Access to posts and pages can be restricted by capability. Any capability can be used to restrict access, including new capabilities.
When access to a post is restricted, only users who belong to a group with that capability may access the post.
Use the Access restrictions box to control access to your posts and pages. You can choose the quick or the manual way to do it:
Using the quick-create field
This is the recommended quick way:
- Edit your post, page or document.
- Select one or more capabilities that are enabled for access restriction. Note that you must be a member of a group that has such a capability assigned.
Using this quick-create field, you can create a new group and capability.
The capability will be assigned to the group and enabled to enforce read access.
Let’s assume that you want to limit the visibility of a post to members of the Advanced group.
- Edit your post;
- Enter Advanced in the quick-create field located in the Access restrictions panel.
Now save or update the post (or hit Enter).
A new group named Advanced with the capability advanced was automatically created.
Group names are case-sensitive, the name of the capability is the lower-case version of the name of the group.
- If the group already exists, a new capability is created and assigned to the existing group.
- If the capability already exists, it will be assigned to the group.
- If both already exist, the capability is enabled to enforce read access.
In order to be able to use the capability, your user account will be assigned to the group.
Using the manual way
Try the quick-create field first. Unless you need a more complex setup, there is no reason to go this way instead.
1) Go to Groups > Groups and add the Basic group.
2) Go to Groups > Capabilities and add the basic capability.
3) Go to Groups > Groups > Edit a group to assign the basic capability to the Basic group.
4) Go to Groups > Options and enable the basic capability to restrict access;
5) Become a member of the Basic group – this is required so you can choose the basic capability to restrict access to a post. (Go to Users > Groups)
6) Edit the post for which you want to restrict access and choose* the basic capability.
* For each capability, the groups that have the capability assigned are shown within parenthesis. You can choose a capability by typing part of the group’s or the capability’s name.
Groups allows you to restrict access by using the capabilities of any group previously added.
We’ve the Basic (basic) and the Advanced (advanced) group.
Edit one of the groups and assign it the capability of the other group;
In the above example, we’ve assigned the capability basic to the Advanced group.
Now, users belonging to the Advanced group could also access those files authorized for the Basic group.
You can also restrict access by using the Subgroups inherit capabilities.