Introducing Role Scoper for WordPress
Intro to WordPress Roles · Role Scoper Description · Acknowledgements · Download · Usage Guide · News
WordPress: Capabilities, Roles and Wish Lists
Whenever you access a WordPress site, the software considers what you are trying to do: read a post, edit a page, manage categories. Most sites allow you to read posts and pages without logging in. Any other operation you may request is permitted only if your user definition (as identified by login name and password) includes a corresponding capability.
For administrative convenience, WordPress bundles capabilities into collections called roles. By default, these roles are:
Subscriber:
- read published posts and pages
Contributor:
- all Subscriber capabilities
- contribute a post (for review by editor), and edit it before publication
Author:
- all Contributor capabilities
- contribute a post, publish/unpublish/edit it, and moderate its comments
Editor:
- all Author capabilities
- contribute/publish/unpublish/edit any user’s post
- contribute or edit any page
- manage all categories and moderate any comment
- read posts and pages which are marked “private”
Administrator:
- all Editor capabilities
- define users and assign them roles
- configure all site options
This role configuration works well for WordPress’ conventional application as a single-user blog. But what if you want someone to contribute their own pages without editing other’s post or pages? Or maybe some users should edit other’s posts without being able to edit pages at all. The current solution is to use an existing plugin like Role Manager to either redefine “Editor”, or create a cloned “Special Editor” role, moving existing Editors to it as needed. As plugins come on board with additional capabilities, the role permutations increase. This one-role-per-user paradigm makes for simple source code and queries, but as a site shifts from single-user blog to multi-user CMS, role creation / editing is inconvenient for both developer and site administrator.
If you manage to successfully define and assign custom roles for your WordPress CMS, soon you will wonder how to grant reading or editing capabilities for multiple subsets of posts or pages. On your WordPress-powered high school news site, how can you enable someone to post only to the “Sports” category? On your corporate intranet site, can you conveniently enable members of HR to edit existing and future personnel policy pages (but not the engineering best practices pages)? Can you enable someone to create a new page, but specify a subset of “parent” pages it can be linked to? Can all these content-specific roles be administered on a sectional basis, or must someone edit/administer the whole site or nothing?
By default, WordPress doesn’t have a good answer to those CMS dreams, regardless of any custom roles you may define.
Some past and current WordPress plugins (Limit Categories, Category Visibility, Post Levels, Restrict Pages, Disclose Secret, WP-Group-Restriction) have dealt with pieces of this permissions puzzle. Using them, I appreciated a multitude of useful features. Yet as I tried and tried again to combine and configure this plugin assortment to meet all my WordPress CMS aspirations, there was always a missing piece.
Enter Role Scoper
Role Scoper is a comprehensive enrichment for capability enforcement and administration in WordPress. Assign reading, editing or administration roles to users or groups on a page-specific, category-specific or other content-specific basis.
Role Selection Boxes in Edit Post / Page Form (note: for basic usage, this is all you need to deal with):
screen shot: Role Assignment Tabs in Edit Post
screen shot: Role Assignment Tabs in Edit Page
Optionally, define User Groups for subsequent Role Assignment:
screen shot: Edit User Group
Each User’s WordPress role is honored by default, but can be:
- supplemented with content-specific role assignments
- disregarded if the role is restricted for the requested content
screen shot: Scoped Roles in User Profile
Set Category Restrictions to block reading/editing access for users who have a specified WordPress role but no corresponding Role Scoper role (note, post/page restrictions also available):
Assign Category Roles to expand reading or editing access:
^ click to examine Category Roles User Interface (sample html)
Scoped role restrictions and assignments are reflected in every aspect of the WordPress interface, from front end content and navigation to administrative post and comment totals.
