User Role Editor WordPress plugin – Change roles easily

User Role Editor - plugin for WordPress

User Role Editor

User Role Editor WordPress plugin allows you to change standard WordPress user roles capabilities with easiness of a few mouse clicks. Just turn on check boxes of capabilities you wish to add to the selected role and click “Update” button to save your changes. That’s done. Add and tune your own custom roles which you can assign to the users then. You can create new role as a copy of existing one. Delete self-made roles. Change defaul user role.
Multi-site support is provided.

Why it could be necessary? Let’s suppose you wish that your multi-authored blog contributors upload their own graphics to use in their posts. WordPress “contributor” role has no such capability by default. In such situation you have needed to change user role capabilities manually using SQL client as I described at “How to change wordpress user role capabilities” post, if you have enough knowledge in that field. But what to do if you have not?


Good news – This task is simple now, just use this plugin

User Role Editor

The latest version: 4.11. Quant of downloads: 1104006
download

Take a look at the “User Role Editor” plugin main form screenshot:
User Role Editor main form

  • Select a role you wish to change from the drop down list at the top. Page will be refreshed automatically and show you the capabilities list for the selected role. Make your corrections, check/uncheck correspondent check boxes and click “Update” button to save your changes. If you wish to apply this change for all sites of your multi-site WordPress network, turn on “Apply to All Sites” check box at the top of the form before press “Update”.
  • If you prefer to see capabilities names in form e.g. ‘Edit pages’ instead of WordPress ‘edit_pages’ standard form turn on the “Show capabilities in human readable form” checkbox at the right top corner of the main form. Move mouse over capability name and you will see its alternative form name.
  • According to WordPress Codex User Levels were introduced in WordPress 1.5, they were replaced by Roles and Capabilities in WordPress 2.0, and were finaly deprecated in WordPress 3.0. Thus you can hide them in order they do not mess you in your work with roles. Keep “Show deprecated capabilities” check box at the to right corner of the form unchecked for that. If for any reason you need to see user levels, turn on that check box.
  • If you don’t wish to save changes you can click “Cancel” button.
  • If you are needed to restore roles capabilities you have before your or installed plugins made 1st modification to them, use “Reset” button. “User Role Editor” will restore roles and capabilities to its clean state. You will get roles stuff just after WordPress installation. Be very careful with this operation as you will definitely lose any changes you or your plugins made to user roles from the time of fresh WordPress installation. Consider to make backup copy of your database before proceed with “Reset” operation.

In order to add/remove your custom role, change default role for new user, add/remove custom user capability use “User Role Editor” management boxes, look on screenshot below:
User Role Editor custom roles and capabilities management boxes

  • If you need your own custom role, create it with “Add New Role” feature. Input new role name into input text field at “Add New Role” box, select existing role from drop-down list if you wish to use its capabilities as starting point for further work and click “Add” button. Remember that you can use latin letters, digits and an “_” underscore sign in your role names. Subscriber role is copied by default if you don’t select such role yourself.
  • Unnecessary self-made role can be deleted with “Delete Role” box. Select role and click “Delete” button for it. Only your self-made roles appears in the role list to delete. If some of your own roles is assigne to the user or selected as default role for new users it will not be appeared in the list for deletion.
  • Select the role which you wish to use as default for any new created user from the list at “Default Role for New User” box. Click “Change” button to save your changes.
  • Use “Add New Capability” box in order to add new user capability. Remember you can use only latin alphabet letters, digits and underscore sign in the capability name. How to use new added user capability? Turn it on in the role you select and check if current user has such capability in your plugin or active theme functions.php file. For example,
     if (!current_user_can('some_capability_you_added')) {
       echo "You don't have permission for it!";
       return;
    }
  • If you need delete custom capability added by you or some of your old plugins, which you don’t use anymore use “Delete Capability” box. “User Role Editor” doesn’t allow to delete built-in WordPress capabilities.

With help of “User Role Editor” you can assign additional capabilities directly to the users. Open users list by click on the “All Users” link at the “Users” submenu. Find needed user, move mouse pointer to his name and click “Capabilities” link as on screenshot below:
User Capabilities Editor link
At the form opened you can assign to user another role and/or add to him capabilities which not included to his role:

Change User Capabilities

Change User Capabilities


You can not turn off capabilities included to the role assigned to this user. You can add/remove other capabilities. They will be applied directly to the user as you click the “Update” button. If you wish to built a fully custom capabilities set for this user, without limitation of any role, select “No role for this site” from drop-down list at the top and make it.

