User Role is Not Specifying in WordPress Multisite?

I want to use same user and user meta for all site meaning that
everysite will use same usermeta capabilities it will be more useful
for me because I want to use mycred plugin and I don’t want any
issues** ( More Useful )

This is the crux of the problem, specifically:

everysite will use same usermeta capabilities

Every site is already using the same user and user meta, the problem is that roles and capabilities are not stored in user meta! They have a separate table

So What if I shared the roles tables too?

That won’t work. If the roles table says you have editor status on site #3, we now have a problem because you have multiple multisite installs. Does it mean site #3 on sub1.domain.com? Does it mean site #3 on sub2.domain.com? There’s no way of knowing

The Problem Runs Deeper Though

Roles and Capabilities are not install-wide, they’re site/blog-wide. I can be an editor on a blog, but an admin on another blog within the same multisite install.

For example, WordPress.com is a giant multisite install. I can create a site and be an administrator of that site, but I don’t have admin access to your site.

By default, if I log into a site, I do not have a user role, which is intentional.

The Misleading Super Admin Functionality

Super Administrators aren’t roles. Each blog has an options table, but there’s another options table that exists across an entire multisite. Inside this is an option with a list of User IDs, this is what determines if you’re a super admin or not.

If your User ID appears in this option, you can do pretty much anything, and it will override and assume you have a capability. It’s a little more involved than that, but that’s a good approximation. You won’t find a super admin role in the roles table.

So How Do I Build A System Where I Give a User A Role That is Everywhere?

A universal role, that you set once, that’s set everywhere? This functionality doesn’t come out of the box, and is counter to how standard WordPress works ( and may have unanticipated side effects ).

At a fundamental level, what you’ve been building is single sign on, but through a fragile system of shared user tables.

So you will need:

  • Somewhere to store the role set for the user
  • Code to read that and set it programmatically, ignoring the user table
  • Code to provide a User interface for setting the role
  • A list of what roles you want, if a plugin adds new roles then those will not be usable unless it’s added to all sites across all installs

I would suggest storing the role in user meta, and using the user edit profile screen. You will also need code to check the roles and capabilities to prevent users changing their own roles. Pay very careful attention to this code as it will be a critical security failure point.

Sadly, doing this may be either difficult, or expensive:

  • The WP_User object doesn’t provide easy filters, it may be necessary to note down a role and all its capabilities and provide your own WP_User replacement, this could well cause compatibility problems
  • You could check on every page load if the users role matches what it’s meant to be, and set it if it isn’t. This would be more expensive, but more reliable and more compatible

I would note though, that all of this is going to be costly to maintain. Your setup has pushed you into a corner of high technical debt, and this is one of the costs.

How Other People Do It

When you rebuild the system in the future, consider a SSO/Single sign on system. Federated login such as those provided by OAuth or SAML is the longterm answer here. IN that scenario you would provide the authentication level to the site when the user logs in ( the login may be a seamless redirect if the user has already authenticated with the SSO provider ), then set the appropriate role when the user is passed back to the site.

It is true, that you would no longer be sharing user tables across installs, but any information that needs to be synchronised would be set at the central SSO provider and pushed to the relevant sites.

Related Posts:

