Home Permissions, Capabilities & Publishing Workflows

Permissions, Capabilities & Publishing Workflows

Regardless of how big your college or university is, you’re going to want to control who can do what within your digital properties. CMS tools often have rigid sets of user permissions that control how your website or users work, ignoring how your actual organization runs.

Planning for user roles and capabilities is a key component of any project regardless of software platform.

User Roles

By default, WordPress comes with a set of user roles and capabilities pre-defined. A user role is a grouped set of capabilities that can be assigned to a person in your organization.  User roles can limit the section of a website that an editor can access. They can control the editorial workflow of content, acting as the basis for an approval based workflow for content publishing.

Thankfully the default set of user roles covers most use cases. We find that most higher ed organizations need 2-3 additional roles defined to meet their organization’s needs and may need a default role disabled. Department Owner, Section Editor, Intern – each role is specific to your organization’s needs with the specific set of capabilities assigned to it.


Capabilities are narrowly defined actions that a user can take on the platform. There a zillion individual capabilities that are at play. Can a user write a new page of content, can they edit it, can they delete it, can they upload a picture, can they add a caption, can they add a category, can they edit a category ?

The granularity of individual capabilities enables us to craft very specific sets of user roles catering to your needs.

Default Roles in WordPress

Super Admin
can access the site network administration features and all other features.

somebody who has access to all the administration features within a single site.

somebody who can publish and manage posts including the posts of others.

somebody who can publish and manage their own posts.

somebody who can write their own posts but cannot publish them.

a non administrative user (confusingly named).

Custom Roles & Capabilities

WordPress’ extensibility enables the creation and management of custom roles & capabilities. This can be approached with a couple different mindsets. Custom roles can be managed on the fly – enabling site administrators to create and update as the types of user roles as needed.

Conversely, the user roles and capabilities can be extended to meet an organization’s needs but locked down. There are pros and cons to both approaches. Administering capabilities on the fly is a powerful tool that enables site administrators to make significant changes without updating the core software. That kind of flexibility can be helpful, but it also puts a great deal of responsibility on your administrators to track and control access. By pre-defining, and setting fixed user roles and permissions you lose some flexibility but ensure consistency. WordPress can support both models well.

Single Sign On

Most universities have user management and authentication systems that are tied to any number of existing aspects of campus life. We have integrated the WordPress user management and login system with a number of external tools such as LDAP, OneLogin, Shibboleth and others, to enable seamless integration.

Existing user management systems can power user access and role assignment within WordPress to ensure that your users have a single login to track. This also has the added benefit of leveraging the authentication security protocols that your user management has already put in place.

Best of all, you can manage access to your digital platform just the same as you do with the rest of your organization.

Publishing Workflow

WordPress provides a series of different publishing workflows powered by roles & capabilities. Content can be created and worked on in a draft format. Once ready for deployment, it will then either be marked as pending review for an editor or be published directly to the site depending on the user’s permissions. A future publish date can be added to schedule when the content becomes available. The content can also be marked as public, private (logged in users) or password protected. From there, unique workflows can evolve.

WordPress enabled us to build Stanford Law a custom review process so that Student Affairs and Facilities could oversee any new content for events. Managing a large content creation team at times requires a more finessed workflow. Plugins like EditFlow create an editorial calendar, and offer custom statuses and notifications, allowing you to really fine tune your team’s workflow.

What’s Your Workflow?

When planning your project, it’s worth mapping out how your content is going to be created, reviewed, and ultimately published. Storing feedback, and tracking revisions can be  complicated features that are easily forgotten.