WooCommerce – How to Understand User Roles and Capabilities (with video) Print

Last updated - August 14, 2020

On your WordPress site, there are different roles and capabilities assigned to users. This is to give the site owner control over who can access what on the site. Accordingly, different aspects of the site are assigned to different users based on the site owner’s discretion. This article gives you a fundamental idea of WooCommerce user roles and the capabilities of each. Read our other article to understand the capabilities of WooCommerce better.

Additional User Roles in WooCommerce

First, when you install WooCommerce, it registers two additional user roles. These are:

• Shop Manager
• Customer

Furthermore, it gives additional capabilities for the Administrator to:

• Manage WooCommerce Settings
• View WooCommerce Reports

Now let’s look into the two specific roles for WooCommerce.

Customer Role

Any user who registers using the checkout or signup option is defined as a customer on your site. Presently, the capabilities of the customer role are as follows:

• Have read access, similar to a blog subscriber
• Can view orders and order history
• Is able to edit own account details

Shop Manager Role

If you hire someone to manage your store, you have to give them access to your site’s back end. This is where the Shop Manager role comes into the picture. This role has the same capabilities as customer role, along with the option to edit WooCommerce settings and products. In addition, this role is capable to view WooCommerce reports as well. The shop manager role is actually similar to the Editor role in WordPress.

Existing User Roles in WordPress

WordPress defines user roles as below:

• Administrator
• Editor
• Author
• Contributor
• Subscriber

Administrator

Admins have complete access to all administration aspects of the site. Some of the unique capabilities that define admin role include deleting other user’s pages and posts, updating the core, creating and deleting users, etc. Moreover, administrators can add, delete and manage plugins and themes on the site. And, the administrators will also have the freedom to modify the details of other users, including passwords. Basically, you can restrict giving administrator access to only site owners, and only trustworthy people who can have complete control over your site.

In multi-sites, there is a user role known as Super Admin. This role has all capabilities by default. However, in a single site, the administrator role is equivalent to super admin.

Editor

An editor role allows you to get access and editing rights to other users’ posts. Editor role would be best for the person who is managing the blogs and other posts on your site. Basically, the Editor role is concerned only with the content aspect of your site. Those with Editor role can edit or delete any posts on your site. In addition, they can moderate, edit and delete comments on the site as well.

Author

Authors can create and publish their own posts. However, this role won’t have access to other people’s posts. They can also delete their posts if needed. Also, those with Author role won’t be able to create new categories. However, they can use the existing categories on your site, and create new tags. Also, those with Author role cannot moderate or delete comments on your site, even though they can view them. Similarly, they won’t have access to plugins and themes on your site.

Contributor

A contributor is a user who can write and edit posts on your site. But these users won’t be able to publish posts. Hence, an Editor has to review and publish the posts written by Authors. This is exceptionally useful when you employ freelance writers to generate content for your site. However, one disadvantage is that those with Contributor roles cannot upload files to your site. And as seen above Contributor role won’t have access to plugins, themes, or other users’ posts.

Subscriber

Those in Subscriber role has only read access on your site. In addition, they can manage their own profiles on the site, such as user information and password. Other than that, they can only read posts and leave comments on your site. You may find it useful if your site strategy requires users to sign in to reading blog posts.

How to decide what role to assign a user?

You might be wondering about how to assign a role to a user. Depending on your online store’s features and functionalities, you might want to assign specific roles to specific users. This will help you effectively control how different users will be interacting with your site.

Shop Manager

You can assign someone the Shop Manager role when you want to let them handle aspects related to your store, but not those of the website. As you have seen above, the Shop Manager role entails different capabilities related to the store. These include being able to manage products, orders, refunds and even to generate reports. However, you don’t want shop managers to be able to change the settings of your site, manage plugins or themes, or modify user capabilities. Basically, you can easily limit the role only for store-related aspects, and not to any other aspects related to your website.

Customer

As you know, the Customer role is assigned by default to anyone who registers on your store. Users under this role won’t have any other capabilities except being able to manage their own accounts. However, you can create custom roles to segment your customers with the help of this plugin. This will allow you to selectively offer discounts, assign purchase capabilities, control access to products, etc. Stores with personalized pricing or wholesale stores can benefit a lot from this approach. We will discuss this in detail later in the article.

Administrator

Administrator role is a powerful role in WordPress. You should grant this role only to users who need to handle almost all aspects of your site. In an ideal situation, only the store owners should have this access. However, you might want to assign this role sometimes to technical experts who are maintaining your site. In order to check different functionalities of the site, they may need complete access. Similarly, external agencies or personnels handling your design and marketing aspects can also be assigned this role as per the situation.

Roles for content creators  

The other WordPress roles such as Contributor, Author and Editor can be assigned to content writers. Contributors will be able to create content, but won’t be able to publish it. Those with the  Author role will be able to create, publish and delete their own content. Editors can manage the content of others as well. Basically, you can assign these roles according to the way you are publishing content on your site. You can assign the Author role to in-house writers and give Contributor role to guest writers. The Editor role will be naturally assigned to the person who has control over your entire content. 

