User Role Editor WordPress plugin – Change roles easily

User Role Editor - plugin for WordPress

User Role Editor

User Role Editor WordPress plugin allows you to change standard WordPress user roles capabilities with easiness of a few mouse clicks. Just turn on check boxes of capabilities you wish to add to the selected role and click “Update” button to save your changes. That’s done. Add and tune your own custom roles which you can assign to the users then. You can create new role as a copy of existing one. Delete self-made roles. Change defaul user role.
Multi-site support is provided.

Why it could be necessary? Let’s suppose you wish that your multi-authored blog contributors upload their own graphics to use in their posts. WordPress “contributor” role has no such capability by default. In such situation you have needed to change user role capabilities manually using SQL client as I described at “How to change wordpress user role capabilities” post, if you have enough knowledge in that field. But what to do if you have not?


Good news – This task is simple now, just use this plugin

User Role Editor

The latest version: 4.14.4. Quant of downloads: 1336428
download

Take a look at the “User Role Editor” plugin main form screenshot:
User Role Editor main form

  • Select a role you wish to change from the drop down list at the top. Page will be refreshed automatically and show you the capabilities list for the selected role. Make your corrections, check/uncheck correspondent check boxes and click “Update” button to save your changes. If you wish to apply this change for all sites of your multi-site WordPress network, turn on “Apply to All Sites” check box at the top of the form before press “Update”.
  • If you prefer to see capabilities names in form e.g. ‘Edit pages’ instead of WordPress ‘edit_pages’ standard form turn on the “Show capabilities in human readable form” checkbox at the right top corner of the main form. Move mouse over capability name and you will see its alternative form name.
  • According to WordPress Codex User Levels were introduced in WordPress 1.5, they were replaced by Roles and Capabilities in WordPress 2.0, and were finaly deprecated in WordPress 3.0. Thus you can hide them in order they do not mess you in your work with roles. Keep “Show deprecated capabilities” check box at the to right corner of the form unchecked for that. If for any reason you need to see user levels, turn on that check box.
  • If you don’t wish to save changes you can click “Cancel” button.
  • If you are needed to restore roles capabilities you have before your or installed plugins made 1st modification to them, use “Reset” button. “User Role Editor” will restore roles and capabilities to its clean state. You will get roles stuff just after WordPress installation. Be very careful with this operation as you will definitely lose any changes you or your plugins made to user roles from the time of fresh WordPress installation. Consider to make backup copy of your database before proceed with “Reset” operation.

In order to add/remove your custom role, change default role for new user, add/remove custom user capability use “User Role Editor” management boxes, look on screenshot below:
User Role Editor custom roles and capabilities management boxes

  • If you need your own custom role, create it with “Add New Role” feature. Input new role name into input text field at “Add New Role” box, select existing role from drop-down list if you wish to use its capabilities as starting point for further work and click “Add” button. Remember that you can use latin letters, digits and an “_” underscore sign in your role names. Subscriber role is copied by default if you don’t select such role yourself.
  • Unnecessary self-made role can be deleted with “Delete Role” box. Select role and click “Delete” button for it. Only your self-made roles appears in the role list to delete. If some of your own roles is assigne to the user or selected as default role for new users it will not be appeared in the list for deletion.
  • Select the role which you wish to use as default for any new created user from the list at “Default Role for New User” box. Click “Change” button to save your changes.
  • Use “Add New Capability” box in order to add new user capability. Remember you can use only latin alphabet letters, digits and underscore sign in the capability name. How to use new added user capability? Turn it on in the role you select and check if current user has such capability in your plugin or active theme functions.php file. For example,
     if (!current_user_can('some_capability_you_added')) {
       echo "You don't have permission for it!";
       return;
    }
  • If you need delete custom capability added by you or some of your old plugins, which you don’t use anymore use “Delete Capability” box. “User Role Editor” doesn’t allow to delete built-in WordPress capabilities.

With help of “User Role Editor” you can assign additional capabilities directly to the users. Open users list by click on the “All Users” link at the “Users” submenu. Find needed user, move mouse pointer to his name and click “Capabilities” link as on screenshot below:
User Capabilities Editor link
At the form opened you can assign to user another role and/or add to him capabilities which not included to his role:

Change User Capabilities

Change User Capabilities


You can not turn off capabilities included to the role assigned to this user. You can add/remove other capabilities. They will be applied directly to the user as you click the “Update” button. If you wish to built a fully custom capabilities set for this user, without limitation of any role, select “No role for this site” from drop-down list at the top and make it.

