How to realize complex acces levels?

I am trying to build an access system using Groups for an international school’s website which has 1 general and 4 different national sections.

Users are categorized as Alumni, Staff, Parents and Students and subcategorized for one of the 4 countries they come from (or work for).

I have installed the Groups plugin but I’m wondering if this can be realized without additional extensions.

This is what I want to achieve:

Not logged-in users should only be able to read content labelled General and uncategorized.

Alumni should be able to:
Read general alumni news and events
Read country-specific alumni news and events

Students should be able to:
Read general student news and events
Read country-specific student news and events

Parents should be able to:
Read general student and parents news and events
Read country-specific student and parents news and events

Staff should be able to:
Read general student, parent and staff news and events
Read country-specific student, parent and staff news and events

Editors should be able to:
Edit and publish news and events for their country

General Editors should be able to:
Edit and publish news and events for all countries

Only Administrators should be allowed to edit and change pages, categories, groups, users, menus, etc.

What’s the best strategy ro realize all these different roles and access levels with the Groups plugin?


Comments

One response to “How to realize complex acces levels?”

  1. Hi Pierre,

    The scenario you describe can be covered by the following general groups:

    Alumni
    Students
    Parents
    Staff

    … and for each country with country code CC also these groups:

    Alumni-CC
    Students-CC
    Parents-CC
    Staff-CC

    You can then restrict access to posts based on the Alumni and Alumni-CC groups for example to enable read-access to them.

    For Editors, I would recommend to allow them to publish posts and assign access restrictions based on the groups they belong to. You can work with the normal WordPress roles for that or create an Editors group with appropriate capabilities for that.

    General Editors would be the same as Editors except that they also belong to all groups that country-specific Editors belong to.

    Administrators would not require more specific access credentials.

    So the best strategy would be based on appropriately structuring your groups and using either WordPress roles and a revision/publication process before higher-level roles’ publications are released, or the use of groups with proper capabilities assigned.

    Cheers

Share