Human beings may be created equal, but admin users–not so much. Some admins know their roles and stick to them, while others behave like over-stimulated children in a toy store, touching everything in sight until something breaks.
In this post, we’ll show you how to use Branda, WPMU DEV’s ultimate white label branding plugin, to customize the default WordPress user role system and put the expensive toys out of reach of your more accident-prone users.
More specifically we’ll be covering:
- Understanding user roles and capabilities
- Customizing WordPress user roles with the Branda white label plugin
- Creating custom menus for each role
- Why give users the power to white label WordPress
Let’s get to it…
Understanding User Roles and Capabilities
Does the person who delivers your mail have a set of keys to your house? Is it OK if the plumber tinkers with the electrical system when he gets tired of repairing the kitchen sink?
The answer in both cases is likely no.
The postman doesn’t need your house key to perform that job, and the plumber should leave electricity to the electrician.
Likewise, it’s a mistake to view user roles as job titles or see them as a hierarchy in which some roles are superior to others.
User roles should be defined by the degree of access required to accomplish a given task or set of tasks.
WordPress User Roles And Capabilities – Good Practices
Good user role policies should:
- Help secure your WordPress site by ensuring users don’t have access to things they shouldn’t.
- Improve workflow by limiting access to unnecessary and distracting features, while funneling users to their assigned tasks.
A capability is a permission to perform one or more types of tasks. Each user of a WordPress site might have some permissions, but not others, depending on their role.
For example, users who have the Author role usually have permission to edit their own posts (the “edit_posts” capability), but not permission to edit other users’ posts (the “edit_others_posts” capability).
WordPress comes with six pre-defined user roles that provide access to various areas of the site:
- Super Admin – a user with access to the site network administration features and all other capabilities.
- Administrator – a user who has access to all the administration features within a single site.
- Editor – a user who can publish and manage posts including the posts of other users.
- Author – a user who can publish and manage their own posts.
- Contributor – a user who can write and manage their own posts but cannot publish them.
- Subscriber – a user who can only manage their profile.
WordPress also provides over fifty capabilities in its role-based access system. Plugins can modify this system.
Practices To Avoid
It’s a mistake to give users access to features they don’t currently require.
For example, you might not want a contributing writer to be able to install plugins. Or you may want contributors to be able to upload files but not edit them.
The goal, then, is to give everyone the access they need and nothing more. WordPress user roles and capabilities give you this option.
As you’ll soon see, removing distracting features from menus is another way to control who can and can’t do things on your site.
This is not something that WordPress lets you do by default, but you can do it by editing code or using plugins.
As every site is a little different, here are some things to think about when assigning user roles:
- Give each user only the level of access they need. This is key for security, so no one can make unapproved changes to configuration settings or accidentally delete content.
- Keep the number of top-level user roles limited. A solid rule of thumb is to stick with one administrator and a few trusted editors. The ‘Author’ role can be assigned to regular content creators who have proven themselves and new or one-time writers can simply be given the role of ‘Contributor’.
- When in doubt, too few permissions are better than too many. It’s very common for sites with multiple backend users to occasionally need someone to step in and help in an area they normally don’t access. WordPress and Branda both make it easy to modify user roles, so giving someone additional authority on a temporary basis is better than giving someone access to functions they may only need once or twice a month.
Customizing WordPress User Roles With Branda
Branding isn’t branding if it’s not custom and consistent.
The problem is, applying custom branding and ensuring consistency when replicating the brand for other purposes is a challenge – especially if multiple sites are involved.
This is where our white labelling plugin can help you, so allow me to introduce you to Branda and tell you a little about her background.
Over a period of several years, WPMU DEV developed plugins to improve admin’s ability to rebrand sites, modify user roles and customize system emails.
In early 2019, our developers began merging those plugins into one super-powerful plugin named Branda.
My, how she has grown, currently boasting more than 480,000 downloads and just over 40,000 active installs.
Branda includes over 30 modules for fully rebranding the WordPress admin area in places your theme can’t – including allowing site admins to customize the features and tools various users can access.
The nuts and bolts of customizing any of Branda’s features, including user roles, are the same for both single sites and multisite networks.
There are differences in the scope of user permissions (as we’ll soon discuss) but other than that, this quick guide works for both single and multisite installations.
How To Control Who Can Modify Branda Settings and Who Cannot
It doesn’t make sense to configure custom user roles and then not secure the plugin that governs these rules.
So the first thing to do is decide which roles should and should not have access to Branda, then configure user permissions accordingly.
Multisite Super Admins have the option to control all of Branda’s features for the entire network or to delegate control to subsites – allowing each to have its own custom roles, branding, system emails, help content, and more.
First, we’ll cover how to enable or disable subsite controls, and then we’ll get into the nuts and bolts of customizing user roles.