Best practices while assigning roles for the safety & security of your WooCommerce store

Now, we know user roles make it extremely easy for controlling how different users will access your site. It is important to follow some best practices while assigning permissions on your site so that your site’s security is not compromised.

Have a policy to assign roles

It is important to have a policy in place to manage how you are assigning roles to users on your WooCommerce store. The crucial part should be that a user should be assigned a role that is relevant to their way of engagement to the site. As we have pointed out above, you can assign Shop Manager, Author, or Editor roles specifically. 

Moreover, you need to be extremely cautious on assigning the Administrator role to anyone in your store. Many external vendors might request you to provide them Administrator access from time to time. You need to evaluate these requests carefully before granting access. If a particular action on your site by the vendor can be managed with a lower level of access, provide that. If such requests are a regular occurrence on your site, you can install a plugin that will help you specifically control the capabilities and permissions of each user role.

Make sure the user credentials are secure

You have to make sure that the username and passwords on your store are created according to the suggested best practices. It is important to not use usernames like ‘admin’ for your Administrator role, as hackers will find it easier to attack. Make it a practice that you don’t keep any such usernames that can be easily guessed. Instead, keep specific usernames based on the user’s real name.

Also, ensure you are using strong passwords for all users. WordPress provides a strong password every time you create a new user account on your store. You can use this default option, or if you are creating your own, ensure it is complicated enough. This will help to resist brute force attacks on your site to a great extent. If you need to share passwords occasionally with support teams or hosting service providers, make sure you are doing it through a password management system.

Jetpack is a great option you can use to protect your site. Setting up Google reCAPTCHA is another way to secure user login.

Check role assignments regularly

You need to periodically ascertain that all the user roles assigned on your site are relevant. Sometimes, you will assign the Administrator role to a web developer, who was helping you set up a feature. It is important to revoke the permission of that user, after the work is completed. This way if there are temporary role assignments on your store, you need to review them regularly. Similarly, the accounts of employees can also be changed to a lower access or disabled after they leave your company. This will ensure that there is no unauthorized access on your site.

Ensure backups

Backups are an important part of a website’s general safety and security. Make sure that you are using a reliable backup tool, and storing it in multiple locations for  added safety. Automatic WordPress backup plugins will surely help you worry less in this aspect. 

Plugins modifying WooCommerce user roles (Free)

There are no inbuilt features in WooCommerce to modify or create a user role. However, you can get the help of a suitable plugin for this functionality. To help you with it, here’s a list of plugins that you can use:

• PublishPress Capabilites – Using this plugin, you can modify the capabilities of specific roles, create new roles, copy the already-existing roles to new ones, and add additional capabilities to existing roles.
• Groups – This is a group-based user role management plugin that supports unlimited groups. Also, users can be assigned to any groups.
• Members – With this plugin, you can create roles and capabilities. In addition, you can give multiple roles to the same user, or deny specific capabilities to a particular user.

Did you know you can structure your WooCommerce store based on user roles? Learn more!

Plugins modifying WooCommerce user roles (Premium)

Primarily, user roles help to control the way users access different aspects of your site. This is mostly applied for store and content management. However, user roles offer great scope in creating and managing different business models. If you are running a membership store or a wholesale store, you will need to segment your customers for different plans and pricing patterns. In such cases, you need to create custom user roles and assign specific permissions to each of these. Here are some of the popular plugins you can use in different scenarios to create custom user roles and allow specific permissions for each.

ELEX WooCommerce Catalog Mode, Wholesale and Role Based Pricing

With the help of this plugin, you can create different pricing plans for various user roles on your WooCommerce store. It also helps to disable the eCommerce capability and simply run the site in catalog mode. The plugin also offers an option to create custom user roles on your WooCommerce. You can make use of the newly created user roles as well as the existing roles to create different pricing plans and price adjustments. This way, you can create completely new pricing strategies such as wholesale pricing and layered pricing. In addition, the plugin helps you to hide ‘Add to Cart’ button, or customize the text for it. And, if you simply want to provide discounts to some of your loyal customers, you can totally do that too.

Features

• Create role-based pricing store-wide or for specific products
• Offer discounts based on roles.
• Apply catalog mode globally or to specific user roles.
• Customize the add-to-cart button to help customers request a quote.
• Customer specific pricing.
• Create new user roles.

Visit the plugin page.

Prices by User Role

This plugin extends WooCommerce to add role-based pricing functionality to WooCommerce. You can offer discounts or markups to specific customer groups, or display completely different prices based on roles. This plugin helps in hiding the ‘Add to Cart’ button too. Similarly, you can even hide product prices from unregistered users, if it makes sense to your store strategy. Please note, this plugin won’t work well with other plugins that alter the way variations work on WooCommerce. You can check the product page to find the list of incompatible plugins and themes.

Features

• Configure individual product price per user role.
• Hide product price from guest users.
• Role-based discounts and markups.
• Add custom user groups.
• CSV import.

Visit the plugin page.

YITH WooCommerce Role Based Prices

If you are selling wholesale on your WooCommerce store, chances are you want to give a different rate to different buyers. This plugin would help you display the right price for the right user without hassles. However, please note you won’t be able to use this plugin to create new user roles. However, you can use one of the free plugins discussed above for that and use this plugin to set role specific pricing.

