70 Responses

  1. Rachel Rock
    Rachel Rock Published |

    I saw your tweets and felt bad (I hate when that happens) so I thought that I better read your article after all your hard work. And guess what – another lesson learned. Thanks for the info. It is usually d.o. who does this stuff for our site and he raves about you. Like he says, the elements that set your service apart from the rest is trust, and that you are a natural born teacher. Thanks for what you do – Rachel from hypyklrz.

  2. 8207h32
    8207h32 Published |

    I have been used role manager plugin for wordpress 2.7.1 and capability manager for 2.8.4. And I just satisfied. But I can’t wait to try your plugin, your plugin feature look more promising…

  3. Roles And Caps In Plain English « Weblog Tools Collection
  4. Adam W. Warner
    Adam W. Warner Published |

    Well stated Justin and will save you from explaining after the plugin release. The screenshot looks great!

  5. John Hawkins
    John Hawkins Published |

    I’m definitely looking forward to the plugin. Having a visual representation of what each user can and can’t do will be extremely useful.

    Thanks for the informative post and for the upcoming plugin!

  6. David
    David Published |

    Screenshot looks fantastic and I’m very happy to see capability “moderate comments” there, which if I’m not wrong Role Manager doesn’t have, and that one is actually the most important to me.

  7. Carson Sasser
    Carson Sasser Published |

    I think you may have stressed the idea that roles are not hierarchical a bit too much. The distinction you’re making is that roles are not inherently hierarchical, but can be made so in the way that you define their capabilities. In actual practice, a set of roles and capabilities that are not somewhat hierarchical makes little sense to me. In fact, they are somewhat hierarchical by default in WordPress. On the other hand, a purely hierarchical set is not useful in most cases either.

    1. Noel Sufrin
      Noel Sufrin Published |

      Hi, I have a great example of a non-hierarchical set of user roles that illustrates what Justin means.

      I’ll be creating a group of users who will all share a similar basic level of admin access, but will be grouped by department, so that each user can log into the admin area and only view form data submitted to their specific department from the Gravity Forms plugin. This plugin seems to be the perfect remedy for that, and does away with the need to code those roles and permissions by hand.

      We had be exclusively using Contact Form 7, but this will be a new website hosting nothing but .gov forms. So, encrypting SSNs and compartmentalizing user areas was key, and Gravity Forms works better for it, especially when integrating with add-ons such as the Members & Gravitate Encryption plugins.

  8. NotAlame
    NotAlame Published |

    Thanks for this explannation.
    But, what is the difference with this plugin: Role Manager :

    And I have another question:
    How can we display the role name of the comment author on his comment??

  9. NotAlame
    NotAlame Published |

    Thanks for your quick answer…

    For your futur plugin, I hope it don’t use a big amount of memory because I have memory_limit=24M on my hosting (I’m using wordpress 2.6.5)

    And for my question… I asked 2 times but no one answered me…
    I made researches and only found how to display it for author POSTs…

  10. Xavier
    Xavier Published |

    Sounds to me like the makings of an extremely useful and popular plugin. Good work Justin!

  11. Dan Clark
    Dan Clark Published |

    @Carson Sasser: I don’t think the point being stressed is that Roles can be made to be “non-hierarchical.” The point is that they are not hierarchical, e.g. that the Admin role need not always inherit the capabilities of the other roles. The Roles/Capabilities chart in the codex ( http://codex.wordpress.org/Roles_and_Capabilities#Capability_vs._Role_Table ) does not make this point clear, which may be causing some of the confusion Justin is addressing.

    And Justin, I look forward to eventually creating little demon_eaters on my site, with the capability to eat_demons!

  12. Joaquin
    Joaquin Published |

    Thanks for this Justing. It’s now clear 🙂 Now that I digged in to codex and find out what each capability does, your plugin will be rocking this side of Wordpress.

    Happy to be an alpha/beta tester. You have my email.



  13. Deb
    Deb Published |

    I have to admit i was one of those idiots that didn’t know how the WordPress role and capability system work. I now know thanks! And thanks for putting it in words anyone could understand.

