Mutlisite-user, change admin permissions?

  • Swedie

    (@swedie)


    15 years, 1 month ago

    Hi! I’ve just discovered and installed the multisite feature on a fresh WP installation to test it out. We have 1 main site and 20+ smaller sites for webmasters in our different districts. They mainly only post pages and update their contents with local news etc.

    To my problem, it appears that any multisite-user can modify themes, plugins etc. I don’t want that! I need to limit the user to only be able to post pages, posts and do things that I specifically let them do.

    Questions:

    1) Can I add a plugin / widget and let a specific usergroup be able to take us of it, but not remove or change the installation in any way?

    2) Deny access to any/all administrative menus in the WP site area? Right now, they are able to Delete their site, which is a big no no and dangerous.

    3) Can I create a global theme that all multisites inherite? So if I make changes in the main site, it is transferred to all?

    That’s all for now. Most important question is 1 and 2.

Viewing 7 replies - 1 through 7 (of 7 total)
  • Roy

    (@gangleri)

    15 years, 1 month ago

    WP already has roles, you don’t have to make every editor an editor, they can also be author or contributor.

    3) Yes, just network activate the theme and all subsites that use the theme will get all the changes.

    Curtiss Grymala

    (@cgrymala)

    15 years, 1 month ago

    1) Yes and no. You can revoke the “install_plugins”, “activate_plugins”, “edit_plugins” (which should already be revoked from the normal Administrator role in a multi-site installation) and “delete_plugins” capabilities from a specific user group, which would stop users in that group from being able to install or remove plugins. For the most part, those users would still be able to modify the settings for most plugins. However, plugins all use different capabilities to determine whether or not the user is allowed to modify the settings (many of them use the “manage_options” capability, but certainly not all).
    2) Yes. Again, you’ll have to do some research and determine which capabilities allow access to which admin areas. Then, you can modify the Administrator role to revoke the capabilities you don’t want it to have.
    3) Yes. Under Super Admin -> Themes, you can determine which themes are available to the site owners. If you only want them to be able to use one theme, you simply need to make sure that no other themes are available. Then, set that theme as the default theme for new sites.

    In order to achieve this, you will need to either install a plugin like Capability Manager or learn how to use PHP code to modify roles to adjust the permissions that an administrator has.

    Thread Starter Swedie

    (@swedie)

    15 years, 1 month ago

    Thanks for the replies.

    The theming question I believe is solved for now. We can leave that.

    When creating a new site and adding an email / creating user. The user that is created, where can I edit its role? The editing of that user only allows to set him / her to Site admin.

    Do I need to install a plugin to manage editing roles of existing users?

    Also, why isn’t the new site user listed on the main site’s “Users” list? Only listed under the network admin page. (same edit screen though)

    Thread Starter Swedie

    (@swedie)

    15 years, 1 month ago

    I know a fair bit of PHP, so I can probably find my way to do the editing manually in the PHP files. Just need to study the WP handbook! But from experience, that’s a last resort. I don’t want to end up in a situation where I update core files (which will happen often) and having to re-apply all my file changes.

    I’ll check out that Capability Manager plugin to see if it suffice.

    Roy

    (@gangleri)

    15 years, 1 month ago

    Swedie, there’s a tab in your left sidebar called “users”, alternally there is “users” link under “super admin”, there you can change roles. I suppose you can also set the default role somewhere, but I’ll have to look into that.

    -> Ah, ‘super admin’ ‘options’
    Dashboard User Default Role Subscriber

    -> Oh, you will like that bit:
    Menu Settings
    Enable administration menus Plugins (check/uncheck)

    Thread Starter Swedie

    (@swedie)

    15 years, 1 month ago

    Maybe 3.1 is a little different. But I found that in order to change user roles you stand on the page which listas users, select the user you want to change role for and choose from the drop down list what they should be changed to.

    Weird that it can’t be changed on the profile page. Would be logical.

    Andrea Rennick

    (@andrea_r)

    15 years, 1 month ago

    Yes, 3.1 is *hugely* different. 😉 Super Admin is moved to Network Admin, all on its own.

    And yes, you need to edit users there.

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘Mutlisite-user, change admin permissions?’ is closed to new replies.