Additional protection

User Role Editor (URE) applies by default some additional protection measures in addition to standard permissions system based on user capabilities.

1) Users with ‘administrator’ role are hidden for other users, which can list and edit users. Role ‘administrator’ is not available for selection from roles drop-down list at the add new user page, user profile and change role bulk action at users list.
These restrictions is not applied to the users with access to the URE itself.

This way URE prevents a case when such user may delete other users with admin access. It’s possible to switch OFF this protection using ure_supress_administrators_protection custom filter. Just return true from a function hooked to it.

2) URE is not visible at the list of active plugins for users who don’t have URE’s key capability.