  14. Fape
    Fape Published |

    It’sjvery similar to Capability Manager by Jordi Canals. You can see it at http://alkivia.org/wordpress/capsman/
    It’s an awsome plugin to manage capabilities.

  15. Fape
    Fape Published |

    Justin excuse me, I’m not saying that it’s the same thing just that is very similar in some functions. Perhaps it’s because my english is very poor (I’m speaker spanish). Again, excuse me! I follow your job and use some of your plugins in my sites and think that you do an amazing job sharing your knowledge.

  16. Garry
    Garry Published |

    Sounds to me like the makings of an extremely useful and popular plugin. Good work Justin! keep it up.

  17. WordPress users en rechten goed uitgelegd : WordPress Dimensie
  18. HW
    HW Published |

    Hi Justin,

    Is it possible to use this plugin for creating something like in this scenario:

    All Commenters need to register ( it is already set in WP Settings)

    So, once someone registers he will be able to comment. After sometime the commenter feels to delete his comment so he logs back in and must be able to just delete his own comment only.

    I hope you can look into this

  19. Start Action
    Start Action Published |

    Pretty good post. I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts. Any way I’ll be subscribing to your feed and I hope you post again soon.

  20. Dave
    Dave Published |

    Looking good Justin. Based on your thoroughness and recent screenshot, I’m eagerly anticipating this plugin.


  21. Flick
    Flick Published |

    Definitely learnt something new today, thank you 🙂 Found out about your post on WLTC (Jeff’s post) and rushed over to learn about this concept in plain English. Spot on. Looking forward to the plugin as well!

  22. NotAlame
    NotAlame Published |

    Hey Justin, is there any system that will buzz us by email when your plugin will be out??

  23. paperReduction
    paperReduction Published |

    Sounds like you’re working on something that will be in the core WP 2.9 release: http://www.wptavern.com/forum/general-wordpress/699-new-way-doing-user-roles-capabilities.html

  24. pavankumar
    pavankumar Published |

    users, roles and capabilities are well described here.

  25. matthijs
    matthijs Published |

    Looks very promising Justin! Currently I use Rolemanager on a couple of sites, but I’m scared by the lack of development and anxiously awaiting the day when an upgrade of wp breaks the plugin (and the whole site with that).

    Your explanation of roles and capabilities was excellent. I’d love to hear more insight into exactly what capabilities are, how they are defined and created in wordpress itself, etc.

    p.s. is my email address being shown when I fill it in here?

  26. Maneesh Bhati
    Maneesh Bhati Published |

    I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts. Thanks for sharing.

  27. Banner Stands
    Banner Stands Published |

    Ahh now i see. Thanks for the explanation.

  28. Martin
    Martin Published |

    Sounds quit nice. I want to install a wordpress-blog for the school of my children. But it is very difficult to handle all users and usertypes. Perhaps this plugin helps. Looking forward …
    Greeting, Martin

  29. Lauro Faria
    Lauro Faria Published |

    In my opinion, Wordpress set out the rules with a hierarchical pattern, but not hard, they can be altered and lose this hierarchy.

    Having the right tool the administrator can assign any way its capabilities.

    The comment from Carson Sasser expressed practically my thoughts.

    My hope is that your plugin adds the possibility of the administrator can choose your options, either hierarchical or not.

    Use the Role Manager on some projects and need to determine access to specific categories.

    I have a beta site, which I use for my tests, I think is productive can help you test your plugin.

  30. WPGPL
    WPGPL Published |

    I will waiting your plugins and make some review on WPGPL.com 😉

  31. David C Ballard
    David C Ballard Published |

    It occurred to me, after reading the post about roles and capabilities that many games characters seemed to build on that premise. You pick a role (character) and you go about earning capabilities (a magic staff – more special powers – life etc.). Hey – it is just me spacing out.

    Whether or not that is a relevant analogy – your explanation gave me a clear understanding and a better perspective.


    david c ballard

  32. Lauro Faria
    Lauro Faria Published |

    Note: I do not speak English, then use the Google translator. 🙂

    That said, reread any sentences.

