- WordPress Plugin: https://wordpress.org/plugins/authorizer/
- Changelog: https://github.com/uhm-coe/limit-revision-publishing/blob/master/readme.txt
Limit Revision Publishing restricts edits made by users without the publish_posts
capability. Their edits will be saved as an unpublished revision, and the original post will remain published. The All Posts view in the WordPress Dashboard will contain a column indicating posts with unpublished revisions. Notification emails can be sent to a subset of users whenever a new revision has been submitted so users with elevated privileges can publish them. Finally, specific roles can be marked as limited, so any users with that role will be restricted from publishing revisions on all post types.
Note: this plugin respects per-post-type capabilities, including
publish_posts
,publish_pages
, and any custom post types with a custompublish_{post_type}
capability.
Install the plugin as normal from the WordPress plugin repository. Once activated, you will see a new Settings page at Dashboard > Settings > Limit Revision Publishing.
If your site has no custom roles, this plugin has no effect until you choose a role to restrict. If you have defined a custom role that has the edit_posts
capability but not the publish_posts
capability, then whenever a user with that role edits a published post, their changes are saved as an unpublished revision that needs to be approved by another user with the publish_posts
capability.
Note: by default, WordPress allows updating a published post by any user with the
edit_post
capability, even if they do not have thepublish_post
capability. This plugin changes that behavior.
On the Settings page at Dashboard > Settings > Limit Revision Publishing, you can choose to send customized Email Notifications to specific users or roles whenever a limited user creates an unpublished revision. You can customize the email subject and body, and choose which users or roles receive the notifications.
You may also choose to restrict existing roles regardless of their publish_{post_type}
capabilities. Any roles you restrict in this way will not be able to publish any revisions to any existing post types.
In this example, we configure Limit Revision Publishing to simply restrict any edits made by users with the Author role, and send notifications to users with the Administrator role.
To do this, simply add Administrator to the Roles to notify option, and add Author to the Roles to restrict option, as shown here:
Now, let's say we have an Author attempting to edit a post called Example Post: they want to add the sentence, "This is my new content I am adding." This is what they see when editing (Note the Submit for Review button):
Once they save their edits, an email notification is sent to Administrators:
Subject: Pending revision by [email protected] on Example Post
A new revision has been submitted for review. Please approve or deny it here:
https://example.com/wp-admin/post.php?post=123&action=edit&classic-editor
If an Administrator follows the link in the notification email, they will be taken the Edit Post page where they can see the pending changes, compare them to the current revision, and publish (or discard) the pending changes:
Alternatively, any user with publish capabilities can see Posts with pending changes when they view the All Posts dashboard page:
And if they click on the icon in the Pending Revision column, they are taken to the revision browser where they can approve the change: