WordPress capabilities allows you to manage permissions of a set of posts, usually grouped by a post type. For example, the capabilities under “Posts” applies to all posts created in your site. And capabilities under “Pages” applies to all pages in your site. The same is true for Media and Custom Post Types(CPT). But what if you want to apply a different set of permissions to 50% of posts, pages, media or custom posts in your site?
Extended permissions functionality gives you granular control over Posts, Pages, Media and Custom Post Types permissions.#PRO feature
Extended permissions work on multiple levels. To inherit a value from the previous level, set it’s configuration value to “inherit”. Currently there are only two levels. A configuration on the individual post/page/media/cpt itself and a global configuration. Access the extended permissions global configuration through the settings screen.
Configuring extended permissions
Login is required – Whether the user needs to be logged-in before accessing the current post/page/media/cpt. If the user is not logged-in and login is required, then the user will be redirected to the login page first. Once the user logs in, they will be taken back to the post/page/media/cpt page. Possible values are as follows.
- Inherit – Inherit the value from the previous level.
- Yes – Login is required to access this post/page/media/custom post type.
- No – Login is not required.
Role permissions are – This specifies the behavior of the current post/page/media/cpt’s extended permissions configuration. Possible values are as follows.
- Inherited – This means the entire role permissions are inherited from the previous level.
- Overridden – This means the role permissions are configured on this level and use the settings configured against the roles in below section.
- Disabled – This means the role permissions are configured on this level, but is disabled and will follow the WordPress default permissions.
View – Permission to set on view access.
Edit – Permission to set on edit access.
Delete – Permission to set on delete access.
I – Inherit the permission from previous level.
A – Allow the permission.
D – Deny the permission.
View Deny Action – If view access is denied, the action to be taken.
- 404 – Present the “Not Found”/HTTP 404 page.
- Redirect – Redirect the user to the specified URL.
A checkbox on the first row will allow you to apply the same “view deny action” configuration to all roles.
[Guest] – Users who are not logged-in.
[New Roles] – All roles which are created after saving this configuration.