For more information about WordPress user roles please read these articles
- WordPress Admin Menu Permissions;
- WordPress user capabilities;
- activate_plugins WordPress user capability;
- edit_dashboard WordPress user capability;
- Delete posts and pages WordPress user capabilities set;
- delete_plugins WordPress user capability;
- moderate_comments WordPress user capability;
- Roles and Capabilities article at codex.wordpress.org;

If you can not find answer for some question yourself, consider to subscribe for one year Premium support and get your answer in guaranteed 24 hours. Pay $15 only and priority in conversations about WordPress user permissions, roles and capabilities related problems, other plugins menu access, etc. will be yours for the whole year.
Buy Now

Translations

Русская версия этой статьи доступна по адресу ru.shinephp.com

Dear plugin User,
if you wish to help me with this plugin translation I very appreciate it. Please contact me via Contact form and I will answer you by email. Do not forget include your site link in order I can show it with greetings for the translation help at shinephp.com, plugin settings page and in this readme.txt file. If you have better translation for some phrases send it to me. You are welcome!
Former translators! Please check your translations and provide the updated files corresponding to the current version of URE plugin.

Special Thanks to

  • Lorenzo Nicoletti – for the code enhancement suggestion CUSTOM_USER_META_TABLE constant is used now for more compatibility with core WordPress API.
  • Marcin – For the code enhancement. This contribution allows to not lose new custom capability if it is added to other than ‘Administrator’ role.
  • FullThrottle – for the code to hide administrator role at admin backend.

You are welcome! Help me with bugs catching, share with me new ideas about plugin further development and link to your site will appear above.

Recent donations for this plugin developement

Change Log

4.11

  • 06.04.2014
  • Single-site: It is possible to bulk move users without role (--No role for this site--) to the selected role or automatically created role "No rights" without any capabilities. Get more details at http://role-editor.com/no-role-for-this-site/
  • Plugin uses for dialogs jQuery UI CSS included into WordPress package.
  • Pro version: It is possible to restrict editing posts/pages by its authors user ID (targeted user should have edit_others_posts or edit_others_pages capability).
  • Pro version, multi-site: Superadmin can setup individual lists of themes available for activation to selected sites administrators.
  • Pro version, Gravity Forms access restriction module was tested and compatible with Gravity Forms version 1.8.5

4.10

  • 15.02.2014
  • Security enhancement: WordPress text translation functions were replaced with more secure esc_html__() and esc_html_e() variants.
  • Pro version: It is possible to restrict access to the post or page content view for selected roles. Activate the option at plugin "Settings" page and use new "Content View Restrictions" metabox at post/page editor to setup content view access restrictions.
  • Pro version: Gravity Forms access management module was updated for compatibility with Gravity Forms version 1.8.3. If you need compatibility with earlier Gravity Forms versions, e.g. 1.7.9, use User Role Editor version 4.9.

4.9

  • 19.01.2014
  • New tab "Default Roles" was added to the User Role Editor settings page. It is possible to select multiple default roles to assign them automatically to the new registered user.
  • CSS and dialog windows layout various enhancements.
  • 'members_get_capabilities' filter was applied to provide better compatibility with themes and plugins which may use it to add its own user capabilities.
  • jQuery UI CSS was updated to version 1.10.4.
  • Pro version: Option was added to download jQuery UI CSS from the jQuery CDN.
  • Pro version: Bug was fixed: Plugins activation assess restriction section was not shown for selected user under multi-site environment.

4.8

  • 10.12.2013
  • Role ID validation rule was added to prohibit numeric role ID - WordPress does not support them.
  • Plugin "Options" page was divided into sections (tabs): General, Multisite, About. Section with information about plugin author, his site, etc. was moved from User Role Editor main page to its "Options" page - "About" tab.
  • HTML markup was updated to provide compatibility with upcoming WordPress 3.8 new administrator backend theme "MP6".
  • Restore previous blog 'switch_to_blog($old_blog_id)' call was replaced to 'restore_current_blog()' where it is possible to provide better compatibility with WordPress API. After use 'switch_to_blog()' in cycle, URE clears '_wp_switched_stack' global variable directly instead of call 'restore_current_blog()' inside the cycle to work faster.
  • Pro version: It is possible to restrict access of single sites administrators to the selected user capabilities and Add/Delete role operations inside User Role Editor.
  • Pro version: Shortcode [user_role_editor roles="none"]text for not logged in users[/user_role_editor] is available. Recursive processing of other shortcodes inside enclosed text is available now.
  • Pro version: Gravity Forms available at "Export Entries", "Export Forms" pages is under URE access restriction now, if such one was set for the user.
  • Pro version: Gravity Forms import was set under "gravityforms_import" user capability control.
  • Pro version: Option was added to show/hide help links (question signs) near the capabilities from single site administrators.

