Here is a simple use case : You are building a community of users to do collaborative document editing (i.e. create word, excel documents collaboratively – multiple authors can edit – comment etc.). In addition, there may be MULTIPLE such communities – e.g. DEVELOPER community building its own documents, EXECUTIVE committee working on its own documents – and you do NOT want any visibility across communities (i.e. DEVELOPERS cannot see EXECUTIVE documents  and vice-versa).

Here is the solution I came up with.

  1. Define a CATEGORY to represent each GROUP – e.g. DEVELOPER Category, EXECUTIVE Category. The categories will serve as the Sandboxes for each GROUP of users. No group will be able to access a CATEGORY that is not associated with its own GROUP (see below).
  2. Now, if we set up our groups correctly, we can ensure that only the DEVELOPER GROUP has access to the DEVELOPER CATEGORY. This is done easily enough using a plugin called User Access Manager. Not only does it let you define custom groups (and add users to those groups), it lets you control the CATEGORY visibility for the defined groups.
  3. NOTE: When you create the NEW group – by default – leave out any ROLE AFFILIATION – i.e. the group should not have a pre-existing association with SUBSCRIBERS or EDITORS or any ROLE whatsoever. If you fail to do this – say you end up with a SUBSCRIBER ROLE that is affiliated with a group. Then, ANY user who is a subscriber, regardless of what group they are in, will be able to see posts from other groups (something we want to avoid).
  4. That’s it – now, any post/page created by a user in group A will be invisible to a user in group B. Each GROUP has its own WORDPRESS environment – so to speak.
  5. Admin Roles – What if you wanted to have an AdMIN user – PER GROUP (sort of like a group admin)? Unfortunately, the UAM plugin does not allow that – the only admin allowed is the top level wordpress admin – who has access to ALL the groups. The solution is to create a new ROLE called GROUPADMIN – and GRANT all GROUP specific privileges to this GROUPADMIN role.

Themes that work for such MULTI – GROUP sites

You want to provide a minimalist theme  – that does not take up too much real estate. Here is a list of such themes – one of my favorites is Hellish Simplicity.

APPENDIX A – Glossary

Roles – WordPress has FIVE pre-defined roles – Administrator, Editor, Author, Contributor and Subscriber (see below for details on what each role can do). Each role is allowed to perform a set of tasks called Capabilities.

Creating Groups  – Going beyond default USERS –To create custom roles, use a plugin called  User Access Manager . Allows you to Create custom user groups – and assign capabilities (read, write etc.) to these groups as a whole.

image

Capabilities – There are many capabilities including “publish_posts”, “moderate_comments”, and “edit_users”.  A set of default capabilities is assigned to each role. To change the default set of a role’s capabilities, use a plugin called User Role Editor (see screenshot below) :

Going beyond default Capabilities – Use Editorial Access Manager plugin to define one-off capabilities – e.g. allow a Contributor to edit SOME posts (but not all). So Contributor becomes an editor for certain posts.

Approval Workflow – There are several workflow specific plugins – use this guide to determine what is best for your use cases.

APPENDIX B – Default Roles built into WordPress

Contributors can:

  • Write/edit their own posts
  • Delete their own unpublished posts

Authors can do everything contributors can, and:

  • Edit their own published posts
  • Delete their own published posts
  • Upload media (pictures, etc.)
  • Publish posts

Editors can do everything authors can, and:

  • Manage categories
  • Moderate comments
  • Manage links
  • Edit, publish, and delete other users’ posts
  • Create, Edit, and publish pages
  • Read all private posts/pages

Administrators have full control over the blog, including:

  • Edit anything
  • Update WordPress
  • Install plugins and themes
  • Configure widgets and plugins
  • Create and manage users
  • Perform other administrative tasks

Subscribers  can simply read the content on the blog

Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.

Initial Consultation

Anuj Varma – who has written posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.

 Twitter Linkedin