WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#27037 closed enhancement (wontfix)

The options to have new users sign up with Administrator as the default role should not be an option

Reported by: dwainm Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.8.1
Component: Users Keywords:
Focuses: Cc:
PR Number:

Description (last modified by ocean90)

Allowing the option for new users to register with the administrator role by default should not be allowed. Maybe we could add a filter that allows for it to be added again if there is a use case for it.

Change History (6)

#1 @helen
6 years ago

  • Component changed from Administration to Users
  • Focuses ui accessibility removed
  • Keywords reporter-feedback added

It certainly isn't a particularly safe setting, but any other reason to specifically disallow that role?

#2 in reply to: ↑ description @jenmylo
6 years ago

I have to agree with Helen. While for many people it would be an extremely poor decision to make everyone who registers an admin, that doesn't mean there aren't use cases for it. As long as the true default --- the role we have set in core as the default for new members, vs. the role a site admin chooses to make the new default later --- is still Subscriber, I don't think we should be locking down the software to prevent people from making bad decisions.

#3 @ocean90
6 years ago

  • Description modified (diff)

#4 @dwainm
6 years ago

  • Keywords reporter-feedback removed

Hi Helen, The main point would simply be that it allows for people to make stupid decisions. If I think about the use cases for the option , its definitely in the 0.1 percent.

I can think of people using it on an intranet and that is where it stops for me. I'm not sure if there are any other use cases where any one that registers needs full control of WordPress.

If we can help newbies steer safe I think its a good decision. Decision over Options.

#5 @helen
6 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to wontfix
  • Status changed from new to closed

If you're turning on user registration, I should hope you are being thoughtful and not just rampantly changing things. And as jenmylo said, so long as the role WP defaults to is subscriber, we shouldn't arbitrarily limit the choices. After all, there are also custom roles that could be just as dangerous.

Note: See TracTickets for help on using tickets.