Create and Manage Users Roles in WordPress to Assign Types of Users

WordPress has been a popular option for websites that need a content management system. Like other CMSs, WordPress provides comprehensive predefined user roles that fulfill the requirements of website administrators and managers.

Most of the website owners don’t know that they can provide limited access to the Dashboard for specific users. This action ensures that only a particular group of users have access to specific admin panel areas and options. Custom WordPress user roles also help minimize the chances of any accidents that can bring down the whole website.

In this article, I will describe two ways of creating WordPress new user roles using a plugin and ensure that everything on your website is under control.

Understanding WordPress User Roles

In WordPress, a User Role is a combination of:

1. Role
2. Capabilities

A role is the name of a user group that will display in your WordPress Admin Panel, and capabilities are the privileges that admins can enable or disable.

Managed WordPress Hosting Starting From $10/Month

Experience Cloudways optimized hosting and get instant speed & performance boosts.

TRY 3 DAYS FREE

By default, WordPress has six primary user roles.

1. Super Admin: The profile that has access to the entire website, including network administrative features.
2. Administrator: The profile(s) that has all administrative privileges.
3. Editor: The profile(s) that can create, edit, publish theirs, and other users’ posts.
4. Author: The profile(s) that can create, edit, publish their posts only.
5. Contributor: The profile(s) that can create, edit their posts but cannot publish them.
6. Subscriber: The profile(s) that can only manage their profiles.

You can find your WordPress permissions right within your Dashboard.

Log in to your WordPress Admin Panel, navigate to Users → All Users.

You can see the current WordPress roles available on your website:

Getting Ready to Create New WordPress Roles

There are two ways to create, edit, or delete WordPress users’ roles.

1. Modify WordPress User Roles via Plugin

Sometimes a plugin that can control WordPress user permissions offers the simplest solution. There are lots of plugins for adding, modifying, and deleting WordPress user roles and capabilities. One plugin worth checking out is Capability Manager Enhanced from PublishPress, but in this tutorial, I will suggest trying out the WordPress User Role Editor plugin.

Once installed and activated, from the left pane, navigate to Users → User Role Editor.

As you can see, there are a lot of options to add/modify/delete WordPress users’ capabilities.

First of all, notice that you can see all the WordPress roles that exist on your WordPress site. If you want to update or change anything, select the user role from the list.

In my case, I have chosen the WordPress Editor role and marked where it says Granted Only you can see the existing capabilities assigned to the Editor.

If you are unfamiliar with WordPress access levels and capabilities of a role, give this WordPress Codex a read to understand them in detail.

The WordPress User Role Editor plugin allows you to rename the capabilities by checking the box.

And here is how the capabilities will show in human-readable form.

Ok, so now you have got an idea of how the plugin lists existing WordPress user permissions assigned to each WordPress user.

To increase the capabilities of a WordPress user, you can go to the respective group from the left side. For example, in addition to the current capabilities, I also want to allow the WordPress Editor Role to Add and Activate plugins.

For this, navigate to the Plugins group from the left pane and select Install Plugins and Activate Plugins and update the user by clicking the Update button on the right.

Now visit the Granted Only section, and you will see that the Editor can now Install and Activate plugins.

To add (or remove) capabilities for a specific WordPress user role, navigate to the respective group from the left pane, and assign (or remove) the capabilities accordingly.

Create a New WordPress User Role

User Role Editor plugin also allows you to create new WordPress Roles besides the Administrator, Author, Editor, etc. Click on the Add Role button from the right menu, and a new popup will appear asking you:

• Role Name (ID): A unique ID for each user role.
• Display Role Name: The name of the role that will be displayed.
• Make Copy of: Select the current role that would form the basis of the new role.

IIn my case, I have copied the Editor role and named the new role as Editor Limited Access. You can see, the new role has all the same capabilities as that of the original editor role.

Now, I can add/remove capabilities for this new role.

Just like adding a role, you can also add/create new capabilities and assign them to any WordPress user role.

