User Roles

Describes the different user roles in WordPress, and the capabilities of each role. A user’s role defines that user’s responsibilities within the site. Suggested best practices regarding role assignment to WordPress site users are given.

Recommendations

  • Do not share accounts among users. Create a unique account for every person who needs to access the website. See UBC Policy 104/106 .
  • Disable or delete users accounts when the person leaves the unit or no longer has responsibility for updating the website.
  • Limit the number of Administrator accounts as much as possible.

WordPress Administrator

  • The administrator of a department or unit should have an Administrator account. Preferably restrict the creation and use of Administrator accounts as much as possible.
  • The Administrator can add and delete users of the site or change their role.
  • The Administrator can change the site design and enable or disable plugins.
  • Education IT staff will retain Administrator accounts on all sites, in order to provide assistance on a contingency basis, for example when a critical site failure needs to be solved when the regular site maintainers are not available.

WordPress Editor

  • The department administrator will be responsible for assigning other user accounts within the unit.
  • The department administrator will assign one or more staff to be site maintainers. The administrator will add the Editor accounts for each site maintainer.

Author/Contributor

  • An Author can publish posts and manage their own posts.
  • A Contributor can write and manage their own posts, but cannot publish them. This is useful for adding an approval step in your workflow.