[wp-hackers] User roles - GSOC proposal

Andrew Nacin wp at andrewnacin.com
Tue Mar 30 22:13:29 UTC 2010

> With a large number of roles these merged capabilities could get very
> large; the number will grow exponentially for each new role added.

> In your example are you proposing there would be a new *named*
> "AdminEditor" role, or it would just be handled behind the scenes and if
> someone modified Editor it will also modify the merged role too?

Not sure I follow. I was only referring to the upgrade path, that way a
simplification of the roles/capabilities system in a future WP version would
be 100% lossless. If a site did not have any user with multiple roles, and
no users had no user-specific capabilities, then nothing would need to be
changed. Otherwise, for each user with multiple roles or user-specific caps,
we would run them through a script that:

- Computes exactly which capabilities they possess, based on their role(s)
and user-specific capabilities.
- Checks for any other roles has exactly these capabilities.
- If a matching role exists: Assign them to that role, and remove their old
roles and old user-specific capabilities.
- If a matching role does not exist: Create a new role for them with those
exact capabilities. (If User B has the same capabilities as User A, then
User B would get the same role that was created for User A.)

The end result would be that every user has no user-specific capabilities,
and exactly one role, with that role consisting of exactly the capabilities
they had before.

Best I can tell, this upgrade path would be the only code that would need to
be written from scratch. For the most part, the rest would be chunks of code
removed from wp-includes/capability.php.

More information about the wp-hackers mailing list