Demystifying the "User Level Filter" service
Deprecated!
This service was deprecated in AAM 6.9.28 version in favor of "Users & Roles Governance" service. For more information, refer to this article.
WordPress, a popular content management system, offers extensive user and role management capabilities to website administrators. However, there are situations where administrators need more control over who can access and manage user roles and permissions. The Advanced Access Manager (AAM) "User Level Filter" service provides a unique solution to address this need. In this article, we will explore the functionality of the "User Level Filter" service, how it works, and when it can be beneficial for WordPress website administrators.
Understanding the service
The "User Level Filter" service is a feature provided by the Advanced Access Manager (AAM) plugin. It is designed to enhance the native WordPress user and role management system by restricting users with lower authority levels from viewing or managing users and roles with higher authority levels. This functionality ensures that sensitive user data and critical role permissions remain protected.
Enabling the service
By default, the "User Level Filter" service is disabled within the AAM plugin. However, website administrators can easily enable it by navigating to the AAM "Settings" page and selecting the "Services" tab. Once enabled, the service immediately begins filtering roles and users based on the current user's authority level.
Understanding user levels
To comprehend how the "User Level Filter" service functions, it's essential to understand the concept of "user levels" in WordPress. Historically, WordPress used ten system capabilities, identified as level_0
, level_1
, up to level_10
, to determine user privileges. Higher-level capabilities granted users more extensive access and control. Although these capabilities have been largely replaced by WordPress roles today, they can still be used to gauge the relative superiority of roles.
For example, the WordPress core role "Editor" is associated with the level_7
capability, indicating a higher level of authority, while the "Contributor" role only has the level_1
capability, signifying limited privileges. AAM leverages this basic concept to assess the privilege levels of roles and users and hide them from users with lower authority levels.
Practical scenario
One common scenario where the "User Level Filter" service proves invaluable is when a website administrator delegates user management responsibilities to sub-administrators but wishes to prevent these sub-administrators from altering or deleting the primary administrator's account. In such cases, a custom role, such as "sub-admin," can be created. This custom role inherits all the capabilities of an administrator but is assigned a lower level_9
capability, effectively limiting its authority.
Conclusion
The AAM "User Level Filter" service offers a powerful solution for fine-tuning user and role management in WordPress. By restricting access to roles and users based on their authority levels, administrators can maintain control over critical accounts and sensitive permissions. Whether you are managing a complex WordPress website with multiple user roles or simply looking to enhance security, the "User Level Filter" service can be a valuable addition to your toolkit.