Home > Blog Add-ons > Role Scoper

Role Scoper

October 30th, 2009

Table of contents

Description

Role Scoper is a comprehensive access control solution, giving you CMS-like control of reading and editing permissions. Assign restrictions and roles to specific pages, posts or categories.

How it works:

Your WordPress core role definitions remain unchanged, and continue to function as default permissions. User access is altered only as you expand it by assigning content-specific roles, or reduce it by setting content-specific restrictions.

Users of any level can be elevated to read or edit content of your choice. Restricted content can be withheld from users lacking a content-specific role, regardless of their WP role. Deactivation or removal of Role Scoper will return each user to their standard WordPress access (but all RS settings remain harmlessly in the database in case you change your mind).

Scoped role restrictions and assignments are reflected in every aspect of the WordPress interface, from front end content and navigation to administrative post and comment totals. Although Role Scoper provides extreme flexibility and powerful bulk administration forms, basic usage is just a set of user checkboxes in the Post/Page Edit Form.

Partial Feature List

  • Customize access for specific Pages, Posts, Categories
  • Assign roles to User Groups (or directly to user)
  • Control Read and/or Edit access
  • Pages and Category listing match modified access
  • Category post counts and tag cloud match modified access
  • Page and category listings maintain tree structure even if some branches are hidden
  • File Attachment filter blocks direct URL requests if user can’t read corresponding post/page
  • Customizable Hidden Content Teaser (or hide posts/pages completely)
  • Control which categories users can post to
  • Control which pages users can associate sub-pages to
  • Assign additional blog-wide, type-specific role(s) for any user
  • Can elevate Subscribers to edit desired content (ensures safe failure mode)
  • Inheritance of Restrictions and Roles to sub-categories / sub-pages
  • Default Restrictions and Roles for new content
  • Default Groups for new users
  • Un-editable posts/pages are excluded from the editing list
  • Specify element(s) in Edit Form to withhold from non-Editors
  • RSS Feed Filter with HTTP authentication option
  • Optimized to limit additional database queries
  • Inline descriptive captions for each of the extensive options and settings
  • Supports translation (contribute your own!)
  • Pending Revisions allow Contributors to suggest changes to a currently published post/page

For more information, see the Usage Guide or Support Forum.

Support

  • Most Bug Reports and Plugin Compatibility issues addressed promptly following your support forum submission.
  • Author is available for professional consulting to meet your configuration, troubleshooting and customization needs.

Installation

Activate the plugin through the ‘Plugins’ menu in WordPress

Faq

How can I prevent low-level users from seeing the Roles/Restrictions menus and Edit boxes?

In your blog admin, navigate to Roles > Options. In the “Content Maintenance” section, set the option “Roles and Restrictions can be set” to “by blog-wide Editors and Administrators” or “by Administrators only”. Click the Update button.

How does Role Scoper compare to Role Manager or Capability Manager?

Role Scoper’s functionality is entirely different and complementary to RM and CM. RM/CM do little more than alter WordPress’ definition of the capabilities included in each role. That’s a valuable task, and in many cases will be all the role customization you need. Since RM/CM modifications are stored in the main WordPress database, they remain even if RM/CM is deactivated.

Role Scoper is useful when you want to customize access to specific content, not just blog-wide. It will work with the WP roles as a starting point, whether customized by RM/CM or not. To see how Role Scoper’s role definitions correlate to your WordPress roles, navigate to ‘Roles’ > ‘Options’ > ‘RS Role Definitions’ in your blog admin. Role Scoper’s modifications remain only while it stays active.

Why are there so many options? Do I really need Role Scoper?

It depends on what you’re trying to accomplish with your WordPress installation. Role Scoper is designed to be functionally comprehensive and flexible. Great pains were taken to maintain performance and user-friendliness. Yet there are simpler permission plugins out there, particularly if you only care about read access. Review Role Scoper’s feature list and decide what’s important to you.

Why doesn’t Role Scoper limit direct access to files that I’ve uploaded via FTP?

Role Scoper only filters files in the WP uploads folder (or a subfolder). The uploads folder must be a branch of the WordPress directory tree. The files must be formally attached to a post / page via the WordPress uploader or via the RS Attachments Utility.

In your blog admin, navigate to ‘Roles’ > ‘Options’ > ‘Features’ > ‘Attachments’ > ‘Attachments Utility’.

Where does Role Scoper store its settings?How can I completely remove it from my database?

Role Scoper creates and uses the following tables: groups_rs, user2group_rs, role_scope_rs, user2role2object_rs. All RS-specific options stored to the WordPress options table have an option name prefixed with “scoper_”.

Due to the potential damage incurred by accidental deletion, no automatic removal is currently available. You can use a SQL editing tool such as phpMyAdmin to drop the tables and delete the scoper options.

Screenshots


Admin menus


Roles boxes in Edit Post Form


Role boxes in Edit Page Form


Role Assignment Tabs in Edit Post


Role Assignment Tabs in Edit Page


Edit User Group


Scoped Roles in User Profile


Category Restrictions (bulk admin)


Assign Category roles to expand reading or editing access

Tags: , , , , , , , , , , , , , , , , , , , , ,
Comments are closed.