WordPress FAQ: User Roles Confusion

I’ve seen the roles list in the User page. But what’s the difference between an Author and a Contributor?

There are five built in roles in WP2.0+. These roles, Administrator, Editor, Author, Contributor and Subscriber compartmentalize most of the groups of functionality in WordPress.

Naturally, Administrators can do everything. If you own a multi-author blog, chances are you want to be the admin and assign everyone else lower permissions. Administrators have appropriate permissions to change themes, activate/disactivate plugins, set global blog options, etc.

Editors, assume post-level management. As in a newsroom, editors don’t worry about the lights and the cameras. They are worried about the copy. To that end, editors have the right to manage post-related stuff. They can add their own, edit their own or delete their own – but more than that, they can edit or delete other peoples posts.

For authors, the assumption is that they are staff writers and are allowed to write whatever they want, whenever they want. Not only can they write stories, but they have the authority to publish them without review as well.

Contributors tends to work well on blogs where user generated content is welcome. People can submit their own stories but in the end, they cannot publish without an Editor. Editors or Administrators have the ability to go review the Contributor’s work and decide whether to publish or not.

Subscribers have no blog-level abilities. The benefit to subscribers is that, among other things, they can prepopulate the comment forms on the blog. Some blogs also require registration to comment. Subscribers are readers with a username and password – that’s it. No more. No less.

A word about User Levels

Some older plugins continue to use User Levels to handle permissions. User LEvels is a legacy item from the WordPress <1.5 days. It has been deprecated which means that while it is still in the core, the realism is we are two majore releases beyond 1.5 and User Levels will not be around forever. It is simply maintained for backwards compatibility. Anytime User Levels is mentioned in regards to WP, your warning flags should go up.

Of course, there is a fantastic plugin out there that allows a blog owner to modify existing roles and capabilities or even add other roles and capabilities. If the five solutions out of the box don’t quite work for you, you can change it up.

For more information on Roles and Capabilities, you might want to take a stroll through the Codex page.

Aaron Brazell

Aaron Brazell is a Baltimore, MD-based WordPress developer, a co-founder at WP Engine, WordPress core contributor and author. He wrote the book WordPress Bible and has been publishing on the web since 2000. You can follow him on Twitter, on his personal blog and view his photography at The Aperture Filter.

4 thoughts on “WordPress FAQ: User Roles Confusion

  1. Oh god… Bloody user levels…

    I don’t doubt that you know exactly how cack a time I had making sure that the right users had access to the appropriate admin areas in that plugin what I wrote…

    It burns my eyes to read about user roles in WP, but thanks for the guide all the same… I’ll be sure to refer to it in future :)

  2. It’s nice to be reminded that Subscribers are just “readers with a username and password – that’s it. No more. No less.”

    I get about 10-25 new subscribers every day among my lot of blogs. I don’t require it for commenting and use Feedburner to collect emails for subscription by email.

    Most subscribers seems to be spam drug selling .com domains or with .ru domain extension

  3. HART,

    If you get primarily spammers registering as Subscribers, why not just turn off the ability to register? As long as you don’t require registration to comment, it won’t stop people from commenting. And as you can see, spammers are willing to register to requiring registration to comment doesn’t stop spam!

Comments are closed.