Additional features:
- Propagation of Roles or Restrictions to subcategories / child pages
- Default Restrictions, Default Roles and Default Groups automate admin tasks
- Hidden Content Teaser: choose whether unreadable front-end content is hidden or replaced with a customizable teaser
- Role Administration Aides: Post/Page role assignment UI indicates where users have a role implicitly via WP role, category role or group membership. (Made possible by a new role storage schema and users_who_can function).
- Pending Revisions enable Contributors to edit a published post/page, with the change held for review by an administrator update: Pending Revisions are now handled by the Revisionary plugin.
- Internal File Cache limits Role Scoper’s database query overhead
- Attachment Filtering prevents direct file access to your uploaded images/documents if the user can’t view the containing post/page
- Plugin API allows other plugins to define their own data sources, taxonomies, capabilities and content-specific roles
- User Customization of Role Definitions (add or remove applicable capabilities for each content-specific role)
Although Role Scoper’s default configuration is ideal for most sites, its functionality and sphere of influence is highly customizable to match your usage.
^ click to examine Role Scoper Options User Interface (sample html)
Due to its abstract data model and API, Role Scoper can be extended to bring content-specific access control to other plugins which define and check WordPress capabilities. The resulting plugin-specific roles will supplement any other assigned roles; there is no need to merge all capabilities into an all-inclusive role.
Role Scoper has been a stable release since March 2009, with over 200,000 downloads. This plugin is open source software released under the General Public License (GPL). Due to limitations, obligations and non-technical aspirations common to most human beings, I will probably never again donate unpaid plugin development on the scale Role Scoper has required. However, I do plan to provide some free support, correct bugs which emerge and revise the plugin for future WordPress versions. If it adds value to your website or saves you time and money, you can express appreciation in several ways:
- Download Role Scoper and try it out on your WP 3.0+ site. (legacy version for WP 2.7-2.9 also available).
- Add your own vote to Role Scoper’s plugin rating
- Submit technical feedback, including improvement requests.
- Submit a case study, explaining how Role Scoper helps you do something excellent and praiseworthy.
- If the plugin has seriously broadened your CMS horizons,
- If you are a seasoned web developer, grant me your professional opinion on how this work stacks up and how I might best make a sustainable career of it.
- Hire or refer my services to develop or enhance your site - quality care at reasonable rates.
Posted: May 15th, 2008 under News, Role Scoper, WordPress Plugins.
Comments: 428
428 Responses to “Introducing Role Scoper for WordPress”
Pages: « 11 10 9 8 7 [6] 5 4 3 2 1 » Show All
Time: January 11, 2010, 12:48 pm
[...] más el rizo asignando capacidades a usuarios dependiendo de la categoría, puedes combinarlo con Role Scoper, que añade esta funcionalidad, u optar por Flutter, que además permite crear paneles de escritura [...]
Time: January 7, 2010, 11:30 pm
Yeah, actually I added a Role Definition by myself in "WP-admin>>Users>>Role Groups>>Create New Group".
And I input the Group Name with [] surrounding the characters like "[WP Privite Reader]". I also found a strange thing that the system seemed to delete the “[]” that I added, leaving the characters alone. I don't know whether this is the point of the problem.
And I would encounter this error, if I selected any option of "Reader>>Grops>>eligible groups>>" , no matter which one, even the default Role Definitions created by WP itself like "/[WP Administrator]/".
All above is what I did and got, hope that can be of help. If there are still what you wanna know clearly, pls just reply me.
And thanks for your work. 
Time: January 7, 2010, 4:03 pm
yuanjin,
I'm going to need some help duplicating that symptom. Have you customized your Role Definitions or Role Scoper Options at all?
Time: January 7, 2010, 1:06 pm
Hey, Kevin!