Do you need more functionality with premium support in real time? Do you wish remove advertisements from User Role Editor pages?
Buy Pro version. It includes extra modules:

  • Block selected admin menu items for role.
  • “Export/Import” module. You can export user roles to the local file and import them then to any WordPress site or other sites of the multi-site WordPress network.
  • Roles and Users permissions management via Network Admin for multisite configuration. One click Synchronization to the whole network.
  • Per posts/pages users access management to post/page editing functionality.
  • Per plugin users access management for plugins activate/deactivate operations.
  • Per form users access management for Gravity Forms plugin.
  • Shortcode to show enclosed content to the users with selected roles only.
  • Posts and pages view restrictions for selected roles.

Pro version is advertisement free. Premium support is provided by plugin author Vladimir Garagulya. You will get an answer on your question not once a week, but in 24 hours or quicker.

User Role Editor

For more information about WordPress user roles please read these articles
- WordPress Admin Menu Permissions;
- WordPress user capabilities;
- activate_plugins WordPress user capability;
- edit_dashboard WordPress user capability;
- Delete posts and pages WordPress user capabilities set;
- delete_plugins WordPress user capability;
- moderate_comments WordPress user capability;
- Roles and Capabilities article at codex.wordpress.org;

Translations

Русская версия этой статьи доступна по адресу ru.shinephp.com

Dear plugin User,
if you wish to help me with this plugin translation I very appreciate it. Please contact me via Contact form and I will answer you by email. Do not forget include your site link in order I can show it with greetings for the translation help at shinephp.com, plugin settings page and in this readme.txt file. If you have better translation for some phrases send it to me. You are welcome!
Former translators! Please check your translations and provide the updated files corresponding to the current version of URE plugin.

Special Thanks to

  • Lorenzo Nicoletti – for the code enhancement suggestion CUSTOM_USER_META_TABLE constant is used now for more compatibility with core WordPress API.
  • Marcin – For the code enhancement. This contribution allows to not lose new custom capability if it is added to other than ‘Administrator’ role.
  • FullThrottle – for the code to hide administrator role at admin backend.

You are welcome! Help me with bugs catching, share with me new ideas about plugin further development and link to your site will appear above.

Recent donations for this plugin developement

Change Log

4.14.4

  • 08.08.2014
  • Missed "manage_sites" user capability was added to the list of built-in WordPress capabilities managed by User Role Editor.
  • Russian translation was updated.

4.14.3

  • 25.07.2014
  • Integer "1" as default capability value for new added empty role was excluded for the better compatibility with WordPress core. Boolean "true" is used instead as WordPress itself does.
  • Integration with Gravity Forms permissions system was enhanced for WordPress multisite.

4.14.2

  • 18.07.2014
  • The instance of main plugin class User_Role_Editor is available for other developers now via $GLOBALS['user_role_editor']
  • Compatibility issue with the theme "WD TechGoStore" is resolved. This theme loads its JS and CSS stuff for admin backend uncoditionally - for all pages. While the problem is caused just by CSS URE unloads all this theme JS and CSS for optimizaiton purpose for WP admin backend pages where conflict is possible.

4.14.1

  • 13.06.2014
  • MySQL query optimizing to reduce memory consumption. Thanks to SebastiaanO.
  • Extra WordPress nonce field was removed from the post at main role editor page to exclude nonce duplication.
  • Minor code enhancements.
  • Fixes for some missed translations.

4.14

  • 16.05.2014
  • Persian translation was added. Thanks to Morteza.

4.12

  • 22.04.2014
  • Bug was fixed. It had prevented bulk move users without role (--No role for this site--) to the selected role in case such users were shown more than at one WordPress Users page.
  • Korean translation was added. Thanks to Taek Yoon.
  • Pro version update notes:
  • Use new "Admin Menu" button to block selected admin menu items for role. You need to activate this module at the "Additional Modules". This feature is useful when some of submenu items are restricted by the same user capability, e.g. "Settings" submenu, but you wish allow to user work just with part of it. You may use "Admin Menu" dialog as the reference for your work with roles and capabilities as "Admin Menu" shows what user capability restrict access to what admin menu item.
  • Posts/Pages edit restriction feature does not prohibit to add new post/page now. Now it should be managed via 'create_posts' or 'create_pages' user capabilities.
  • If you use Posts/Pages edit restriction by author IDs, there is no need to add user ID to allow him edit his own posts or page. Current user is added to the allowed authors list automatically.
  • New tab "Additional Modules" was added to the User Role Editor options page. As per name all options related to additional modules were moved there.

