[wp-hackers] Capabilities as a taxonomy

Jordi Canals jordi at jcanals.cat
Sun Jan 24 19:38:00 UTC 2010

2010/1/24 Moya, Eddie <emoya at tribune.com>

> As I said before, it may be a matter of simply allowing developers as much
> flexibility as possible so they can develop powerful plugins so I'm not
> entirely opposed to it, however I just don't see a case for how this really
> simplifies the every day tasks of managing users.

I always try to manage rights as did to administer systems. My though is
that creating task oriented roles makes an easy administration, nut to do
so, you need to be able to assign more than one role to users. That way, I
will try to imagine an scenario as I have on some sites.

I normally use the default roles, which are task oriented: Author, Editor,
But sometimes I need some kind of management tasks: UserManager,
ImageModerator, CommentModerator or StyleAdmin.

Having just this seven roles I can do a lot of combinations without having
to create new roles each time I need a new combination:

User A : Author + CommentModerator
User B: Editor + ImageModerator
User C: Editor + ImageModerator + UserManager
User D: CommentModerator + ImageModerator
Use E: Author + StyleAdmin

and so on...

With this, finding users that can do one of the tasks I'm interested to
query for is so easy:
Who can Moderate Comments? Query for CommentModerator role
If we are allowed to only have one role per user. It would be a nightmare to
find the Comment Moderators or the User Managers.

Always when talking about granting to allow having more than one role per
user, you have to ask the following question:

How systems manage user groups? Why all systems allow a user to be part of a
group? What are the best practices for user groups administration ?
Change 'group' by 'role' and ask: Why we want WordPress do it different ?
And what will this provide that is best that allowing a user having more
than one role?

Until now, WordPress allowed user to have (or to be member of) more than one
role. Most people don't use that, but a big amount of administrators do it.
Why we want to limit the flexibility those administrators have?

Jordi Canals
http://alkivia.org - http://jcanals.cat

More information about the wp-hackers mailing list