s role not showing up
  51. WordPress Multisite Add User
  52. WordPress multisite, allow non super admins to create sites
  53. Disable site visiting and user logins excepting for a specific user
  54. Hiding media uploaded by other users in wordpress multisite?
  55. WPMU If MU site has no administrator, deactivate site
  56. Common user login for two different wordpress installation and bbpress
  57. How to check main site user level from subsite in a multisite network
  58. can’t create user without email for an author after converting single site to multisite
  59. Easily adding multiple existing users to a multisite site
  60. Language per user role, how can I achieve this?
  61. Admin users not able to see network menus
  62. let user select roles in the wordpress subsites
  63. Redirect a user roll to a page after login in mutlisite network
  64. User Roles in multisite – odd behavior
  65. Users getting linked unwanted to main mu in WordPress multisite (WPMU)
  66. WordPress single sign on using cookies with shared user role functionality between more than 2 wordpress subdomains
  67. A different role for each site in a multisite
  68. Multisite error when adding a user: already a member of this site
  69. WordPress Multisite FQDN Admin Access
  70. How to create child/sub user under parent user
  71. How create a multisite setup with “phantom” accounts and passwords?
  72. Multisite vs Role Scoper
  73. Get users from all/specific blog by user_role and current_user role
  74. Is there any way to give all users access to one blog in a multisite network without using a plugin?
  75. Some Subdomains on a Multisite Install Not Found
  76. How can I display all Multisite blogs where this user is administrator?
  77. How to give “author” user role appropriate capabilities to add PollDaddy polls? WordPress multisite
  78. Multisite and users being listed on network administration dashboard and not main site dashboard
  79. Multisite Login Access Restrictions
  80. Set default avatar network-wide
  81. latest 5 posts using switch_to_blog loop
  82. restore_current_blog() vs. multiple switch_to_blog() followed by removing $GLOBALS[‘_wp_switched_stack’]
  83. Sub-subdomain getting redirected to main domain
  84. How can I have different groups of editors only allowed to edit certain parent+subpages?
  85. How to work on a live WPMS blog when domain is unresolved? [closed]
  86. How do you load WordPress from an external script when using MultiSite? [duplicate]
  87. Hook up MU site creation
  88. Add menu items/actions for multisite users who are registered on the network but do not have a role or capability in any sites
  89. WordPress Multisite with Addon Domains (not parked domain) [closed]
  90. Redirect to localhost after installing Multisite on server
  91. WordPress multisite install on two subdomains, each belonging to a separate domain
  92. Mass Update Broken Links
  93. Performance disadvantge of second installation instead multisite feature?
  94. What is the simplest way to disable multisite leaving one of the sites only?
  95. Subdomain is not working
  96. How to automatically create an index of child sites at the root url for a multisite installation?
  97. Migration: previous URL redirection after migrating
  98. URLs for (MultiSite) link images are always relative
  99. How can I remove “Add new” button on custom post type
  100. There is no featured image in my post in wordpress multisite theme [closed]