Roles / capabilities

[javiercasares]

An event can have different people performing various roles within the system. These roles are typically summarized into several levels:

• Event Administrator. Full control.
• Event Organizer. This person can organize a specific event. They don't necessarily organize all events but are responsible for at least one specific event. Usually, they are referred to as a "co-organizer" because an event can have one or several organizers.
• Event Communication. This individual is responsible for sending communications about one or multiple events.
• Event Speaker. Events can have one or several speakers. They don’t have any direct actions to perform.
• Event Attendee.

Generally, these five roles should suffice.

This could lead to some capabilities such as:

• Create, edit, delete, list event
• Create, edit, delete, list venue
• Send message

The corresponding capabilities for each role would be:

• Event Administrator:

  • Create, edit, delete, list event
  • Create, edit, delete, list venue
  • Send message

• Event Organizer:

  • Create event
  • Edit THEIR event
  • List event
  • Create venue
  • Edit venue
  • List venue
  • Send message

• Event Communication:

  • List event
  • Send message

• Event Speaker:

  • List THEIR event

• Event Attendee:

  • List THEIR event

[mauteri]

I like this idea, but some things to think about.

• I don't see BuddyPress or The Event Calendar having additional roles added outside of the normal WordPress roles. The context of those plugins are slightly different, so that could be why.
• BuddyPress has Member Types taxonomy, which aren't roles, but ways of classifying members. I could see GatherPress tap into that feature of BuddyPress when both plugins are installed. This is a bit different because it's just a taxonomy and not roles/capabilities
• What I'm leaning to right now after giving this a bit of thought when you mentioned it at the meeting is a GatherPress companion plugin. I think this is a great idea for groups that need a lot more structure around their leadership. I'm going to continue to think about this though and would love to discuss more if there's compelling reasons to add to the core plugin. I'm also sure there's a few ways to implement this within GatherPress settings to make the roles and capabilities pretty flexible.

[javiercasares]

My proposal was based on https://developer.wordpress.org/plugins/users/roles-and-capabilities/

There are different ways to do this, and we can use the native roles and capabilities, but, in my experience, it is better to have your own, for better security. Moreover, we can match the actual ones with the proposed, but, I was thinking more on WooCommerce for example with their specific roles.

But, in any case, is something to think about.

I can try to talk to some “Plugins Team” people and check with them what is the best way (from a plugin reviewer perspective) and go from there.

[mauteri]

Awesome thanks Javier! Yes, getting the plugins team's perspective I think would be great insight.

[javiercasares]

Hello @pacomarchante and @frantorres. Could you check this? :) please!

[carstingaxion]

I have outlined a new idea on Roles & Caps in #872 and would like to read your opinions @javiercasares and @mauteri

This is not meant to replace the need for explicit Roles & capabilities, but could be its foundation. Someone could earn the permission to edit an event, if this exact user has made a comment (with comment_type rsvp and term organizing), which got approved. Going this way would allow GatherPress to assign all or some of the special capabilities @javiercasares described in #445, without having to use explicit WordPress roles or custom capabilities, that a site owner might need to assign to somebody in the first hand. Those caps could be assigned dynamically based on the comment, using user_has_cap .