User Role Capabilities

User Roles

  • Owner: Automatically has all permissions. There can only ever be one owner, the owner cannot be deleted
  • Admin: Has all permissions, except being able to transfer ownership of the blog
  • Editor: Has permissions to manage their posts, and the posts of authors. Also has permissions to add and edit author users.
  • Author: Has permissions to create and edit their own posts, and their own user details
  • No-Auth: User who is not authenticated - i.e. a reader on the blog

Capability breakdown

Capability Administrator Editor Author Non-Auth
Overall User Interface
view ‘Settings’ in admin menu X X    
view ‘Your Profile’ in user menu X X X  
edit ‘Your Profile’ in user menu X X X  
Settings
view general blog settings X      
edit general blog settings X      
view users settings X X    
Users
invite users X A*    
revoke invites to users X A*    
view other users X A*    
edit other users X A*    
delete other users X A*    
Roles
browse X X X  
Roles Users
add admin X      
add editor X      
add author X X    
assign X X (role = author)     
Tags
view X X X X
browse X X X X
edit tags X X    
add tags X X X  
delete tags X X    
Content List
browse all posts X X    
browse own posts X X  
Posts
create new posts X X X  
publish posts X X X  
edit own posts X X X  
edit other’s posts X X    
delete own posts X X X  
delete other’s posts X X    
Slugs
generate X X X  
Database
import content X      
export content X      
delete all content X      
Notifications
browse X      
add X      
delete X      
Mail
Send X      
Send test mail X      
X – Yes
A* – Authors only


Owner Special Rules

  • There can only ever be one owner
  • Owners cannot be deleted or have their role downgraded
  • Owners have a single additional capability, to transfer their ownership to another user. If this is done, the owner becomes an administrator.