[wp-hackers] Capabilities as a taxonomy

Jordi Canals jordi at jcanals.cat
Sun Jan 24 01:06:32 UTC 2010


About all this I will just write my point of view from my experience with
systems administration. I think best practices about managing a system like
Linux or Windows are not as different as managing roles and capabilities on
a WordPress site.

- Managing capabilities at user level is not a nice idea. Following
capabilities at user level is really a hard work and its easier to create a
set of roles to make it easy.
- Assigning capabilities only to roles and then assigning that roles to
users makes administration easier and clearer.

- All you need is a tool, like Capability Manager plugin which allows you to
add and remove capabilities to a role, rename a role or delete it.
- After having a set of roles with all capabilities set, you just have to
assign them to users. And you need to be able to assign more than a role to
a user. Having an array of user roles is enough to set all roles a user
needs. If you could assign only one role to a user, the problem is that you
would have to duplicate capabilities and create extra roles.

When writing and maintaining Capability manager, the big problems that I've
found to have a full and secure way to manage capabilities are those (some
are done, and some are planned):

- When allowing a user to manage capabilities must be sure he cannot assign
capabilities he does not have to other users. (managing capabilities is a
plugin capability).
- Be sure that the capability manager cannot remove capabilities from
administrators.
- When you assign a user the capability to manage and create users, them can
easily create a new user with administrator role and bypass any limit of its
own account. This users can also remove the administrator role from anyone
and assign it to themselves.
- As the user profile page does not allow to assign more than a role to a
user, we cannot use a more granular role system.
- Some capabilities allow to do too many things. Having more granular
capabilities fully task oriented here and some more detail would be really
useful. For example, installing themes, updating themes, changing theme
options, managing widgets or editing the theme style are not all managed by
its own capability. (One task, one capability).
- Allowing forcing roles and capabilities at site level on MU blocking
management at blog level.

I think that solving and giving solutions to this points we would have a
very robust and granular system. My opinion is to remove capabilities at
user level and to create them only at role level assigning one or more roles
to the users.

How it is managed in the database with a couple of arrays as it is now
allows for almost anything we need to have a full roles and capabilities
management.

My 5 cents.
-- 
Jordi Canals
http://alkivia.org - http://jcanals.cat


More information about the wp-hackers mailing list