WordPress has its own user role management system, which defines a specific users and their areas of work and their limitations. It’s essential that you should know about the user roles and permissions as your wordpress site grows.
So basically you will find five default user roles when you install WordPress:
Administrator is the only user role that has the full access to your WordPress site.Users with this role has the access to add new posts, edit or delete posts.
They have the credibility for installation and deletion of plugins and themes as well as edit them. But You must know an administrator can add new users to the site, edit users info as well as their passwords and most importantly they can delete any users including other administrators.
Usually this role is reserved for the SIte Owner and it gives you the full control over your wordpress site. On a multi-user wordpress site, you need to be very careful about assigning administrator role to someone.
This user role has the full access over the content section of your wordpress site. They can add, edit, publish and delete any posts including the posts written by others. An editor can moderate, edit and delete comments as well. But they do not have access to your site settings and that’s why they won’t have the permission to install plugins or themes, add new users to the site.
Users with assigned with the author role can write, edit and publish their own posts. They can delete their own posts even if it is published. They can not create new categories while writing posts, though they can choose from existing categories. Users with this role can add tags to their posts.
Authors can view all sorts of comments. But can not moderate, approve or delete any comments. They do not have access to settings, plugins or themes, so they can not change any settings on your site.
Contributors has credibility to add new posts and edit their posts, but they can not publish any posts not even their own. Like author they can not create new categories but can pick from existing ones and can add tags.
The worst part is they can not upload any type of files. They can read comments even the one that needs moderation. Users assigned on this roles can not approve or delete a comment.They do not have access to settings, plugins or themes, so they can not change any settings on your site.
User with this role has the most limited access. They can login to your site, update their profile and change password if they want to. No access to content section as well as the site settings. Its an useful role if they have to login before read any post and comment on it.
This user role is only available for WordPress Multisite Network. Users with this role can add and delete sites on a multisite network. They can install themes and plugins, add users and perform network wide actions on a WordPress Multisite setup.
Customizing existing user roles:
Default user roles of WordPress sites are designed to have permissions that are required by most websites. Perhaps as an example, you run an online news site then you can assign the editor role to your senior staff, author role to junior staff and contributor role to your guest authors. Here subscriber user role can be considered as the site visitor.
This is a default settings for the user roles. But if you want to modify one of the role’s capability in an existing wordpress site, you must be wondering what can be done.
There is one disadvantage about the author role that they can create their own posts and delete them as well. If you want to bring modifications in it. Like the author won’t be able to delete their posts after publishing.
At first install and activate Capability Manager Enhanced. Now Goto Users>> Capabilities.
Next, select the user role you want to edit from the top box in the right column and then click the load button. This will load users capabilities in the boxes on the left.
All you need to do is uncheck the capabilities that you want to remove from that user role. For example, in this case we want to remove the capability to delete published posts from authors. We will uncheck ‘Delete Published’ capability. Once you are done, scroll down to the bottom of the page and click on the save changes button to store your settings.
Creating Your Own Custom Users:
You can create your a custom role in WordPress, you can do that using the same plugins. To create a new role goto Users>> Capabilities.
For example for your online news site you may need someone who can moderate comments. So, in that case you can create a user role that can only moderate comments. Just click on “Create” in create new role section and then select “Moderation Comment” from other wordpress capabilities.