multiple roles for a user

hughestm@wfu.edu
(@hughestmwfuedu)

13 years, 3 months ago

Any particular reason that the UI for WordPress only allows for the selection of one role at a time when the backend functionality allows for the selection of multiple roles?

This is a problem because a plug-in I’m using (Gravity Forms) uses $user->add_role(), which gives the user two different roles. However the Super Admin screen for site details (ms-sites.php) doesn’t know how to handle multiple roles for a given user. It only provides a drop down menu which means single select, not multi-select.

Anyone have any thoughts?

A random note in any WP core developers are reading this, the users.php page doesn’t allow multi-select, however it does handle the information in the database better. If any unknown role is in the database along side a known role, the users.php will display the known role. The ms-sites.php page will show the known role only if it is listed first in the array of multiple roles. If the unknown role is in the first position of the array, then ms-sites.php will set the drop down menu to Administrator. So, if you go to ms-sites.php to make another edit on the page, and you aren’t paying attention, you could accidentally make someone an administrator.

Viewing 12 replies - 1 through 12 (of 12 total)

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

13 years, 3 months ago

Yeah there’s a reason. You get one role, per site.

Remember, on WordPress MultiSite each site is self-contained. Separate. That means, while the userbase can be ‘shared’, the permissions per site are individualized and compartmentalized. So each user gets one role.

As for why does WordPress restrict a user to one role? I have to ask why you would need more than one?

Sounds more like Gravity Forms isn’t quite MultiSite friendly if it’s buggering things up like that.

Thread Starter hughestm@wfu.edu
(@hughestmwfuedu)

13 years, 3 months ago

Actually, I think you aren’t quite understanding all of the WP functionality. Each user is allowed multiple roles per site. If you look at how the function $user->add_role() works, it doesn’t ask for a site. If WP was to restrict a user to one role, why would they create a function that allows the you to add additional roles to a user for a given site.

There is a separate function $user->set_role(), that enforces only one role per user per site, but why have the add_role() if multiple roles aren’t a supported feature.

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

13 years, 3 months ago

You’re confusing roles (i.e. Administrator, Editor, Author, etc) with capabilities.

http://codex.wordpress.org/Roles_and_Capabilities

There’s only ONE sitewide role for WordPress Multisite and that’s “Super Admin”. It has everything an Admin has, and five extra capabilities to manage the site.

You can add roles to make NEW roles. Like I created “Trusted Author” who has the extra capability “unfiltered_upload” Once I assign someone that Role, they have an extra power.

add_role is still Per Site. Yes, the doc doesn’t mention that, but it’s a brain twist about how MultiSite works. Put it in a plugin, and activate that plugin PER SITE. The role created is, also, PER site.

http://codex.wordpress.org/Function_Reference/add_role

Anyway. You use add roles to make NEW roles and assign users to them. Not to make secondary roles. Each user gets one role per site. Each site can define its own rules.

Thread Starter hughestm@wfu.edu
(@hughestmwfuedu)

13 years, 3 months ago

You missed the target again. Look a bit deeper in the source code(http://core.trac.wordpress.org/browser/tags/3.0.4/wp-includes/capabilities.php) and you’ll notice more than one function called add_role. In the WP_USER class there is a function called add_role. This is the one I’m referring to.

This is a function to adds an additional role to the selected user for the given site. So, if I use the add_role function you are referring to, and create a “Trusted Author” role, and can then assign this role, in addition to the standard “Author” role to a user.

I’m not advocating that you should do this, I’m just illustrating that the functionality exists to do this within the constructs of wordpress functions. So, if they didn’t intend on this, why create the function to perform this action. Why not enforce the one role per user per site, which the set_role function inside the WP_User class does.

Thread Starter hughestm@wfu.edu
(@hughestmwfuedu)

13 years, 3 months ago

As an additional reference, although not an official WP reference, check out The Ultimate Guide to Roles and Capabilities. The best way to find the relevant reference is to do a search on that article for “multiple”. There is only one reference, so it should be easy to find.

In case in the future the article is unavailable, here is an excerpt:

WP_User class
This class lets you manage roles and capabilities per user, which means you can assign multiple roles to a particular user, or add a capability to a certain user regardless of his current role.

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

13 years, 3 months ago

Ah. I get the point, but I think it’s a bug (or rather a design flaw). You shouldn’t do that. 🙂 I’ll poke around trac and see why this was rationalized…

Starting with this one… http://core.trac.wordpress.org/ticket/10201

Thread Starter hughestm@wfu.edu
(@hughestmwfuedu)

13 years, 3 months ago

Glad we finally got on the same page. I’d like to add a bit more info to possibly complicate things even more. Continuing to look at the functions available in the WP_User class there is an option to add a capability directly to a user.

I know the traditional model is to think of giving capabilities to a role, and then assign a role to a user, but again, why would there be functions is core to add a capability directly to a user, if this isn’t how it should be done.

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

13 years, 3 months ago

Mostly because it’s management hell to maintain multiple stacks of permissions, in my experience.

Andrea Rennick
(@andrea_r)

13 years, 3 months ago

@hugh go in wordpress-dev in IRC and ask the dev, or file a trac ticket

Mike
(@mobius5150)

12 years, 9 months ago

Hello,

I too am looking for this new functionality. Unfortunately however, despite the fact that the actual backend of WordPress supports multiple roles per user, the front end does not. Furthermore, the WordPress core does not have the actions/filters that would be necessary for plugin authors to create a good easy to use plugin that could add this functionality.

I’ve created a Trac ticket here that would address the issue of missing actions & filters here: http://core.trac.wordpress.org/ticket/17924. Should this ticket be accepted, I will promptly release a plugin that adds this functionality to WordPress.

If you would like to see these features added, please go to the ticket and weigh in on the issue so that we can get a bit of attention from core developers.

lpryor
(@lpryor)

12 years, 7 months ago

I would love to be able to use multiple roles per user. I’d like to be able to have a number of different groups of capabilities — such as creating and managing blog posts, creating and managing pages, other custom post types, moderating forums (I’m using buddypress) and so on, each group of capabilities corresponding to a responsibility on the site. And then I’d like to be able to assign one or more responsibilities to a user. At the moment I have to define a separate role for each possible combination of responsibilities.

landwire
(@landwire)

12 years, 3 months ago

Yes, would love that functionality too and to be able to see on the admin Users screen which roles are assigned (not just the first one!).