WordPress has been a popular option for websites that need a content management system. Like other CMS, WordPress provides comprehensive predefined user roles that fulfill the requirements of website administrators and managers.
Many WordPress hosted website owners don’t know that they can limit the access to Dashboard for a particular user by creating new custom user roles. This action ensures that only a specific group of users have access to specific admin panel areas and options. Custom user roles also help minimize the chances of any accidents that can bring down the whole website.
In this article, I will describe two ways of creating new custom user roles using WordPress User Role Editor Plugin and ensure that everything on your website is under control.
Understanding WordPress User Roles
In WordPress, a User Role is a combination of:
A role is the name of a user group that will be displayed in your WordPress Admin Panel and capabilities are the privileges that admins can enable or disable.
By default, WordPress has 6 basic user roles.
- Super Admin: The profile that has access to the entire website including network administrative features.
- Administrator: The profile(s) that has all administrative privileges.
- Editor: The profile(s) that can create, edit, publish their and other users’ posts.
- Author: The profile(s) that can create, edit, publish their own posts only.
- Contributor: The profile(s) that can create, edit their own posts but cannot publish them.
- Subscriber: The profile(s) that can only manage their own profiles.
You can find the current user roles within your WordPress Admin Panel.
Log in to your WordPress Admin Panel, navigate to Users → All Users.
You can see the current user roles available on your website:
Getting Ready to Create New User Roles
There are two ways to create, edit or delete user roles in WordPress.
1. Modify WordPress User Roles via Plugin
Sometimes a plugin that can control user roles in WordPress offers the simplest solution. There are lots of plugins for adding, modifying and deleting user roles and capabilities. I would suggest trying out User Role Editor plugin.
Once installed and activated, from the left pane, navigate to Users → User Role Editor.
As you can see, there are a lot of options to add/modify/delete.
First of all, notice that you can see all the user roles that exist on your WordPress site. If you want to update or change anything, select the user role from the list.
In my case, I have chosen the Editor role and marked where it says Granted Only you can see the existing capabilities assigned to the Editor.
If you are unfamiliar with the capabilities of a role, give this WordPress codex a read to understand them in detail.
User Role Editor allows you to rename the capabilities by checking the box.
And here is how the capabilities will be renamed in human-readable form.
Ok so now you have got an idea how the plugin lists existing capabilities assigned to each WordPress user role.
To provide more power to a user role, you can go to the respective group from the left side. For example, in addition to the current capabilities, I also want to allow Editor to Add and Activate plugins.
For this, navigate to Plugins group from the left pane and select Install Plugins, and Activate Plugins and update the user by clicking the Update button on the right.
Now visit the Granted Only section and you will see that the Editor can now Install and Activate plugins.
To add (or remove) capabilities for a specific user role, navigate to the respective group from the left pane and assign (or remove) the capabilities accordingly.
Create New WordPress User Role
User Role Editor also allows you to create new Roles besides administrator, author, editor etc. Click on the Add Role button from the right menu, and a new popup will appear asking you:
- Role Name (ID): A unique ID for each user role.
- Display Role Name: The name of the role that will be displayed.
- Make Copy of: Select the existing role that would form the basis of the new role.
In my case, I have copied the Editor role and named the new role as Editor Limited Access. You can see, the new role has all the same capabilities as that of the original editor role.
Now, I can add/remove capabilities for this new role.
Just like adding a role, you can also add/create new capabilities and assign them to any WordPress user role.
Next, I will demonstrate how you can create custom WordPress user roles via code.
2. Create, Edit or Delete WordPress User Roles Manually
WordPress allows you to remove the default user roles and create custom user roles by assigning limited privileges/capabilities to specific user groups (Roles).
WordPress provides five functions for managing roles and capabilities:
- add_role(): For adding a custom role.
- remove_role(): For removing a custom role.
- add_cap(): For adding a custom capability to a role.
- remove_cap(): For removing a custom capability from a role.
- get_role (): Gets information about the role and its capabilities.
Remove Default User Roles
I will start by removing the existing roles. Remember that WordPress, by default, has the following five roles:
For the purpose of this tutorial, I will remove all user roles except the Administrator. For this, navigate to WordPress Admin → Appearance → Editor → Theme functions.
I will use remove_role() to remove the role. Copy the following code snippet and paste it at the end of the Theme Functions file.
remove_role( 'subscriber' ); remove_role( 'editor' ); remove_role( 'contributor' ); remove_role( 'author' );
Click the Update File button.
To verify that the user roles have been deleted, navigate to Users → All Users.
You can see that except for administrator, all default user roles have been deleted.
Create New User Roles
For the purpose of this tutorial, I will create three new user roles.
- Administrator: with complete administrative access.
- Moderator: That can create, edit, publish their and other users’ posts.
- Newbie: That can only edit their profile and create new posts.
To add these custom user roles, I will use the native add_role() function with the following syntax:
add_role( $role, $display_name, $capabilities );
- $role: A unique name of the role.
- $display_name: The name to be displayed in WordPress Admin Panel.
- $capabilities: Privileges of the role.
A complete list of all capabilities can be found here.
Since I didn’t delete the default administrator role, all the capabilities and privileges of the role are intact.
This role has the rights to create, edit, publish their own and other users’ posts.
Copy the following code and paste it at the end of the Theme Functions file.
add_role('moderator', __( 'Moderator'), array( 'read' => true, // Allows a user to read 'create_posts' => true, // Allows user to create new posts 'edit_posts' => true, // Allows user to edit their own posts 'edit_others_posts' => true, // Allows user to edit others posts too 'publish_posts' => true, // Allows the user to publish posts 'manage_categories' => true, // Allows user to manage post categories ) );
Click Update File.
Assign “Moderator” Role to a User
Next, I will assign this role to a user. For this navigate to WordPress Dashboard → Users → All Users and follow the instructions below.
I have assigned Moderator role to the user “Alex”. You can see (from the image below) that when he logs in and goes to “Dashboard”, he will have limited access as per the capabilities of his new role.
This role can just edit their profile and create new posts.
To add this role, copy the following code and paste it at the end of the Theme Functions file.
add_role('newbie', __( 'Newbie'), array( 'read' => true, // Allows a user to read 'create_posts' => true, // Allows user to create new posts 'edit_posts' => true, // Allows user to edit their own posts ) );
After pasting the code, click the Update File button.
Assign “Newbie” Role to a User
For assigning the new role to a user, navigate to WordPress Dashboard → Users → All Users and follow the instructions below.
I have assigned Newbie role to the user “Dicaprio”. You can see ( from the image below) that when he logs in and goes to Dashboard, he’ll have limited privileges.
Now, I will assign the Newbie role to every visitor who registers on my website.
Now, I will assign the Newbie role to every visitor who registers on my website.
I hope that by now you can create custom user roles easily. Let me know if you have any issues in creating custom user roles by posting your comments below.