  1. get_user_meta() to Return User Meta Only for Current Blog in Multi Site
  2. SQL to check how many sites a user is a member of
  3. Exclude main blog from get_blogs_of_user
  4. Get users primary blog URL in MultiSite
  5. Shared User Tables on 2 WordPress Sites; “Main” Site and “Discuss” using P2?
  6. How to store custom user data on the database?
  7. Query users by capability – uninstall/deactivate callback
  8. How is a user’s primary blog determined?
  9. Solving a get_user_meta() problem in Multisite
  10. WordPress Multisites or Multiple WP Single sites?
  11. get_user_meta() in multiste with respect to subdomain
  12. Delete all user’s meta without knowing all the ‘key’
  13. WPMU add custom colum
  14. One login for 3 WordPress installations with combined user table doesn’t work
  15. Get users from all/specific blog by user_role and current_user role
  16. How does adding custom meta to signup form work?
  17. Site Redirecting to wp-signup.php
  18. Are nested subdomains possible with a subdomain multisite?
  19. Querying posts from multiple sites in a network?
  20. is_front_page() malfunction?
  21. How can I diagnose a slow WordPress admin?
  22. How to enable a site administrator to edit users in a WordPress network/ multisite setup?
  23. BLOG_ID_CURRENT_SITE vs. SITE_ID_CURRENT_SITE in WordPress Multisite?
  24. Shared table across network
  25. Turn off ms-files.php after network setup
  26. Opinions whether to go multisite VS 3 separate WP installation [closed]
  27. Multisite: differences between subdomain and subdirectory mode? Can it be switch after installation?
  28. Ban SiteNames Multisite
  29. WP MultiSite API – Create new sites
  30. Multisite – sub-subfolders for certain blogs
  31. Multisite – how to remove the root ‘/’ site?
  32. Configure WordPress to read from database only, never write
  33. WordPress multisite with domain mapping and virtual host on local with fake domain
  34. Don’t allow access to wp-admin but allow admin-ajax requests to be fulfilled on frontend?
  35. Timeout While Upgrading Network in Multi-site
  36. Full Domain Mapping with WP3 in Multiuser Mode
  37. add_rewrite_rule not registering on Multisite
  38. How to combine multiple sites to WordPress MU
  39. how do I configure nginx for wordpress multisite, it occurs ERR_TOO_MANY_REDIRECTS
  40. Installing multisite network admin on sub-domain
  41. multisite custom directory
  42. Changing wp-content to other name? Multisite set up
  43. Redirect users on logout
  44. You do not have permission to edit this user
  45. Rest API Multisite Site List?
  46. Cannot access my first sub-site in a multisite [closed]
  47. Multisite setup help – plain domain/subsite always redirects to domain with subdir multisite
  48. Auto creation of multisite blog on user registration
  49. Memory question on WordPress Multisite
  50. How to protect post attachments related to a custom post type, from non-logged in users, on 1 subsite of a multisite installation?
  51. Aggregate multisite RSS and restrict certain content
  52. WordPress multisite on IIS – can’t open subpages
  53. Issues with Multisite installation and 403 error for REST API request
  54. How to run react app and headless WordPress and React App on same server (managed by plesk)?
  55. Nginx Wildcard SSL with WordPress Multisite Subdomains
  56. Multisite – Parent site with Polylang with different domains for each language [closed]
  57. How to disable wordpress cron jobs for a subsite?
  58. Multisite – create plugin to hide deactivated sites from the sites overview
  59. Multisite Subdomain Redirect Mask
  60. How to use HyperDB plugin in a existing wpmu
  61. Sort by site/blog column in Multisite
  62. Possibility of Create Site Specific CSS in a Multisite
  63. How do you update a network option value in the DB via a hook
  64. Get post by term from custom taxonomy in another blog on the network?
  65. Two wordpress mu installs, same settings/plugins/themes?
  66. Multi Network plugin: “Network not created” [closed]
  67. How to get blog_id of an MU site when running a custom function on the parent site
  68. Multiple sites with independent users
  69. WordPress multisite domain
  70. Multisite WP-API json v2 : can i fetch all comments on all sites with a single query?
  71. How to install seperate theme on certain page
  72. Using Same User Database on Subdomain
  73. Change language for each website using multisite
  74. Permission warning in wordpress multisite
  75. Static directories in a WordPress multisite network
  76. Trying to Decide Between Reverse-proxy and Multisite
  77. Export / import
  78. Remember language choice on multisite website
  79. wp-cli core install –skip-email and –skip-config flags not working on MAMP unknown parameter
  80. Multisite network subdomains doesn’t work
  81. MULTISITE: Password issue and Error Cant access site
  82. trying to install a wordpress multisite in a subfolder and have custom subsite urls
  83. Accessing WP multisite via IP instead of domain
  84. Running hosted multisite version of wordpress
  85. Multisite,half the way
  86. Admin Ajax returns “0 200 OK server error..” in Multi-site sub-site
  87. How to implement this subdirectory mapping in multisite?
  88. WordPress MU with subdomain
  89. How do i get custom metabox data from each multisite blog?
  90. Multisite login and redirect to users main blog,
  91. WordPress multisite dashboard not working..!
  92. Parse shortcodes from another site in WP Multisite
  93. Custom pages on all multisite network, to NOT show in wp-admin at all
  94. In a MS install, can you allow different users to have their own themes?
  95. Install WordPress MU outside htdocs
  96. Redirect authors from upload.php url to Home page in Multisite
  97. Images on WP Network’s subsite appear only if accessed via main site’s url
  98. WordPress Multisite platform for different city for single db
  99. Not being allowed to use some terms in Add New Site in WordPress
  100. How to redirect root blog to a specific one in multilang WP?