A friend of mine is interested in writing a story as a series of blog posts, which is cool. I've seen their writing style, and I suggested a blog type format to let loose each of the pieces of the story over time, sort of like a classical serial.
And naturally, once I said 'blog', they went looking around, and pretty naturally hit up on WP first.
Something funky hit us though - my friend isn't particularly interested in making it public yet, not until a decent amount of the stuff is written. So he asked me to have a look at how you'd do just that.
And the more I look at it, the more confused I'm becoming with. I realise I'm not a hardcore WP user, but I'm genuinely confused by 3.2.1's permissions. Or more accurately, the lack of them.
Users can be assigned roles, that's cool. There are several roles (subscriber, contributor, author, editor, admin) but I'm mystified as to how this works.
I cannot, for example, find anywhere to actually set what these roles can actually do, let alone configure them or anything. I have no idea what the difference between them is, or even whether it's possible to make a blog sign-in-to-view or not.
Now, you'll probably say that it's in the manual, and it probably is, but I've been through the entire ACP and cannot find it, which says to me that the UI is broken.
OK... so I then looked it up in the manual. I can, fairly easily, find a list of what permissions each role has, though it's written almost more in programmer terms than anything else.[1]
But, OK, so I found what basic information I was looking for, and check this: I don't think I can probably remove the permission I want to remove from the basic subscriber role (which is after all what it seems like guests have), and even if I could, I'd have to add a plugin if I want to do anything more awkward.
Am I going mad or is this actually quite ridiculous? I have no doubt in my mind that handling permissions is complicated but to provide only the most simplistic of UIs is actually stupid... isn't it?
I've heard that it's "the greatest CMS since sliced bread" but the more I use it, the more I think it doesn't actually DO all that much, and that the only reason it's so 'great' is because there are some plugins that handle doing good stuff with it.
And naturally, once I said 'blog', they went looking around, and pretty naturally hit up on WP first.
Something funky hit us though - my friend isn't particularly interested in making it public yet, not until a decent amount of the stuff is written. So he asked me to have a look at how you'd do just that.
And the more I look at it, the more confused I'm becoming with. I realise I'm not a hardcore WP user, but I'm genuinely confused by 3.2.1's permissions. Or more accurately, the lack of them.
Users can be assigned roles, that's cool. There are several roles (subscriber, contributor, author, editor, admin) but I'm mystified as to how this works.
I cannot, for example, find anywhere to actually set what these roles can actually do, let alone configure them or anything. I have no idea what the difference between them is, or even whether it's possible to make a blog sign-in-to-view or not.
Now, you'll probably say that it's in the manual, and it probably is, but I've been through the entire ACP and cannot find it, which says to me that the UI is broken.
OK... so I then looked it up in the manual. I can, fairly easily, find a list of what permissions each role has, though it's written almost more in programmer terms than anything else.[1]
But, OK, so I found what basic information I was looking for, and check this: I don't think I can probably remove the permission I want to remove from the basic subscriber role (which is after all what it seems like guests have), and even if I could, I'd have to add a plugin if I want to do anything more awkward.
Am I going mad or is this actually quite ridiculous? I have no doubt in my mind that handling permissions is complicated but to provide only the most simplistic of UIs is actually stupid... isn't it?
I've heard that it's "the greatest CMS since sliced bread" but the more I use it, the more I think it doesn't actually DO all that much, and that the only reason it's so 'great' is because there are some plugins that handle doing good stuff with it.
| 1. | Kid you not. http://codex.wordpress.org/Roles_and_Capabilities |
