WordPress has been a popular option for websites that need a content management system. Like other CMS, WordPress provides comprehensive predefined user roles that fulfill the requirements of website administrators and managers.
Most of the users don’t know that they can assign WordPress user types and limit access to the dashboard for specific users. This action ensures that only a specific group of users have access to specific admin panel areas and options. Custom WordPress user roles also help minimize the chances of any accidents that can bring down the whole website.
In this article, I will describe two ways of creating WordPress new user roles using a plugin and ensure that everything on your website is under control.
- Understanding WordPress User Roles
- Getting Ready to Create New User Roles
Understanding WordPress User Roles
In WordPress, a User Role is a combination of:
A role is the name of a user group that will be displayed in your WordPress Admin Panel and capabilities are the privileges that admins can enable or disable.
By default, WordPress has 6 basic user roles.
- Super Admin: The profile that has access to the entire website including network administrative features.
- Administrator: The profile(s) that has all administrative privileges.
- Editor: The profile(s) that can create, edit, publish their and other users’ posts.
- Author: The profile(s) that can create, edit, publish their own posts only.
- Contributor: The profile(s) that can create, edit their own posts but cannot publish them.
- Subscriber: The profile(s) that can only manage their own profiles.
You can find your WordPress user right within your dashboard.
Log in to your WordPress Admin Panel, navigate to Users → All Users.
You can see the current user roles available on your website:
Getting Ready to Create New User Roles
There are two ways to create, edit or delete user roles in WordPress.
1. Modify WordPress User Roles via Plugin
Sometimes a plugin that can control user roles in WordPress offers the simplest solution. There are lots of plugins for adding, modifying and deleting user roles and capabilities. I would suggest trying out the User Role Editor plugin.
Once installed and activated, from the left pane, navigate to Users → User Role Editor.
As you can see, there are a lot of options to add/modify/delete.
First of all, notice that you can see all the user roles that exist on your WordPress site. If you want to update or change anything, select the user role from the list.
In my case, I have chosen the Editor role and marked where it says Granted Only you can see the existing capabilities assigned to the Editor.
If you are unfamiliar with WordPress access levels and capabilities of a role, give this WordPress Codex a read to understand them in detail.
User Role Editor allows you to rename the capabilities by checking the box.
And here is how the capabilities will be renamed in human-readable form.
Ok so now you have got an idea how the plugin lists existing capabilities assigned to each WordPress user role.
To increase WordPress user capabilities, you can go to the respective group from the left side. For example, in addition to the current capabilities, I also want to allow Editor to Add and Activate plugins.
For this, navigate to Plugins group from the left pane and select Install Plugins, and Activate Plugins and update the user by clicking the Update button on the right.
Now visit the Granted Only section and you will see that the Editor can now Install and Activate plugins.
To add (or remove) capabilities for a specific user role, navigate to the respective group from the left pane and assign (or remove) the capabilities accordingly.
Create a New WordPress User Role
User Role Editor also allows you to create new Roles besides the administrator, author, editor, etc. Click on the Add Role button from the right menu, and a new popup will appear asking you:
- Role Name (ID): A unique ID for each user role.
- Display Role Name: The name of the role that will be displayed.
- Make Copy of: Select the existing role that would form the basis of the new role.
In my case, I have copied the Editor role and named the new role as Editor Limited Access. You can see, the new role has all the same capabilities as that of the original editor role.
Now, I can add/remove capabilities for this new role.
Just like adding a role, you can also add/create new capabilities and assign them to any WordPress user role.
Next, I will demonstrate how you can create custom WordPress user roles via code.
2. Create, Edit or Delete WordPress User Roles Manually
WordPress allows you to remove the default user roles and create custom user roles by assigning limited privileges/capabilities to specific user groups (Roles).
WordPress provides five functions for managing roles and capabilities:
- add_role(): For adding a custom role.
- remove_role(): For removing a custom role.
- add_cap(): For adding a custom capability to a role.
- remove_cap(): For removing a custom capability from a role.
- get_role (): Gets information about the role and its capabilities.
Remove Default User Roles
I will start by removing the existing roles. Remember that WordPress, by default, has the following five roles:
For the purpose of this tutorial, I will remove all user roles except the Administrator. For this, navigate to WordPress Admin → Appearance → Editor → Theme functions.
I will use remove_role() to remove the role. Copy the following code snippet and paste it at the end of the Theme Functions file.
remove_role( 'subscriber' ); remove_role( 'editor' ); remove_role( 'contributor' ); remove_role( 'author' );
Click the Update File button.
To verify that the user roles have been deleted, navigate to Users → All Users.
You can see that except for administrator, all default user roles have been deleted.
Create New User Roles
For the purpose of this tutorial, I will create three new user roles.
- Administrator: with complete administrative access.
- Moderator: That can create, edit, publish their and other users’ posts.
- Newbie: That can only edit their profile and create new posts.
To add these custom user roles, I will use the native add_role() function with the following syntax:
add_role( $role, $display_name, $capabilities );
- $role: A unique name of the role.
- $display_name: The name to be displayed in the WordPress Admin Panel.
- $capabilities: Privileges of the role.
A complete list of all capabilities can be found here.
Since I didn’t delete the default administrator role, all the capabilities and privileges of the role are intact.
This role has the rights to create, edit, publish their own and other users’ posts.
Copy the following code and paste it at the end of the Theme Functions file.
add_role('moderator', __( 'Moderator'), array( 'read' => true, // Allows a user to read 'create_posts' => true, // Allows user to create new posts 'edit_posts' => true, // Allows user to edit their own posts 'edit_others_posts' => true, // Allows user to edit others posts too 'publish_posts' => true, // Allows the user to publish posts 'manage_categories' => true, // Allows user to manage post categories ) );
Click Update File.
Assign “Moderator” Role to a User
Next, I will assign this role to a user. For this navigate to WordPress Dashboard → Users → All Users and follow the instructions below.
I have assigned Moderator role to the user “Alex”. You can see (from the image below) that when he logs in and goes to “Dashboard”, he will have limited access as per the capabilities of his new role.
This role can just edit their profile and create new posts.
To add this role, copy the following code and paste it at the end of the Theme Functions file.
add_role('newbie', __( 'Newbie'), array( 'read' => true, // Allows a user to read 'create_posts' => true, // Allows user to create new posts 'edit_posts' => true, // Allows user to edit their own posts ) );
After pasting the code, click the Update File button.
Assign “Newbie” Role to a User
For assigning the new role to a user, navigate to WordPress Dashboard → Users → All Users and follow the instructions below.
I have assigned a Newbie role to the user “Dicaprio”. You can see ( from the image below) that when he logs in and goes to Dashboard, he’ll have limited privileges.
Now, I will assign the Newbie role to every visitor who registers on my website.
Now, I will assign the Newbie role to every visitor who registers on my website.
In this article, I have explained to you how to create users on WordPress and what are the various types and permissions to choose from. As you have seen, there are many customization options, and you have a very large margin of actions that you can make available or not for each of your users.
What WordPress user privileges you’ve enabled on your platform? Share your experience with us by leaving a comment in the box below.
Start Growing with Cloudways Today!
We never compromise on performance, security, and support.
Mustaasam is the WordPress Community Manager at Cloudways - A Managed WordPress Hosting Platform, where he actively works and loves sharing his knowledge with the WordPress Community. When he is not working, you can find him playing squash with his friends, or defending in Football, and listening to music. You can email him at email@example.com