[wp-trac] [WordPress Trac] #36939: Role groups
noreply at wordpress.org
Wed May 25 02:17:48 UTC 2016
#36939: Role groups
Reporter: johnjamesjacoby | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Role/Capability | Version:
Severity: normal | Keywords: 2nd-opinion
WordPress's roles & capabilities API has support for allowing users to
have multiple roles, and recent improvements to the Users list table have
helped improve the administrator experience a bit by showing all roles
rather than just the first one for each user.
I think what makes multiple user-roles confusing (or maybe less valuable)
is that WordPress by itself does not directly benefit from allowing users
to have multiple roles, because the existing roles are designed to blanket
all of WordPress's bundled functionality.
I'd like to propose the introduction of Role Groups, as a layer that lives
one layer above the main `WP_Roles` object to allow for groups of roles to
be registered, enabling for users to have at least 1 role from each role
* You install bbPress, and Bob cannot publish posts but can moderate the
* You install WooCommerce, and Jane can contribute posts to the blog, and
can also buy items from the store
* You install BuddyPress, and while Chris can administrate posts, pages,
and media, he cannot moderate the community
In the above scenarios, each of these plugins would register their own
role groups, and any user could easily have 1 role for each "section" of
the same 1 WordPress site.
How could WordPress core use this?
* Create a role group for Posts, Pages, Media, Comments, and Users
* Ones ability to Edit posts should not assume they can moderate comments
* Ones ability to moderate comments should not assume they can publish
* Ones ability to upload media & attachments should not assume they can
* Ones ability to edit an existing user should not assume they can upload
How does this complicate things?
Depending on how deeply this is implemented, potentially greatly, or not
at all for vanilla WordPress installations.
* If we keep WordPress's built-in roles identical to how they are today,
they become 1 role group that grants access to Posts, Pages, Media,
Comments, and Users; then plugins can define their own role groups, and we
make sure WordPress has an adequate interface for assigning multiple roles
for each user.
* If we separate WordPress's roles into groups for each object type,
backwards compatibility is a huge issue, as well as how confusing does it
make granting access and assigning default roles for each group.
* We may be able to remove the "Default Role" setting UI entirely, and
leave it to plugins to reopen this functionality for improved support for
What do we do now?
Let's talk this through, decide if it's worthwhile, and maybe work towards
something viable. Much of this can happen without much (if any)
modification to WordPress core. Worst case, we uncover more areas of
WordPress that can be improved to support multiple roles per user, and
address those in separate tickets. Best case, we make the existing roles &
capabilities API more plugin-friendly.
Ticket URL: <https://core.trac.wordpress.org/ticket/36939>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac