I have a scenario where I need a editor like role but with extended capabilities where they can access woocommerce orders,products and user page. If I would to create a custom role or change the core editor role with these extended capabilities, will there be any security issue in the site or will there be a code break in the site when i'm upgrading wordpress version?
I have a scenario where I need a editor like role but with extended capabilities where they can access woocommerce orders,products and user page. If I would to create a custom role or change the core editor role with these extended capabilities, will there be any security issue in the site or will there be a code break in the site when i'm upgrading wordpress version?
Share Improve this question edited Jun 7, 2019 at 10:00 Amy asked Jun 7, 2019 at 9:37 AmyAmy 32 bronze badges2 Answers
Reset to default 0Modifying the editor role by adding new capabilities will grant users editor capabilities plus these new capabilities. As long as you're comfortable with that level of access, there aren't additional security concerns.
If you want to create a new role which is what I recommend for this scenario, you can craft the capabilities according to your needs and only grant the capabilities you want these users to have.
The only concerns I would have with updates is if the core WordPress editor role were to change in the future.
You can use Advanced Access Manager Plugin https://wordpress/plugins/advanced-access-manager/ works user level based capabilities from wp-admin dashboard it's works woocommerce also.