Greenleaf Advancement on LinkedIn Greenleaf Advancement on Facebook

Access Control

In our CiviLunch session the other day, I explained the difference between the CMS-based access control and the CiviCRM-based access control. The CMS-based access control in Civi is nice because it lets you control access by operation (view, edit, delete, etc.) to whole modules of Civi. However, I explained at the time that this functionality in WordPress was a little tricky because you had to work with the WordPress-centric roles for CiviCRM functions, since WordPress natively did not let you create and edit additional roles. Today I was led to a WordPress plugin that adds that role creation and editing functionality, and it's simple and easy to use.

That plugin is called Members and can be found here. You can download it from there, or go to the Plugins page in your WordPress install and install it right fron there (recommended).

Members is great. It lets you easily create a role, and then assign the permissions. You create the role on the WordPress side (and assign the WordPress permissions there), but then go into Civi to assign the CiviCRM permissions (Administer --> Users & Permissions --> Permissions (Access Control). I've tested the access and the first indication is that the permissions work as expected (though I by no means tested them all).

So for instance, you could create a role named Board Member, assign users to that role, and then set the permissions so that the board can access Civi, and see everything, but edit nothing. Or you could create a role named Event Volunteers, and just give them full access to CiviEvent but nothing else. The uses are endless.

Check it out and please don't hesitate to let me know if you have any questions or problems. Also, if it's working for you, I would love to hear that too.