How to Control User Permissions for the Divi Theme

How to Control User Permissions for the Divi Theme

If you are the only person who manages your site, then you’ve probably never had to think about it. You are an admin and you have access to everything, so what a signed in user has access to has never been something you’ve had to consider. The problem appears when you want to give the ability to manage a website to someone else, but you don’t want to give them any more access than what they need. For example, the content writer should not have access to your customers’ data or sales analytics, right? They don’t need it to do their job.

When it’s not about data, it’s about page security. For an inexperienced user, the number of options in the WordPress dashboard can be overwhelming. Inexperienced users could mess up your design, or even break the entire site (believe me, it happens more than you might think). Anticipate, protect!

The good news is that WordPress and Divi come pre-packed with a number of ways to change what is visible and to who depending on the roles that person plays in the running of your website. In this post, we’re going to dig into this topic and show you how you can use these features to minimise your chances of losing control.

 

WordPress User Roles: What They Are and How to Use Them?

WordPress has 6 pre-made roles, they are:

Super Admin – has access to all functions, including network features
Administrator – has access to all functions in a single site
Editor – can publish and manage the posts of other users
Author – can publish and manage their own posts
Contributor – can write and manage their own posts
Subscriber – can only manage their profile

 

 

How Can I Manage Capabilities?

 

1. Divi Role Editor

The Divi Role Editor is a built-in feature into Divi Theme. It’s an easy-to-use solution where you can easily enable and disable permission settings for each of the WordPress’s built in user roles, giving you full control over what the client can see and use inside the Divi Builder.

 

While the Divi Role Editor is a perfectly capable tool for the most part, we’ve struggled over the past few weeks with one issue. Despite the fact that the editors have permission to use the Divi theme options, they did not have access to them.

Have you noticed this issue? Well one solution, and another great way to finetune role permissions is to install a role editing plugin.

 

2. User Role Editor Plugin – Easy to Manager

The User Role Editor WordPress plugin allows you to change user roles and capabilities in a few clicks. You can add new capabilities and remove unnecessary capabilities which could be left from uninstalled plugins. To read more about ‘User Role Editor’ visit the plugin page.

User Role Editor

So far we’ve discussed two options to get granular with what users can and can’t do, so let’s look at one more, and our favorite for overcoming this particular issue. Code.

3. Make Changes to the Functions.php File – Recommended

It sounds complicated, but editing the user roles and capabilities using a function is surprisingly simple.

You need to add a snippet to the functions.php file. Each theme comes with its own functions.php file. If you’re going to make extensive modifications to yours, the best course of action is to set up a child theme so your changes don’t disappear during updates. You’ll also want to back up your site before making any changes, just in case things go wrong and you need to roll back your changes.

Moving on, you’ll need to access your functions.php file.

Use an FTP Client such as FileZilla to navigate to the wp-content/themes/ directory. Inside your activated child theme folder, where you’ll find a functions.php file.

You can also do this in the WordPress Dashboard -> Appearance -> Theme Editor
Choose functions.php file.

Add this snippet at the end of the file, before >? Tag

function add_theme_caps() {
$role = get_role( ‘editor’ );
$role->add_cap( ‘import’ );
$role->add_cap( ‘export’ );
$role->add_cap( ‘switch_themes’ );
$role->add_cap( ‘edit_theme_options’ );
$role->add_cap( ‘manage_options’ );
}
add_action( ‘admin_init’, ‘add_theme_caps’);

And save changes.

How It Works?

 

Each role is allowed to perform a set of tasks called Capabilities. There are many capabilities, for example “create_sites”, “edit_dashboard”, and “edit_users”.

This snippet will add the capabilities associated with managing Divi’s theme options to WordPress’s Editor role. That means Editors will have access to the Divi Theme Options and Divi Library as was the goal in this case.

p

If you want to remove capabilities, removing the php won’t work, because user capabilities are saved in the mysql database. You need remove them with the function “remove_cap” to achieve this.

You can learn more about roles and the capabilities they come with from the WordPress Codex: https://codex.wordpress.org/Roles_and_Capabilities

function remove_theme_caps() {
$role = get_role( ‘editor’ );
$role->remove_cap( ‘import’ );
$role->remove_cap( ‘export’ );
$role->remove_cap( ‘switch_themes’ );
$role->remove_cap( ‘edit_theme_options’ );
$role->remove_cap( ‘manage_options’ );
}
remove_action( ‘admin_init’, ‘remove_theme_caps’);

Do you have any questions about user roles or capabilities? If so, ask away in the comments section below!

Stephen James

SJ is a web developer living in the coastal town of Southsea, England. He is a Divi and WordPress advocate and the founder of Divi Space.