User
Beta 1
This is the documentation for the AAM 7.0.0-beta.1 release. We are actively working on the documentation that may change before stable release announcement.
Syntax
User:<ID|user_login|user_email>User:* - Premium Feature
Definition
The User resource is useful for defining access controls to specific user or all users. For instance, you may want to grant admin rights to additional users but prevent them from changing or deleting your admin account. This can be achieved by restricting actions on your user account for other privileged admins.
The following policy prevents actions on the admin account with ID 1:
{
"Statement": {
"Effect": "deny",
"Resource": "User:1",
"Action": [
"List",
"Edit",
"Delete"
]
}
}
Actions
The User resource supports several actions that fine-tune what users can do with other users.
List: Allows the current user to view or manage the specified user.Edit: Allows the current user to edit the specified user.Delete: Allows the current user to delete the specified user.ChangePassword: Allows the current user to change or reset passwords for the specified user.ChangeRoleorPromote: Allows the current user to change roles for the specified user.
For example, this policy restricts management of two specific users:
{
"Statement": {
"Effect": "deny",
"Resource": [
"User:john@example.xyz",
"User:13"
],
"Action": [
"List",
"Edit",
"Delete"
]
}
}
Wildcard
The wildcard User:* can be used to target all users, which is useful for hiding them all. This is a premium feature available with the premium add-on.
In the following example, all users will be hidden:
{
"Statement": {
"Effect": "deny",
"Resource": "User:*",
"Action": "List"
}
}
Info
Another way to prevent a user from listing all users is to deprive them of the list_users WordPress core capability.
Virtual Assistant