Is your content created by multiple authors, editors, or contributors on your website? If so, then you’re going to need to make sure different authors can’t edit each other’s content. And to do this, you are going to need to edit each user role’s permissions.
Luckily, WordPress plugins exist that allow you to decide who has permission to create content like articles and blogs versus the ability to edit it once it is live. This kind of tool is necessary when you run a website with multiple authors and contributors.
Today I will demonstrate how to change editor user role permissions in WordPress using the PublishPress Capabilities plugin.
How Changing User Role Permissions Can Help You
Changing user role permissions is a great way to avoid having the wrong piece of content edited by the wrong person.
By default, each user role in WordPress has permissions that’s allow them to do specific tasks on your website. However, you can use the editor user role permissions to stop certain roles from editing some types of content.
For example, let’s say your website utilizes contributors. These are outside writers that are allowed to submit content on your website. By default, this role can add new posts, but not publish them. However, one problem that this role may face is that it cannot upload files.
While there is a great reason this permission is not granted (avoiding copyright claims or security purposes), you may want to enable it.
Another great way to utilize user role permissions is to only allow them to edit certain categories. For example, you may have sales posts and normal posts. You could only let a certain user role edit the sales pages.
Although if you take this approach you are probably going to have to create a few new user roles.
Only Grant Necessary Permissions
Whether you are planning to only change the Editor role permissions or every user role, it is important to only give the necessary permissions.
This plugin allows you to give user roles a lot of power and while that can be useful, it is not always a good thing. Thus, I strongly recommend making sure to only give a user role the tools it needs to carry out its work.
For example, why would an author need the ability to install and change plugin settings? Simple answer, they don’t. Those types of actions should be left in the hands of admin accounts.
This is especially true when you have multiple authors.
Installing PublishPress Capabilities
The PublishPress Capabilities plugin allows you to change editor user role permissions in WordPress. It’s a popular plugin with over 90,000 active installs and can help ensure the right people have access to certain content. The plugin is very user-friendly and makes it simple to change user role permissions.
Let’s start by going to the plugins area of WordPress and click on the “Add New” button.
Search for PublishPress Capabilities in the available search box. This will pull up additional plugins that you may find helpful.
Scroll down until you find the PublishPress Capabilities plugin and click the “Install Now” button and activate the plugin for use.
Note: There are a lot of plugins with a similar name and an almost identical image. Make sure it says “PublishPress Capabilities: Manage WordPress Permissions and Edit User Roles.”
However, keep in mind that many of these plugins give you additional permission options to choose from, so you may want to consider using others from the same creator.
How to Change Editor User Role Permissions in WordPress
On the left-hand admin panel click on Capabilities and select the Capabilities option.
This plugin may seem overwhelming at first, but I assure you, it is really simple to use.
First, take a look at the right-hand side. Here you can select the role to edit, create a new role, make a copy of the role, rename a role, and add capability options. These are all based on the role you select (i.e the first option on the right).
When you select a user role, click on the “Load” button. In this case, I will change the editor role permissions, but feel free to choose any user role available.
Note: If you do not press the “Load” button, you will not be editing that user role and instead will be making changes to whichever one was there originally.
You will see 3 boxes at the top that show all of the editing, deletion, and reading capabilities. If the box is checked, that means the user role has that permission. To add permissions, simply check a box, on the flip side, to remove permissions, uncheck the box.
Options worth pointing out are the Edit Others and Delete Others columns in their respective boxes. This will prevent any editors from editing content that is not their own.
Underneath these options, there are two more sections of capabilities. These include the Other WordPress Core Capabilities and Additional Capabilities sections. There are a lot of options to choose from, so carefully consider what the user role needs to accomplish their task when making choices.
Click on the “Save Changes” button.
Note: If you plan on testing out what each role can do make sure you log into that specific role. As an Administrator can do anything, thus you will not be able to see any of the changes. This is a good way to ensure you didn’t give a role the wrong capability.
Congratulations on learning how to edit your user role permissions in WordPress. Repeat these steps to change the permissions on other user roles.
Assigning role permissions is very important for all websites. For that reason, many plugins were created that can help you do so. Here are some additional plugins that you may find helpful.
User Role Editor
User Role Editor is a very popular plugin with over 600,000 active installs. It has all the necessary tools to make role changes with ease and also allows you to create new ones. It’s a great plugin to try out.
Advanced Access Manager
Advanced Access Manager is another plugin that can help you manage your role capabilities. It offers many advanced settings to help manage various sections of your website, and one of those is assigning roles and the permissions to the roles.
Keep Your Website Secure
Giving user roles certain permissions is risky. For example, it is possible to let a contributor, this is generally someone not in your employment, the ability to change your website’s theme. This can cause a lot of problems if allowed to happen.
Thus, not only does managing your user role permissions make sense from a workflow standpoint, it’s a security benefit.
Another great example is limiting who can upload files to your website. This is a tricky one since media uploads are an essential part of the content, but the uploader could knowingly or unknowingly upload a file that bricks your website.
While ensuring your employees have the necessary permission to get the job done is a must, don’t give them any more than that.
What other permissions would you consider limiting your staff to? Did you feel the plugin was easy to use?
Author: Ron Helms
I currently work for GreenGeeks as a Support Technician. My primary roles are supporting our VPS and Dedicated server clients, as well as performing site migrations. With experience in the web hosting industry since 2009, there is rarely a question I can’t help answer. In my spare time, I enjoy gaming and working on cars as an automotive enthusiast.