[wp-trac] [WordPress Trac] #39174: Introduce network roles
noreply at wordpress.org
Thu Dec 8 02:00:46 UTC 2016
#39174: Introduce network roles
Reporter: flixos90 | Owner:
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Role/Capability | Version:
Severity: normal | Keywords:
Focuses: multisite |
We have been discussing introducing network roles during multisite office-
hours several times. The original concept for roles on
multisite/multinetwork was the following:
''Site Administrator < Network Administrator (currently also called "Super
Admin" < Global Administrator < Super Admin (special access via
`$super_admins` global, has all capabilities automatically)''
This ticket is about network roles in particular, but we need to figure
out the entire concept we'll be going with beforehand.
After the initial discussions which happened several weeks ago, I started
playing around with that idea and created a plugin with network roles
which is available at https://github.com/felixarntz/wp-network-roles. The
details on that plugin are described in this Google doc (and are probably
worth reading to understand the following discussion better):
I just had a long conversation with @johnbillion around this topic where
we agreed on some ideas, disagreed on others, were entirely unsure about
others. The following bullet points sum up what we talked about / which
questions we raised.
* The original idea of network roles was that these roles behave similar
to regular site roles: They all have a set of capabilities they can
perform. These capabilities can apply to either the site or network level.
This allows for roles like the current "Super Admin" / "Network
Administrator" that has access to everything a site administrator has, but
also to any network admin functionality - however it also allows for roles
like a possible "Network Editor" which would be the same as if a user had
the "Editor" role on every site of the network.
* Should we support both of these concepts? Or should network roles
only affect the actual network admin area? If the latter, which roles
would we even need in Core itself (in addition to the "Super Admin" /
"Network Administrator")? This decision would also affect whether we
should support inheritance of network capabilities to site capabilities or
whether network roles would just be additional kind of roles for a user.
An example to clarify:
* First approach: The "Super Admin" / "Network Administrator" has
all the capabilities a regular site administrator has, plus the network
admin area capabilities (like `manage_network` or
`manage_network_options`), so they automatically behave as if they were a
site administrator on every site in the network.
* Second approach: The "Super Admin" / "Network Administrator"
role only has network admin area capabilities (like `manage_network` or
`manage_network_options`), so the user also needs to have the site
administrator role for each site they want to access. (probably not?)
* If we support inheritance, can we handle the two kinds of roles
together? A "Network Administrator" that has access to the network admin
area is conceptually a bit different from a "Network Editor" who can only
access all site admin areas on that network. If we find solid descriptive
names, we're probably good here. For example, instead of having a "Network
Administrator" being the role where one can access the network admin and
at the same point be an administrator on all the network's sites, maybe
that role should rather be called "Network Manager", while "Network
Administrator" is a different role which basically means that user is an
administrator on all the network's sites, but cannot access the network
* We would certainly need to handle that in a slow migration path: If
we introduce a network role system with a predefined set of capabilities
in let's say 4.8, we write a dev-note at the same time that tells plugin
authors that they now need to add their custom capabilities to the new
network role because that role no longer automatically can do anything. At
this point however we still keep the current super admin functionality in
sync so that the role actually still can do anything. We wait until 2-3
releases later to actually remove the sync thing, which means we get rid
of the `site_admin` network option and from that point on use
`is_super_admin()` and `get_super_admins()` only to retrieve users
specified in the `$super_admins` global.
* Is this the right approach at all? Currently the "Super Admin" /
"Network Administrator" can do "anything but..." rather than having a
predefined set of capabilities. While we can address that with a migration
like described above, we still need to think about whether it _is_ the
right way to do it. Maybe we need a concept like "Role X can do anything
under certain circumstances unless specifically denied".
* How should we handle Multisite / Multinetwork? Multisite is the "easy"
thing here - for all of the changes here we need to consider Multinetwork
especially, even though it is not really supported by Core at this point.
* What do we think a "Super Admin" is? Is that a network administrator
with specific capabilities, is it kind of a global administrator or is it
a special thing that can do anything, thus not having a predefined set of
capabilities? Core itself doesn't really know what a super admin is at
this point. In most setups it is a network administrator / network manager
as it's stored in a network option. But if you use the `$super_admins`
global, it suddenly turns into some kind of a global administrator. Which
of the two are we going to stick with for that terminology?
* Can we rename the term "Super Admin" at all (in terms of BC)? It would
probably become either "Network Administrator" or "Network Manager"
depending on the approach. If we can't rename it and keep the name for the
"network administrator" role, how are we going to handle the higher role
This will likely become a feature project, but this ticket is for more
Ticket URL: <https://core.trac.wordpress.org/ticket/39174>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac