WordPress CMS – User Access Levels
The more I use WordPress the more I like it.
Recently I’ve been asked to do two web sites that have multiple access levels. One is for a graphic designer who wants a public site as well as things only her clients can see and things only her employees can see. The other is a private club that wants to give a very small amount of information to the public, and also wants separate access to information for two levels of membership. In both cases I used WordPress.
For the private club, I used the Role Manager plugin to create a Subscriber level that has access to pages marked Private, and another that has access to pages and posts marked Private. Thereby I created two levels of private access. See my article titled “Caveats for Emptors” for warnings about using the Role Manager plugin. You may prefer to use the User Access Manager plugin instead. I used it on the graphic designer’s site and will probably never use the Role Manager again.
To augment that, I added Peter’s Login Redirect plugin to both sites. This plugin allows you to redirect users to any page on the site by user name, role, numeric admin level, or “anyone else” (i.e. anyone not defined by the preceding criteria). The really nice thing about this plugin is not terribly obvious. If you have created a page or post that you only want one person or a defined group to see, you can send them there directly. Note that by default, links to pages marked Private will not appear in your WP navigation, and category links will only appear if there is at least one public post in the category. So, now you have a way of “hiding” information within your site. You could (for example) give your employees access to a category that contains protected posts about several projects and your clients a direct route to a specific page where their project is posted. Search the WordPress plugins directory for the words login redirect and you will find similar plugins that may better suit your specific purposes. Beware of Weasel’s Login Redirect as it requires the Role Manager plugin to work.
Finally in both cases I used the Hide dashboard plugin and removed the Meta links from the sidebar so that Subscriber-level visitors won’t mess with the login profiles.
This article copyright © John Nasta 2009 – All Rights Reserved
You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.