4.7

  • 04.11.2013
  • "Delete Role" menu has "Delete All Unused Roles" menu item now.
  • More detailed warning was added before fulfill "Reset" roles command in order to reduce accident use of this critical operation.
  • Bug was fixed at Ure_Lib::reset_user_roles() method. Method did not work correctly for the rest sites of the network except the main blog.
  • Pro version: Post/Pages editing restriction could be setup for the user by one of two modes: 'Allow' or 'Prohibit'.
  • Pro version: Shortcode [user_role_editor roles="role1, role2, ..."]bla-bla[/user_role_editor] for posts and pages was added. You may restrict access to content inside this shortcode tags this way to the users only who have one of the roles noted at the "roles" attribute.
  • Pro version: If license key was installed it is shown as asterisks at the input field.
  • Pro version: In case site domain change you should input license key at the Settings page again.

4.6

  • 21.10.2013
  • Multi-site: 'unfiltered_html' capability marked as deprecated one. Read this post for more information (http://shinephp.com/is-unfiltered_html-capability-deprecated/).
  • Multi-site: 'manage_network%' capabilities were included into WordPress core capabilities list.
  • On screen help was added to the "User Role Editor Options" page - click "Help" at the top right corner to read it.
  • Bug fix: turning off capability at the Administrator role fully removed that capability from capabilities list.
  • Various internal code enhancements.
  • Information about GPLv2 license was added to show apparently - "User Role Editor" is licensed under GPLv2 or later.
  • Pro version only: Multi-site: Assign roles and capabilities to the users from one point at the Network Admin. Add user with his permissions together to all sites of your network with one click.
  • Pro version only: 'wp-content/uploads' folder is used now instead of plugin's own one to process file with importing roles data.
  • Pro version only: Bug fix: Nonexistent method was called to notify user about folder write permission error during roles import.

Click here to look at the full list of changes of User Role Editor plugin.

FAQ

- Does it work in multi-site environment?
Yes, it works with multi-site installation. By default plugin works for every blog from your multi-site network as for locally installed blog without multi-site feature.

URE Multi-site feature

URE Multi-site feature


To update selected role globally for all Network you should turn on the “Apply to All Sites” checkbox.

- How to duplicate my custom created roles from main blog of my multi-site network to new created one?
“User Role Editor” makes it for you automatically. As new blog added to your network, “User Role Editor” copies full roles staff from your main blog to the new created one.

- Why administrators of single site of multi-site network do not see “User Role Editor” under “Users” menu?
URE is disabled for single site administrator by default. If you wish to enable it for single site adminitstrator add this line of code into your blog wp-config.php file

define('URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE', 1);

- I have large multi-site network. After click “Update” button with “Save to all sites” checkbox turned on nothing is happened. I got the blank page.
It is PHP script execution time limit problem. Other network update method is available as alternative from version 3.5. Due to my tests it works approximately 30 times faster. Try it. It will be great, if you share your experience with me. In order to select alternative method of all sites update add this line to you blog wp-config.php file

define('URE_MULTISITE_DIRECT_UPDATE', 1);

It does nothing automatically, just select other algorithm when you press “Update” with “Apply to All Sites” checkbox turned on next time.
If you define WP_DEBUG equal to 1 or true constant in wp-config.php file, URE with this directive shows update execution time in milliseconds as additional technical information.

- How to edit “Administrator” role? I don’t see it in the roles drop down list.
“Administrator” role is hidden from the roles drop down list by default.
You can see/edit “Administrator” role starting from version 3.4. Insert this line of code

  define('URE_SHOW_ADMIN_ROLE', 1);

into your wp-config.php file and login with administrator account for that.
If for any reason your “Administrator” role missed some capabilities added by plugins or themes, you can fix that now. But be careful with changing “Administrator” role, do not turn off accidentally some critical capabilities to not block your admin users.