If you’re not managing a multisite network, just ignore the section below and go to the ‘Customizing User Roles’ section down further.
How to Enable or Disable Subsite Controls
Once Branda is installed and activated on your multisite network, open the Settings tab and click Permissions.
Locate Subsite Controls and note that there are three options: None, All and Custom.
With None selected, all of Branda’s features for the entire network are controlled by the Super Admin.
In fact, Branda will not even appear in the subsite admin menu.
With All selected, a Branda tab is added to the subsite admin menu and all of the plugin’s settings can be configured for each site individually.
The Custom tab allows Super Admins to maintain control of some settings while passing control of others to the subsites.
Selecting Custom reveals tabs for Branda’s six main modules and each tab contains a menu of that module’s features.
Super Admins can delegate control of entire modules or select specific features within a module to delegate while retaining control of others.
Customizing User Roles
Make sure that Branda is installed on the WordPress site or Multisite network you want to customize or give other users access to.
Next, from your WordPress menu, select Branda > Settings.
This brings you to the plugin’s Settings screen.
Click on the Permissions tab to configure which users and user roles can access and configure Branda’s settings.
Click on the Permissions tab.
Select the user roles you want to give permissions for branding and customizing the site. Note that permissions cannot be removed for administrators.
Just one of the many features of Branda that truly ticks all the boxes.
You can also give access to specific users by clicking on the ‘Add User’ button and typing in their username. Remember to click the ‘Save’ button to update your settings.
Branda’s new user role features are now available, so your clients no longer have to wait until their faces turn blue to customize their WordPress admin.
Anyone you’ve given access to Branda’s features can now customize WordPress admin areas.
How to Customize the Admin Area by User Role
Depending on how you have set up your permission settings for different user roles, users can customize the admin bar with their logo, control the visibility of menu items, add custom menu items, or reorder existing items.
For example, you can allow different users to customize their Admin Bar based on their role.
This allows users to do things like add, hide, and reorder menu items and add their own custom menu items to the toolbar.
In the Branda Pro menu, select Admin Area > Admin Bar > Toolbar Visibility, then choose which user roles can display the Admin Toolbar on the front-end of their sites.
You can also customize the Admin Menu by user role or by custom user.
This allows users with permissions to enable the Link Manager feature, remove the “Dashboard” link from the admin panel for users without a site (in WordPress Multisite), display helpful tips, promotions, or announcements in their admin panels, and remove the “permalinks” menu item.
Go to the Branda Pro menu, select Admin Area > Admin Menu > Custom Admin Menu, then toggle the options on the screen on or off to enable or disable different features.
Why Give Users The Power To White Label WordPress?
If you’re in the business of building or managing websites for others, it kind of makes sense to white label WordPress client sites.
Many website owners don’t know or care about WordPress, so white labeling is a great opportunity to customize sites according to clients’ needs and capabilities.
As an added bonus, it also presents them with a more professional image of your business.
But why would you want to give someone else the ability to customize and brand a WordPress site that you have built and or manage?
Well, here are some examples:
- If you run a WordPress multisite network as a Super Admin (e.g. for a new web design business, WordPress hosting business, an eCommerce marketplace, or an organization with different departments), you can let other site admins and users customize their sites.
- If you run a single WordPress site for a client and provide mostly technical support or maintenance, you can set up a separate admin account for your client and customize their admin account while leaving yours untouched. The same thing goes for customizing user roles like editors, members, etc. This also applies if your client wants someone else to manage their site who knows how to use WordPress but doesn’t want to look after the technical side.
- Some users just need to accessorize. They accessorize and personalize their phone, their car, their home… why not also allow them to customize the backend of the website they work in?
Branda’s branding abilities give users the flexibility to make WordPress their own.
Thank You To Everyone Who Requested Branda’s New Features
Hopefully, you can see from the above how the ability to customize areas of WordPress based on user roles can benefit developers and users.
We want to thank WPMU DEV members like Teddy, Pedro, Dominique, Charlie, Jonathan, and Chris for requesting new features that allow Branda to:
- Hide/show and fully customize WordPress admin menu items based on user roles.
- Create a different menu for different user roles.
- Add custom admin menu items.
- Reorder admin menu items and subitems.
- White label any menu item.
- Do all of the above on a multisite installation.
Also, thank you Ani, Hassan, and Ivan from Branda’s development team!
To discover what new features are in store for Branda (and all of our other super plugins), check out our Roadmap.
Unlock All Of Branda’s Stylish Features
If you’re ready to unleash the full power of WordPress white label branding with the best WordPress white label branding plugin available, why not give our free 30-day WPMU DEV trial membership a try?
This way you can download Branda and customize your WordPress site to your heart’s content with no risk or obligation.