4.11

  • 06.04.2014
  • Single-site: It is possible to bulk move users without role (--No role for this site--) to the selected role or automatically created role "No rights" without any capabilities. Get more details at http://role-editor.com/no-role-for-this-site/
  • Plugin uses for dialogs jQuery UI CSS included into WordPress package.
  • Pro version: It is possible to restrict editing posts/pages by its authors user ID (targeted user should have edit_others_posts or edit_others_pages capability).
  • Pro version, multi-site: Superadmin can setup individual lists of themes available for activation to selected sites administrators.
  • Pro version, Gravity Forms access restriction module was tested and compatible with Gravity Forms version 1.8.5

4.10

  • 15.02.2014
  • Security enhancement: WordPress text translation functions were replaced with more secure esc_html__() and esc_html_e() variants.
  • Pro version: It is possible to restrict access to the post or page content view for selected roles. Activate the option at plugin "Settings" page and use new "Content View Restrictions" metabox at post/page editor to setup content view access restrictions.
  • Pro version: Gravity Forms access management module was updated for compatibility with Gravity Forms version 1.8.3. If you need compatibility with earlier Gravity Forms versions, e.g. 1.7.9, use User Role Editor version 4.9.

4.9

  • 19.01.2014
  • New tab "Default Roles" was added to the User Role Editor settings page. It is possible to select multiple default roles to assign them automatically to the new registered user.
  • CSS and dialog windows layout various enhancements.
  • 'members_get_capabilities' filter was applied to provide better compatibility with themes and plugins which may use it to add its own user capabilities.
  • jQuery UI CSS was updated to version 1.10.4.
  • Pro version: Option was added to download jQuery UI CSS from the jQuery CDN.
  • Pro version: Bug was fixed: Plugins activation assess restriction section was not shown for selected user under multi-site environment.

4.8

  • 10.12.2013
  • Role ID validation rule was added to prohibit numeric role ID - WordPress does not support them.
  • Plugin "Options" page was divided into sections (tabs): General, Multisite, About. Section with information about plugin author, his site, etc. was moved from User Role Editor main page to its "Options" page - "About" tab.
  • HTML markup was updated to provide compatibility with upcoming WordPress 3.8 new administrator backend theme "MP6".
  • Restore previous blog 'switch_to_blog($old_blog_id)' call was replaced to 'restore_current_blog()' where it is possible to provide better compatibility with WordPress API. After use 'switch_to_blog()' in cycle, URE clears '_wp_switched_stack' global variable directly instead of call 'restore_current_blog()' inside the cycle to work faster.
  • Pro version: It is possible to restrict access of single sites administrators to the selected user capabilities and Add/Delete role operations inside User Role Editor.
  • Pro version: Shortcode [user_role_editor roles="none"]text for not logged in users[/user_role_editor] is available. Recursive processing of other shortcodes inside enclosed text is available now.
  • Pro version: Gravity Forms available at "Export Entries", "Export Forms" pages is under URE access restriction now, if such one was set for the user.
  • Pro version: Gravity Forms import was set under "gravityforms_import" user capability control.
  • Pro version: Option was added to show/hide help links (question signs) near the capabilities from single site administrators.

4.7

  • 04.11.2013
  • "Delete Role" menu has "Delete All Unused Roles" menu item now.
  • More detailed warning was added before fulfill "Reset" roles command in order to reduce accident use of this critical operation.
  • Bug was fixed at Ure_Lib::reset_user_roles() method. Method did not work correctly for the rest sites of the network except the main blog.
  • Pro version: Post/Pages editing restriction could be setup for the user by one of two modes: 'Allow' or 'Prohibit'.
  • Pro version: Shortcode [user_role_editor roles="role1, role2, ..."]bla-bla[/user_role_editor] for posts and pages was added. You may restrict access to content inside this shortcode tags this way to the users only who have one of the roles noted at the "roles" attribute.
  • Pro version: If license key was installed it is shown as asterisks at the input field.
  • Pro version: In case site domain change you should input license key at the Settings page again.