Next, I will demonstrate how you can create custom WordPress user roles via code.

2. Create, Edit or Delete WordPress User Roles Manually

WordPress allows you to remove the default user roles and create custom roles by assigning limited privileges/capabilities to specific user groups (Roles).

The CMS provides five functions for managing WordPress roles and capabilities:

• add_role(): For adding a custom role.
• remove_role(): For removing a custom role.
• add_cap(): For adding a custom capability to a role.
• remove_cap(): For removing a custom capability from a role.
• get_role (): Gets information about the role and its capabilities.

Remove Default User Roles

I will start by removing the existing roles. Remember that WordPress, by default, has the following five roles:

1. Subscriber
2. Editor
3. Contributor
4. Author
5. Administrator

For this tutorial, I will remove all user roles except the Administrator. For this, navigate to WordPress Admin → Appearance → Editor → Theme functions.

I will use the remove_role() function to remove the role. Copy the following code snippet and paste it at the end of the Theme Functions file.

remove_role( 'subscriber' );
remove_role( 'editor' );
remove_role( 'contributor' );
remove_role( 'author' );

Click the Update File button.

To verify that all the mentioned WordPress user roles have deleted, navigate to Users → All Users.

You can see that except for Administrator, all default WordPress roles have deleted.

Create New User Roles

For this tutorial, I will create three new user roles with the below WordPress user permissions.

1. Administrator: with complete administrative access.
2. Moderator: That can create, edit, publish theirs, and other WordPress users’ posts.
3. Newbie: That can only edit their profile and create new posts.

To add these custom WordPress user roles, I will use the native add_role() function with the following syntax:

add_role( $role, $display_name, $capabilities );

• $role: A unique name of the role.
• $display_name: The name to be displayed in the WordPress Admin Panel.
• $capabilities: Privileges of the role.

Here is a list of all capabilities.

Administrator

Since I didn’t delete the default administrator role, all the capabilities and privileges of the role are intact.

Moderator

This role has the right to create, edit, publish their own, and other WordPress users’ posts.

Copy the following code and paste it at the end of the Theme Functions file.

add_role('moderator', __(
   'Moderator'),
   array(
       'read'            => true, // Allows a user to read
       'create_posts'      => true, // Allows user to create new posts
       'edit_posts'        => true, // Allows user to edit their own posts
       'edit_others_posts' => true, // Allows user to edit others posts too
       'publish_posts' => true, // Allows the user to publish posts
       'manage_categories' => true, // Allows user to manage post categories
       )
);

Click Update File.

Assign “Moderator” Role to a User

Next, I will assign this role to a user. For this, navigate to WordPress Dashboard → Users → All Users and follow the instructions below.

I have assigned the Moderator role to the user, “Alex.” You can see (from the image below) that when he logs in and goes to “Dashboard,” he will have limited WordPress access as per the capabilities of his new role.

Newbie

This role can just edit their profile and create new posts.

To add this role, copy the following code and paste it at the end of the Theme Functions file.

add_role('newbie', __(
   'Newbie'),
   array(
       'read'            => true, // Allows a user to read
       'create_posts'    => true, // Allows user to create new posts
       'edit_posts'      => true, // Allows user to edit their own posts
       )
);

After pasting the code, click the Update File button.

Assign “Newbie” Role to a User

For assigning the new role to a user, navigate to WordPress Dashboard → Users → All Users and follow the instructions below.

I have assigned a Newbie role to the user, “Dicaprio.” You can see ( from the image below) that when he logs in and goes to Dashboard, he’ll have limited privileges.

Now, I will assign the Newbie role to every visitor who registers on my website.

Wrapping up!

In this article, I have explained to you how to create WordPress user roles with the limited WordPress access and what are the various types and permissions one can use. As you have seen, there are many customization options, and you have a substantial margin of actions that you can make available or not for each of your WordPress users.

What WordPress user privileges have you enabled on your platform? Share your experience with us by leaving a comment in the box below.

Frequently Asked Questions