Feel so good to be here. I am a beginner of WP, and I just installed RS to my site. Everything seems great. However, when I posted a new article after setting the right to read, I just encountered the following error information from my server: ===================================================== Warning: array_keys() [function.array-keys]: The first argument should be an array in /home/goleng/public_html/wordpress/wp-content/plugins/role-scoper/admin/role_assigner_rs.php on line 101
Warning: array_keys() [function.array-keys]: The first argument should be an array in /home/goleng/public_html/wordpress/wp-content/plugins/role-scoper/admin/role_assigner_rs.php on line 101
Warning: Cannot modify header information - headers already sent by (output started at /home/goleng/public_html/wordpress/wp-content/plugins/role-scoper/admin/role_assigner_rs.php:101) in /home/goleng/public_html/wordpress/wp-includes/pluggable.php on line 868 ===================================================== Yet, the post was published successfully when I turned back to the Edit Page, as I could see it in the list. So I have no idea what to do with this, and I did not get much useful through Google. Would you please give me some advice?
Thanks!
Time: December 21, 2009, 8:09 pm
My problem solved. Role scoper is the best plugin for multi-author blogs. Best choice. Right plugin to do the right stuff.
Time: December 19, 2009, 10:04 pm
WordPress Developers Challenge for role management.
Time: December 17, 2009, 12:23 pm
Michael,
I'm not sure if you want to check for a blog-wide role assignment or for a page-specific role assignment. Can you please take this to the support forum?
Time: December 17, 2009, 12:20 pm
nirok,
If you give your users a WP role of Subscriber, they will only see category checkboxes for the Category Roles you've given them.
If they must have a higher WP Role, you'll have to set a Category Restriction on the Post Contributor and Post Author role.
Time: December 17, 2009, 12:16 pm
Steve,
I assume you mean the "Roles" and "Restrictions" columns in the Edit Posts / Edit Pages listing. An option to disable those is one of the many new features in the Role Scoper 1.1 Release Candidate.
Time: December 17, 2009, 11:50 am
Hi Kevin,
Thanks for the great plugin.
I was wondering if there was a way of removing the extra columns added to the Wordpress UI when editing a new post/page.
Thanks!
Time: December 9, 2009, 4:18 pm
having fun with this plugin. However, I have a query regarding a custom theme.
Is there a way to programatically check a user is in a specific (role scoper defined) role?
I basically want to add a menu item if the user has the rights on a specific page
cheers Michael
Time: December 8, 2009, 6:47 pm
Great plugin ! I have asigned some users to only a category to write posts in. Is there a way within the new post editor to hide or disable the user from selecting more than just there category? I know once they post it will only select the permitted category to post the post in, however to prevent confusion from users it would be great if these categories could be hidden… the area i'm thinking of in the post editor is where you can select the boxes as to what category you want the post to be posted in
Thanks
Time: December 4, 2009, 8:40 pm
[...] having a lot of fun playing with a plugin called RoleScoper. This is pretty cool — it allows you to create your own WordPress roles and exercise [...]
Time: November 24, 2009, 7:10 am
[...] we wanted to give them limited permission for working with pages. Role Scoper seems to be the standard plugin for adding more permissions capabilities. It has a lot of [...]
Time: November 12, 2009, 5:54 am
[...] functionality that we will use to limit their access, but we want more limiting capabilities. The Role Scoper plugin looks like it should be great for that. I haven't looked too in depth into it. [...]
Time: November 11, 2009, 11:47 am
genim,
It might be a permissions issue with your wp-content/cache folder. Some have claimed that PHP 4.x has a filemtime bug. If all else fails, you can always go to Roles > Options and turn off the Internal Cache.
Time: November 11, 2009, 11:00 am
hello… i got this error on some of my page…
Warning: filemtime() [function.filemtime]: stat failed for /hermes/web09/b2742/pow.richardyh/htdocs/thegembank/wp-content/cache/77b2c55d21262a06dca874c33b0a414f/rs_get_pages_for_user/09adf1a41b742844c55e03b387dc4188.php in /hermes/web09/b2742/pow.richardyh/htdocs/thegembank/wp-content/plugins/role-scoper/hardway/cache-persistent.php on line 378
i can't a way out by just analyzing the code…
Time: November 5, 2009, 6:40 pm
Marc, No, there's nothing about RS' design that would make me expect that to happen. I've been working on better MU compatibility lately and plan to do some development time in tomorrow. Will plan to diagnose your issue then.