4.6

  • 21.10.2013
  • Multi-site: 'unfiltered_html' capability marked as deprecated one. Read this post for more information (http://shinephp.com/is-unfiltered_html-capability-deprecated/).
  • Multi-site: 'manage_network%' capabilities were included into WordPress core capabilities list.
  • On screen help was added to the "User Role Editor Options" page - click "Help" at the top right corner to read it.
  • Bug fix: turning off capability at the Administrator role fully removed that capability from capabilities list.
  • Various internal code enhancements.
  • Information about GPLv2 license was added to show apparently - "User Role Editor" is licensed under GPLv2 or later.
  • Pro version only: Multi-site: Assign roles and capabilities to the users from one point at the Network Admin. Add user with his permissions together to all sites of your network with one click.
  • Pro version only: 'wp-content/uploads' folder is used now instead of plugin's own one to process file with importing roles data.
  • Pro version only: Bug fix: Nonexistent method was called to notify user about folder write permission error during roles import.

Click here to look at the full list of changes of User Role Editor plugin.

FAQ

- Does it work in multi-site environment?
Yes, it works with multi-site installation. By default plugin works for every blog from your multi-site network as for locally installed blog without multi-site feature.

URE Multi-site feature

URE Multi-site feature


To update selected role globally for all Network you should turn on the “Apply to All Sites” checkbox.

- How to duplicate my custom created roles from main blog of my multi-site network to new created one?
“User Role Editor” makes it for you automatically. As new blog added to your network, “User Role Editor” copies full roles staff from your main blog to the new created one.

- Why administrators of single site of multi-site network do not see “User Role Editor” under “Users” menu?
URE is disabled for single site administrator by default. If you wish to enable it for single site adminitstrator add this line of code into your blog wp-config.php file

define('URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE', 1);

- I have large multi-site network. After click “Update” button with “Save to all sites” checkbox turned on nothing is happened. I got the blank page.
It is PHP script execution time limit problem. Other network update method is available as alternative from version 3.5. Due to my tests it works approximately 30 times faster. Try it. It will be great, if you share your experience with me. In order to select alternative method of all sites update add this line to you blog wp-config.php file

define('URE_MULTISITE_DIRECT_UPDATE', 1);

It does nothing automatically, just select other algorithm when you press “Update” with “Apply to All Sites” checkbox turned on next time.
If you define WP_DEBUG equal to 1 or true constant in wp-config.php file, URE with this directive shows update execution time in milliseconds as additional technical information.

- How to edit “Administrator” role? I don’t see it in the roles drop down list.
“Administrator” role is hidden from the roles drop down list by default.
You can see/edit “Administrator” role starting from version 3.4. Insert this line of code

  define('URE_SHOW_ADMIN_ROLE', 1);

into your wp-config.php file and login with administrator account for that.
If for any reason your “Administrator” role missed some capabilities added by plugins or themes, you can fix that now. But be careful with changing “Administrator” role, do not turn off accidentally some critical capabilities to not block your admin users.

- Does it work with WordPress versions prior 3.0?
Starting from version 2.2 plugin works with WordPress 3.0 and higher only. For earlier WordPress versions use plugin version 2.1.10

download

I am ready to answer on your questions about this plugin usage and help with possible problems. Use User Role Editor plugin forum or this page comments and site contact form for that please.

Thanks,
Vladimir ShinePHP.com

Tags: , , , ,

  • http://shinephp.com/ Vladimir Garagulya

    Hi Kati,

    Current version of User Role Editor Pro allows to export/import the roles only, not the users.
    Thanks for the good idea for further development of the Pro version – to add the export/import users with data about there roles feature.

    Regards,
    Vladimir.

  • Kati

    Hi Vladimir,

    Thank you for your reply. I’ll be looking forward for that feature.

    Regards,
    Kati

  • staps99

    I have installed the plugin but I do not get the page with all the options. Am I missing something??

  • http://shinephp.com/ Vladimir Garagulya

    It seems – Yes. Look the “User Role Editor” menu item under ‘Users’ menu.

  • Ariane

    Hi, is it is possible with this plug-in to give back-end users rights to a specific category, so they won’t be able to edit in other categories?
    Thanks in advance.