    The Wordpress was prepared to be a typical blog, but what makes it good is their ability to CMS that are many.

    At this point, your plugin is very welcome.

    The term administrator, you may not be appropriate. Then consider any User that can receive permission to use more advanced features and specific, without considering a “traditional hierarchy”.

    Roles edit_roles and create_roles are still obscure to me. Especially with the right terms for each role.

    As I read about your plugin, is mentioned on access to content. In my case, it is interesting also access the content of this generation. Especially being able to separate the access to certain categories (post).

    Bom trabalho. (Good work.)

  33. estetik
    estetik Published |

    thanks, i can quote this article ?

  34. David C Ballard
    David C Ballard Published |

    Grrrr…I am a victim of “Paralysis from Analysis”.

    It drives me crazy not to be able to perform a task because the information was uncovered in the beginning, or have to undue something because the particular application is not available with your version of the software. For example, when you have a great idea, and go to implement it, only to find out…Sorry that will not work, you do not have that capability.

    My partner is setting up my personal blog, and asked me to pick out the theme for WordPress. Holly Mollies…That is unfair, especially, when suffering from paralysis by analysis. This is why I appreciated reading your post Justin. It helped with the bigger picture.
    Every blog – blog post – radio show – social networking site – that we built or subscribed to, for the past five years, have all dealt with children, and their family’s safety online and offline.

    I am attempting to write a book that I believe will be the contributing factors to help keep our children safe, and provide for a healthy and safe Internet; hence, my personal blog.

    Justin, your comment, regarding an element of gaming is something I have considered, although more along the traditional board game, than the digital online concept. I hope that such a game would empower children, and their family’s better understand online and offline safety.

    I would like to make the blog interactive using different mediums, allowing for the opinions of others, and possibly incorporating the game concept digitally.

    Over the years, we have been approached to evaluate products and services, which we personally, as well as our company uses. The site would offer these same products to help fund the publishing of the book.

    Currently the blog is set up on WP using Dream Theme – any suggestions as to the best bells and/or whistles, which will help for a smooth transition into the future would be greatly appreciated.


  35. Roles and capabilities plugin for wordpress
  36. Christian Hollingsworth
    Christian Hollingsworth Published |

    It’s very important to understand roles for users when incorporating user commenting and/or forums with your blog. You don’t want spammers to go wild. Great post!

  37. Larry
    Larry Published |

    Good luck with the plugins! I like the permissions features you discuss in your article. I took a look a the screenshot and that is pretty detailed!

  38. Carmellita
    Carmellita Published |

    Thanks a bunch for this information, user roles have been somewhat confusing for me, I’ve got some clarity thanks to this post here. Thanks again.

  39. Andrei Gheorghiu
    Andrei Gheorghiu Published |

    I have tested the post/page limitations and, not surprisingly, it works like a charm.

    However, there is one thing that’s not as it should, i suppose. I know it’s much more difficult to achieve, but it would be nice if forbidden pages/posts wouldn’t appear in the list for the users who cannot view their contents.

    It’s pretty annoying to see a large structure from which one can only access a small part. Also, one has to find out on a trial and error basis which are the sections of the site he can access and has to remember them.

    I guess hiding forbidden pages/posts in: widgets, menus and admin area would make a big change for this plugin.
    Is this achievable?

    I’ll test it some more.
    So far it’s pretty neat, like everything you do.
    Good work.

  40. Andrei Gheorghiu
    Andrei Gheorghiu Published |

    Oops. Sorry. Meant to post the above on the members plugin page.

  41. John Glass
    John Glass Published |

    Although I am not running the plugin your basic outlining of users, roles ect was incredible. Such a simple explanation that I can show my Mom understand a little more. Thank you

  42. BP
    BP Published |

    Nice to see someone spending time on the more technical plugins, have taken up a few recommendations many, many thanks for your hard work. bp

  43. Custom post types in WordPress
    Custom post types in WordPress at |
  44. James McGregor
    James McGregor Published |

    Hi Justin, I just started using your plugin to solve an access problem with a community website I am building at http://camdenproducemarkets.com.au
    I have to say it works a treat! You rock!
    Thanks for creating this plugin .