Time: November 5, 2009, 3:59 pm
Hello Kevin!
I'm experiencing a weird issue with Role Scoper 1.0.8 with WordPress MU 2.8.4. Most of my users have the role "Page/Post Contributor" with post revision activated. When user are registered to one blog only in my WP MU installation, everything works as I want to. However, as soon as I add them to another blog, they no longer can add a new page. When they click on "Add page", they are redirected to the dashboard of their primary blog.
Any idea why?
Thank for helping us out! Marc-Olivier
Time: November 4, 2009, 1:14 pm
Changes to the role/capability model in WP 2.9 are quite minor and do not pose any problem for Role Scoper. I will be testing for overall 2.9 compatibility soon.
Time: November 4, 2009, 1:22 am
Will this plugin work for 2.9? I understand that there are changes to the user capability table
Time: October 29, 2009, 2:51 am
[...] Role Scoper [...]
Time: October 23, 2009, 11:58 am
Hello,
I found this very interesting forum and hope I will find an answer here. For the moment I did not install this plugin, but if i find the answer to my question, hope to use it as soon as possible. I read George Snyder comment about the multilanguage qtranslate plugin, (I'm using the same, installing a new version for my website).
A question: Is it possible to block/unblock the editors/authors language possibility? I try to explain better: With this plugin every author could post in every language, is it possible to create an english language authors, who could not edit/post in french or other languages? Or just a single language contributor? Or a contributor who could post in 2languages.
Sorry for my english. Hope somebody uses qtranslate and can answer to me.
Thanks
Time: October 16, 2009, 8:11 am
[...] on 16th October 2009: Finally I found a plugin named Role Scoper, which was claiming to have the similar functionality means restriction over users etc. Got it [...]
Time: October 15, 2009, 11:28 am
Madhi,
The simplest solution would be to remove the "manage_categories" capability from your Editor role. You can do this with the Capability Manager plugin.
If you only wanted to prevent them from editing/deleting certain categories, you could restrict the Category Manager role for those categories (Restrictions > Categories). But they could still edit/delete any tag.
Time: October 14, 2009, 12:58 pm
monbouc,
It sounds like your categories have the Post Editor and Post Author role restricted, but Post Contributor unrestricted. That causes your blog-wide Editors to be demoted to Contributor for the categories in question.
Category Management is based on a different capability (manage_categories), which role scoper handles via restriction / assignment of the "Category Manager" role… assuming you are using the default "Role Type" setting of "Multiple RS Roles" in Roles > Options.
Time: October 9, 2009, 3:58 pm
Hi, Everything is OK and fine with RS. But, I have a problem. My site has some users as editors who add new records to the site. I don't want them to have access to categories and tags to delete them. How may I disable delete from categories and tags or even hide them all from editor's page? Just like author role
Thanks,
Time: October 5, 2009, 11:35 pm
cadeau,
I'm not aware of any French translation yet. Would you like to volunteer? I am currently corresponding with another volunteer to support an Italian language file.
Time: September 24, 2009, 12:17 pm
[...] I gave up and I went back to the usual blogging I found that Role Scoper allows you to give edit access to each post to any user. And that's it. That's what [...]
Time: September 17, 2009, 2:18 pm
Levani,
You're probably going to have trouble uploading files due to your server restrictions (unrelated to Role Scoper). At least, you won't be able to use the normal year/month upload subdirectory structure.
