What are User Role Levels in WordPress?
The PublishPress Capabilities plugin has a feature that allows you to select a “Role Level”.
Each user role in WordPress has a different level from 0 to 10. This screenshot is from the PublishPress Capabilities screen:
Every default role in WordPress has one of these levels. The very lowest level is “Subscriber” and that has a level of 0. The very highest level is “Administrator” and that has a level of 10.
What do these role levels mean?
These role levels are mostly deprecated in WordPress. To some extent they are relic of the days before WordPress 2.0 added user roles.
WordPress 2.0 came out in 2007, but it took several more years to slowly remove role levels from the codebase.
This snippet below is from a book called “WordPress 2.7 Cookbook” which was published in 2009. You can see that the role levels were hard-coded into WordPress:
You can still see some of that code in WordPress today. The user role revels are stored in
wp_user_roles in the
wp_options database table. In the screenshot below, you can see several instances of
If you want more, check out our complete guide to WordPress user permissions in the database.
However, even though you won't see much them in modern WordPress code, role levels do still have two key uses. I'll explain them both in next section of this tutorial.
Use #1. Creating users in other roles
WordPress does sometimes care about the hierarchy of roles. In particular, the heirarchy is important when creating new user accounts. Here's a practical example where Role Levels matter …
A default WordPress site only allows Administrators to create users. If you give the “create_users” permission to non-Administrators, then they will only be able to create users in a role that is lower in their hierarchy. This means that people in the “Author” role will only be able to create “Contributors” and “Subscribers“. This post explains more and also allows you to modify this restriction.
This hierarchy restriction is a useful security measure. You don't want to allow Authors to create as many Administrators as they want.
The PublishPress Capabilities plugin has some extra security measures including these:
- Users cannot assign a role with a level higher than their own.
- Users cannot edit another user with a level higher than their own.
- Users cannot edit a role with a level higher than their own.
Use #2. The Author dropdown
The “Authors” dropdown for posts will only include users whose role has a level of 1 of higher. This is why you don't see any users in the Subscriber role in the “Authors” dropdown.
A quick note: if you don't see the Authors box, there may be other reasons.
Occasionally, we do see people who create custom roles but forget to assign a role level. This WordPress.org post is a good example. In that situation, users in that role won't be available as Authors.
If you want to see Subscribers in this dropdown, you can change the level assigned to that role. Let's see how it's done …
How to Change the User Role Levels
PublishPress Capabilities does allow you to change the level of each role.
- Go to “Capabilities”.
- In the top-left corner, choose the role you want to edit.
- You can now scroll to the bottom of the screen and choose the “Role Level”. The “Administrator” role is locked to 10, but every other role can be edited.
- Click “Save Changes”.
Get all the PublishPress plugins
Join PublishPress today and you'll get powerful publishing and permissions plugins to improve your WordPress site.