In a previous article we talked about user roles and how to assign them in WordPress. Now this works great if you want to use the default user roles WordPress provides, but what happens if you want to further define what the user can and can’t do?
As an example, lets assume you have built a site for a client and want them to have limited access to the backend. You want them to be able to add and edit posts but not pages, as well you want them to be able to update plugins but not add or delete them. So whats the easiest way to make this happen? Why a plugin of course and in this case that plugin would be Members by Justin Tadlock.
The Members plugin has been around for awhile and just recently got an update. With over 100,000 installations, this is the go to plugin for creating custom user roles. Not only does it allow you to create the custom user role but you can also create custom capabilities for that role.
Once you’ve installed the plugin , simply go to Users >> Add New Role and you can start creating your custom user role.It’s as simple as checking off which features you either want to grant or deny your new user role.For our example we want to deny everything on the Pages tab but reading, and grant everything on Posts tab, and as a final touch, grant updating plugins but deny anything else.
We will give this user role the name of ‘Client’ and then click Add Role. If you now click on Users >> Roles you will see our newly created user role in the list, ready to be applied to whomever you wish.
It’s that easy to create new user roles. But remember, with great power comes great responsibility. Use this new power on your site wisely and plan out what your user roles need to be.