  45. Chris K
    Chris K Published |

    I thought i might mention what you’re dealing with here is Access Control Theory. In which classically you have users, roles, and resources. WordPress implements this poorly in my opinion, as ‘capabilities’ is really a merger of roles and resources.

    Users define who does something
    Roles define what can be done (usually create, read, update, delete)
    Resources define what things are affected.

    You can see this in capabilities as delimited by the underscore ‘edit’ is the role ‘themes’ is the resource. I think eventually WordPress is going to have to tease these two apart if it wants to stay competitive in the CMS market

  46. Ivan Gonzalez
    Ivan Gonzalez Published |

    Hi Justin,
    First of all, greetings for your great articles, you are very good teacher.
    That said, i should ask you a question i’ve not seen resolved anyway.
    Not hierarchical roles are more granular, but it could be very interested to make a role a inherits another role capabilities. I mean create a role by the sum of other roles (as group of capabilities).
    Does it is possible any way? It is easy to do simple creating as much roles as needed, but in a site with multiple kind of memeberships, where every memberships lets or not a couple of capabilites, could be more comfortable to manage the always changing memberships and promotions (for example).

  47. Bjorn
    Bjorn Published |

    Was this plugin ever released?

  48. Random Joe
    Random Joe Published |

    Question about the plugin….
    So when a “Member” logins in does it take them to the Dashboard? Or to the site itself ?

    What I need is a plugin that will require a visitor to register and then they will have to login to see any content at all and then I need to be able to assign permission as to who can see what.

    Will this plugin do that?

    1. Serge
      Serge Published |

      I used the plugin to limit my order taker to just woocommerce orders, reports, and products. They can see the dashboard, but for some reason when they login they are defaulted to the Profiles screen. Can that be dealt with? Dashboard would be good or letting me choose would be best


  49. Alan
    Alan Published |

    I digged in to codex and find out what each capability does, your plugin will be rocking this side of Wordpress.

  50. WordPress Roles and Capabilities - Jean Galea | Web Designer and Developer in Malta | WordPress Consultant
  51. User Access Levels | IMAGEARIES
    User Access Levels | IMAGEARIES at |
  52. 如何为WordPress 后台添加自定义域面板
  53. lasitha
    lasitha Published |

    nice work nice set of tutorials ,i like all of them..,thanks for share the knowledge and wish you good luck for future works..,thanks

  54. Custom post types in WordPress – Julian John Portfolio
  55. Custom post types in WordPress | Wordpress Workbook | My wordpress note and workflow
  56. 标题:wordpress的角色-roles权限-Capabilities用户层级-User Levels---慧发科技 |网站教程| 网站设计 | 网站制作 | 图片设计 | 代码
  57. How To Allow Contributors To Set A Featured Image - Build Your Own Blog
  58. Don Hirst
    Don Hirst Published |

    Justin, two things:

    First, thanks for this excellent tutorial; it is very helpful, complete, and concise.

    Second, no need to post this, but there’s a typo to correct:


    Why is all this important?

    It’s important to understand how the platform you’re using works. I was amazed at the number of comments I recieved that focused on a hierarchical role system, which is not how WordPress works.


    Why is all this important?

    It’s important to understand how the platform you’re using works. I was amazed at the number of comments I received that focused on a hierarchical role system, which is not how WordPress works.


    Don Hirst

  59. Benjamin
    Benjamin Published |

    Fantastic! It’s great to see where it all began with this useful plugin!

  60. Advance Custom post types in WordPress - Resource
  61. Hello world! | Karene C. Pace
    Hello world! | Karene C. Pace at |

Leave a Reply

By submitting a comment here you grant this site a perpetual license to reproduce your words and name/Web site in attribution.

Please use your real name or a pseudonym (i.e., pen name, alias, nom de plume) when commenting. If you add your site name, company name, or something completely random, I'll likely change it to whatever I want.