With the help of this plugin, you can create specific rules for each user role. Also, you can choose to apply these rules to all your products, or only to certain products or categories. In addition, you will be able to easily manage discounts or markups on products and combine multiple rules. Moreover, the plugin gives you the flexibility to show multiple prices for the same product, like a regular, on-sale, or user-based price. And, if none of the prices are displayed to a particular user, you can show a custom message explaining the reason.

Features

• Set purchase conditions for different user roles globally or for specific products.
• Create price adjustments.
• Combine multiple rules.
• Option to display custom messages and multiple prices to same user.
• Catalog mode.

Visit the plugin page.

WooCommerce Members Only

This is a great plugin to restrict content access on your site based on user roles. You can create a private shopping area for specific customers to make purchase on your store. Moreover, you will have complete control over executing the content restriction strategy. You can restrict the access to the entire site, or specific parts using this plugin. It will also help you create custom user roles, as well as allow you to edit their capabilities.

Features

• Create custom user roles and mange their permissions.
• Restrict content access on your store.
• Multiple options to restrict content – by user, role, login status, or by password.

YITH Automatic Role Change

Now, you have seen a few plugins that would help you create varied pricing plans according to specific user roles. However, there is another aspect to consider here. How do you assign specific user roles to customers? Here is a plugin that would help you automatically assign user roles to customers based on different criteria that you specify. With the help of this plugin, you can create several rules that would determine which user role should be assigned to a customer after purchase. And, it will automatically assign these roles to customers as you specify.

Moreover, you can choose several criteria to decide how to assign user roles to customers. For example, you can specify the purchase of a certain product, or a certain order amount to assign a specific user role. Also, you can specify a time schedule to determine how long a particular role will be valid. An added advantage of this plugin is that it will use the default WordPress and WooCommerce user roles, as well as the ones created by plugins like Members.

Features

• Automatically assign roles to customers based on conditions.
• Set conditions and minimum purchase requirements for assigning specific roles.
• Automatic switching of roles upon meeting requirements.
• Email notifications to customers as well as store admins after assigning a role.

Visit the plugin page.

WooCommerce Pricing Plugin for Customers, Groups and User Roles

This plugin helps you set category based pricing specific to customers, groups and user roles. In addition, you can give various discounts to customers based on flat rates or percentage value that you specify. Also, it helps you import and export prices and saves you from a lot of manual efforts. Moreover, it helps you add multiple user-price combinations without limits. And, the first rule in the list will apply in such a scenario.

Features

• Personalized shop page
• Specific pricing for individual customers and user groups.
• Category-specific pricing
• Bulk discounts.

Visit the plugin page.

How to easily add custom user roles?

We will demonstrate how you can create a custom user role and manage permissions using the PublishPress Capabilities plugin.

With this plugin, you can create a new user role and then selectively assign permissions. You can simply add a name for the new user role that you want to create, and then assign permissions as per the requirement.

Once you create a new role, the plugin allows you to assign specific permissions and capabilities to the role.

Advanced settings for user roles

There are several plugins that will help you achieve certain advanced workflows with user roles on your store. Let’s look at a few:

Personalized pricing

This is a common scenario for wholesale stores and membership sites. You can set different prices for products based on user roles using the ELEX WooCommerce Catalog Mode, Wholesale & Role Based Pricing plugin. When you set up the price for a product or variation, you will be able to set different prices for different user roles. Wholesale stores generally group their customers into different groups based on the average purchase quantity, frequency of purchase, etc. Similarly, for a membership-based store, different prices can be offered for different membership plans.

Restrict purchase option

You can allow only customers with specific user roles to make a purchase from your store. Other users can only be able to view the products, You can redirect them either to a different page, url or contact form. This will let you control who all can purchase from your store. This is again a common scenario for wholesale stores, which have different strategies for different customers. You can manage this use case also with ELEX WooCommerce Catalog Mode, Wholesale & Role Based Pricing plugin.

Automatically assign role when you purchase a product

With the help of Members Only plugin, you can specify one or multiple roles for each product, which will be automatically assigned to a customer who buys that product. This will help you control how user roles are assigned more efficiently. The plugin also offers an option to manually approve user registrations.

Let customers choose their roles

Another scenario which could be useful for some stores is to set up a process where users can choose the role while registering. You can also set up an approval step for some user role, and automatically approve certain others. This use case can be achieved with Members Only plugin.

Deleting user roles on your WordPress site

If you are using the above-mentioned PublishPress Capabilities plugin, you can easily delete a user role as well. Simply select the user role you want to delete, and click the option ‘Delete role’, which you can find at the bottom of the plugin settings page.

Conclusion

User roles in WordPress help in providing a stable structure and organization to varied users of your site. Moreover, it helps you create selective access to your site’s content. And, when it comes to WooCommerce, user roles provide more scope in creating layered pricing and wholesale pricing. This article has attempted to provide more clarity regarding various user roles and their potential applications. Also, you must have got an idea regarding some of the plugins that would help you effectively use WooCommerce user roles.

Watch the below video to understand WooCommerce user roles better.