How to Structure a New Role/Capability Scheme?

WordPress capability system roughly works like the following:

  • Capabilities can be attached to users or roles
  • Roles can be attached to users
  • Roles are a flat system, so there is nothing overruling something else
  • Role names are capabilities as well

Keep in mind that role names are capabilities as well, but you shouldn’t check against them. The same goes for the deprecated level-0 until level-9 caps.

In theory WordPress supports multiple roles per user – something that is extremely convenient as you can add and remove Capability packages summed under role names. It just has no UI and isn’t built in. Oh, and there’s (afaik) no plugin that delivers that.

So: yes assigning capabilities users is OK. But keep in mind that this can quickly can get a maintenance nightmare. In most cases it’s better (not perfect) to just grab a role, copy its capabilities over to your new role and add the new role to a user. When you then want to change something, just exchange to role for all users that need to have a new set of caps.

Note: This is my opinion. Others might have a different one when it comes to what is a nightmare and what not 🙂

Related Posts:

  1. what’s the meaning of the field wp_capabilities in table wp_usermeta
  2. Add Custom User Capabilities Before or After the Custom User Role has Been Added?
  3. How to allow Unfiltered HTML in a wordpress multisite install
  4. Limit role to one plugin [duplicate]
  5. Logout users upon login, based on caps/role?
  6. Menu page with minimum capability as ‘Subscriber’ doesn’t allow ‘Admin’ to access it?
  7. How to determine which capability to use?
  8. Allow contributor user role to perform copy operation PHP
  9. Buddy Press restrict the capability to edit users
  10. What is more secure checking capabilities of user or checking role of user in WordPress plugin development
  11. How do I create a custom role capability?
  12. Send user activation email when programmatically creating user
  13. Change default admin page for specific role(s)
  14. How to Change the Entire WordPress Admin panel Look and Feel?
  15. WordPress Capabilities: edit_user vs edit_users
  16. Allowing Custom Capability to Manage Plugin Options
  17. How to add more than 1 user role to sub-menu pages
  18. Odd behaviour with submenu link creation
  19. How to restrict plugin’s sub-menu pages to admin/subscribers?
  20. How to not let a user with a new role edit users that have administrator role?
  21. Execute plugin for specific user role(s) only
  22. query users by role
  23. Hide plugin dashboard menu item for specific roles
  24. get_posts() not working when accessing with a custom user role
  25. Set different custom menu items for different user roles
  26. Prevent third party plugin’s admin page access based on user type
  27. You do not have sufficient permissions to access this page on a submenu
  28. wp_dropdown_roles() to replace option value = code
  29. Create a custom capability to allow an ‘Editor’ to edit only ‘Subscriber’ users
  30. Hide custom post type by user roles
  31. WordPress custom post type capabilities issue
  32. Check user’s role and store in variable
  33. WordPress: Custom User Role cannot access Custom Post Type | “Sorry, you are not allowed to access this page”
  34. How to use gettext for specific user role
  35. Unable to access custom plugin backend
  36. How To Create A File Archive in WordPress?
  37. How can I change my assigned user role in WordPress 3.5.1?
  38. insufficient permissions; coding an action for plugin governed by custom capability
  39. Enable a role named ‘backend_user’ to access my plugin pages
  40. Add custom parameter for custom user role
  41. How to give custom roles the capability to edit one Menu instead of every Menu
  42. How I can give access to my custom plugin for editor roles user?
  43. Remove all capabilities in separate method fails versus included in method
  44. Remove from a div by class name from post page if post author role is not administrator
  45. Adding admin for specific users
  46. New Users are saved with no role selected
  47. WordPress User Management Departmental Managers
  48. Plugin capabilities
  49. Remove default wordpress roles
  50. How can I configure Docker for developing and deploying a custom theme?
  51. Add screen options to custom admin pages
  52. Completely remove WP_Admin_Bar for specific user roles
  53. WordPress and PHP Sessions – Security and Performance
  54. What is the difference between using global $current_screen and get_current_screen()?
  55. How to make repeated component/block in Gutenberg
  56. How to get data from WordPress $wpdb into React Gutenberg Blocks Frontend?
  57. Capability to edit own posts and not others
  58. Remove upload_files capability from a role but allow role to manage an avatar image
  59. How can I add/append content to the_content on the home page via a plugin?
  60. Plugin vs Settings load order (woocommerce dependency)
  61. Callback function is being called twice
  62. async code or cron job?
  63. WordPress not working on localhost
  64. Custom delete option button in plugin settings
  65. Sub Menu content is being duplicated
  66. How do you set up a WordPress blog with multiple authors to allow something like StackExchange’s “community wiki” feature?
  67. Show metabox for a special role
  68. how to append custom metabox field with the ACF custom fields id in wordpress development
  69. $_FILES empty on created_{taxonomy} and create_{taxonomy} yet is is not on edit_{taxonomy}
  70. Adding fields to category manager. Does a method exist to get the link to the category edit screen?
  71. Distributing Frontend Assets with Plugins
  72. Wp-admin Custom User Management
  73. Can we intercept user_login and user_pass from a wp_login_form?
  74. Hook add_attachment error
  75. Want to know parameters that can be passed to user_can() for access control by user capabilities
  76. Shortcode conflicts
  77. How can I add rewrite rules to a class-based plugin?
  78. hook update_option/updated_option empty $old_value and $value
  79. Issues Updating Post Meta with AJAX (Seems simple but cannot figure it out)
  80. How to output functions from plugin inside theme
  81. Sharing Variables between scheduled events
  82. Should I put my plugin javascript inline?
  83. Can / should a widget plugin define its own Widget Area?
  84. User role editor – Add download files capability
  85. How to get the `comment_post_ID`?
  86. Can someone explain what’s the use of parse request function in WordPress?
  87. How does update method in Widget class saves $instance array from Select tag?
  88. call funcution when clicking submit
  89. WooCommerce – Stop assigning order numbers
  90. How can I pass WP_Query results to a plugin?
  91. How to customize the size of Featured Images or Post Thumbnails in WordPress?
  92. Hook for plugin to show content for certain urls
  93. Why does unzip_file always return true but nothing happens?
  94. Let user override plugin CSS
  95. Add_menu_page and saving settings
  96. Updating Style From WP Options Setting Page
  97. What method would I use to show an image in between X amount of posts on category archive? [duplicate]
  98. Plugin – Proper way to handle 404 pages?
  99. Can I remove WooCommerce specific product categories from shop managers?
  100. Programmatically creating posts based on external JSON feed (asynchronously)

Leave a Comment