But to eliminate those warnings, edit role-scoper.php as follows:
change:
$upload_info = wp_upload_dir();
to:
//$upload_info = wp_upload_dir();
Time: September 17, 2009, 6:15 am
I get this error after activating the plugin:
Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/home/answersg/public_html/wp-content/uploads/2009/09) is not within the allowed path(s): (/var/www/virtual/answers.ge/:/usr/share/pear/) in /var/www/virtual/answers.ge/htdocs/wp-includes/functions.php on line 1933
Warning: is_dir() [function.is-dir]: open_basedir restriction in effect. File(/home/answersg/public_html/wp-content/uploads/2009) is not within the allowed path(s): (/var/www/virtual/answers.ge/:/usr/share/pear/) in /var/www/virtual/answers.ge/htdocs/wp-includes/functions.php on line 1942
[truncated]
Time: September 15, 2009, 8:14 pm
Hi, and thanks for your great work. Really.
I'm using RS1.0.8 on WP2.8.4 mainly to assign subscribers and editors roles to categories (they just can post and manage posts by category).
Everything works fine except that for the editor role, the WP edit post page lets all the categories defined in the site appear in the categories box, and not only those he's allowed to manage (I have 4 main categories with children categories, with 1 editor assign by main category). Let's note though that whatever he wants to publish in any other category than his ones needs the approval of the concerned editor. And for information, this problem doesn't appear in the WP manage categories page, where only the concerned main category and children appear correctly in the list.
I don't know if this is a RS or WP situation (or one just made up by me, of course). Any suggestion ? Thanks.
Time: September 9, 2009, 5:43 am
thanks for this plugin. It's amazing I was looking for this for a long time thank.. but do you have a french version?
Time: September 7, 2009, 10:50 am
Marc-Olivier,
You should also give those users a General Role of Page Author.
create_child_pages is a supplemental capability defined by RS for use in the "Page Associate" role. Normally, RS prevents the selection as Page Parent of any page which the user can't edit. However, you can selectively override that limitation by giving them the Page Associate role for particular page(s).
Time: August 28, 2009, 4:01 pm
Hello!
Is it possible to remove the interactions and post meta form, if a contributor login? I would like to the contributors can write a post, but i dont want to moderate the comments and i dont want to they can add some meta datas. Thank for your reply.
Time: August 28, 2009, 12:00 pm
Hello! This is a fantastic plugin! Thanks for all this work! I'm trying to make it work for a project, and so far, it is working well, except that my "WP contributors" are unable to create new pages. When a user is logged-in, he can say in pages "Edit" and "Add new", but when he clicks on "Add new", he is redirected to the WP MU main blog. Editing existing pages works (I activated the page revisions). I'm using WP 2.8.4a and Role Scoper 1.0.8 Any idea why? In Role Options / RS Role Definitions, "create child pages" is disabled in "Page contributor", could it be the reason? How can i check it? Thank you for help! Marc-Olivier
Time: August 19, 2009, 8:04 pm
I'm still researching how to implement my ideas and your plugin will be CRUCIAL. Certainly expect a donation from me after I get started. I just wanted to stop and thank you from creating this.
I'm going to use WP and RS to invite hundreds of experts to post a sub-page in my experts directory. They will be able to create and edit their page, but only their page. Now if I could just automatically show their page as a subdirectory on the server.
Thanks.
Time: August 17, 2009, 8:53 pm
This is very wonderful! I only need a small subset of it, but that's the point sometimes, isn't it!? It's well-made enough that I can find *my* small subset, others can find theirs… very nice!
Chris
Time: August 14, 2009, 12:57 am
To allow Contributors to upload media, use the Role Manager or Capability Manager plugin to add the upload_files capability to the Contributor role.
Pages: « 11 10 9 8 7 [6] 5 4 3 2 1 » Show All
Time: January 19, 2010, 4:03 pm
Seems this plugin stopped working in WPMU with the latest upgrade.
Getting this error now:
Fatal error: Call to undefined function get_home_path() in /home/test/public_html/wp-admin/includes/misc.php on line 152
Hopefully you can get an update soon, would love to keep using this plugin for our site.
thanks!