- Does it work with WordPress versions prior 3.0?
Starting from version 2.2 plugin works with WordPress 3.0 and higher only. For earlier WordPress versions use plugin version 2.1.10

download

I am ready to answer on your questions about this plugin usage and help with possible problems. Use User Role Editor plugin forum or this page comments and site contact form for that please.

Thanks,
Vladimir ShinePHP.com

Tags: , , , ,

  • Bea

    Excellent .. Thanks so much again.

    Free version – apply to all sites — does this apply to created sites already – ie does it also apply to any newly created sites After the creation

  • jimlongo

    Hi, thanks for this plugin it works great right out of the box.
    Question: how could I add a custom_capability that allowed a certain role to be able to edit menus but no other aspects of Appearance?

  • http://shinephp.com/ Vladimir Garagulya

    WordPress uses the same capability ‘edit_theme_options’ for all those menu items. It is not possible with just adding new custom capability. Look on the “Admin Menu Editor” plugin. It allows to change capabilities assigned to the menu items. So you may assign new custom capability to selected menu item.

  • http://shinephp.com/ Vladimir Garagulya

    I missed somehow your question…
    Free version has the feature – any new created blog gets all roles from the main blog automatically.

  • Abrar Kaderin

    awesome.. thanks a lot.. just as i wanted.. :D

  • Harmeet

    hi every one i want to set editor can add pop up plugin pop with fancybox http://wordpress.org/plugins/popup-with-fancybox/ how it’s possible

  • greekdish

    WordPress v3.8…I do not see the Apply to All Sites checkbox at the top.

  • http://ssnet.org/ Inge Anderson

    Thank you for linking to this FAQ right in the Network-Admin interface for this plugin! And thanks for a great plugin!

  • Miguel A.

    Got the Administrator in the drop-down menu after modifying wp-config.php, and both edit_users and add_new_users is checked off, yet I still can’t do either. Please help! Thanks!

  • http://shinephp.com/ Vladimir Garagulya

    What do you try to achieve?

  • Miguel A.

    Administrator role to be able to add new users (not just existing) and edit roles of users within the child site of a network.

  • http://shinephp.com/ Vladimir Garagulya

    create_users capability allows to add new users. Why do you play with capabilities? They all should be included into administrator role.

  • Henk Petter

    Hello Vladimir,
    When i want to add a role or a capability no pop up window appears. Just the button glows up white but nothing happens. I am running a multisite network and have made myself Network Super Admin using User Role Editor. Can you tell me what to do?

  • http://shinephp.com/ Vladimir Garagulya

    Hi,
    User Role Editor uses jQuery to show add role dialog. If pop up dialog window does not open some JavaScript error took place probably. Please check JavaScript console at your browser. The probable reason – conflict with some other plugin.

  • M

    Hello Vladimir – WordPress Contributors can edit their own profile which will then show up on their profile page. I’d like them to Not have that capability, so I can add and modify and control it only as admin. How do I do that? Thanks!

  • http://shinephp.com/ Vladimir Garagulya

    Hi,

    Do you wish hide “Profile” menu item from them or just block selected profile input fields for editing and leave ability to change password, for example?

  • M

    I’d like to try either option – I could use them both.

  • http://shinephp.com/ Vladimir Garagulya

    OK. I will prepare and publish this weekend special post about how to achieve that.

  • http://shinephp.com/ Vladimir Garagulya
  • Bodhi McGee

    Hello, a pre sales question. Can i create a new user role and then hide specific plugins from all other roles? eg. you dont want to show “Hello Dolly” plugin to users except your custom one, but you want all users to still have access to the rest of the Plugins in admin menu. Possible? Thanks, Bodhi

  • http://shinephp.com/ Vladimir Garagulya

    Hello,

    If you need to hide for some role the specific submenu or menu item added by plugin, it is possible with some additional code, like this
    http://role-editor.com/restrict-access-wordpress-widgets-area/
    I may help you customize it for specific plugin under the terms of Pro version support.
    Or you may look on the “Admin Menu Editor” plugin, which you may use in conjunction with User Role Editor.

    Regards,
    Vladimir.

  • http://www.canuckseo.com/ Jim Rudnick

    Am giving this plugin a try…but it appears that no matter how I try to DELETE a role – it appears in the dropdowns forever. What am I missing? Oh, latest WP and running the Fundify Crowdfunding theme with Stripe payments by EDD….they recommended I give the plugin a try…

  • Daniel Griffin

    Hi, please could you respond to my question on the support forum. (adding new pages) Thanks.

  • http://shinephp.com/ Vladimir Garagulya