What are User Role Levels in WordPress?
The PublishPress Capabilities plugin has a feature that allows you to select a “Role Level”.
Each user role in WordPress has a different level from 0 to 10. This screenshot is from the PublishPress Capabilities screen:
Every default role in WordPress has one of these levels. The very lowest level is “Subscriber” and that has a level of 0. The very highest level is “Administrator” and that has a level of 10.
- Subscriber: 0
- Contributor: 1
- Author: 2
- Editor: 7
- Administrator: 10
What do these role levels mean?
These role levels are mostly deprecated in WordPress. To some extent they are relic of the days before WordPress 2.0 added user roles.
WordPress 2.0 came out in 2007, but it took several more years to slowly remove role levels from the codebase.
This snippet below is from a book called “WordPress 2.7 Cookbook” which was published in 2009. You can see that the role levels were hard-coded into WordPress:
However, even though you won't see them in modern WordPress code, role levels do still have two key uses. I'll explain them both in next section of this tutorial.
#1. Creating users
WordPress does sometimes care about the hierarchy of roles. In particular, the heirarchy is important when creating new user accounts. Here's a practical example where Role Levels matter …
A default WordPress site only allows Administrators to create users. If you give the “create_users” permission to non-Administrators, then they will only be able to create users in a role that is lower in their hierarchy. This means that people in the “Author” role will only be able to create “Contributors” and “Subscribers“. This post explains more.
This is a useful security measure. You don't want to allow Authors to create as many Administrators as they want.
The PublishPress Capabilities plugin has some extra security measures including these:
- Users cannot assign a role with a level higher than their own.
- Users cannot edit another user with a level higher than their own.
- Users cannot edit a role with a level higher than their own.
#2. The Author dropdown
The “Authors” dropdown for posts will only include users whose role has a level of 1 of higher. This is why you don't see Subscribers in this “Authors” dropdown.
Occasionally, we see people who create custom roles but forget to assign a role level. This WordPress.org post is a good example. In that situation, users in that role won't be available as authors.
If you want to Subscribers in this dropdown, you can change the level assigned to that role. Let's see how it's done …
How to Change the Role Levels
PublishPress Capabilities does allow you to change the level of each role.
- Go to “Capabilities”.
- Choose the role you want to edit from “Select Role to View / Edit” box.
- Click “Load”.
- You can now scroll to the bottom of the screen and choose the “Role Level”. The “Administrator” role is locked to 10, but every other role an be edited.
- Click “Save Changes”.
Get all the PublishPress plugins
The Pro versions of PublishPress plugins are packed with extra features to help you manage your content. Get a PublishPress membership today for full access: