Restrict plugins available for activation/deactivation

Suppose that you wish to allow your client to activate/deactivate the installed WordPress plugins himself. But you don’t wish to allow him make that with some important, critical, system level plugins, which should be hidden from the client, who does not have needed technical skills or/and knowledge. This is possible with User Role Editor Pro “Per plugin role and user access management” add-on.

So let’s see how to restrict the list of plugins available for activation/deactivation for selected user.

Turn on this option at “Settings->User Role Editor->Additional Modules” tab:

activate plugins access add-on
Activate plugins access add-on

User should have ‘activate_plugins’ capability in order be capable activate/deactivate plugins. I created a ‘Plugins Manager’ role for the demonstration purpose.

activate plugins capability
Activate plugins user capability

At the test site we have these plugins installed. Pay attention on the total quant of installed plugins – 8:

Plugins - full list
Plugins – full list

All they are available by default to any user with ‘activate_plugins’ capability.

Restrict a user

Let’s go to the test user profile (user with ‘Plugins Manager’ role assigned) and restrict his access to just the group of the selected plugins.

User profile - plugins available
User profile – plugins available

Just click “Edit List” button (1) to open a dialog window with full list of plugins and select plugins which you wish to be available to this user. Do not forget to update user profile (2) after you finish to change it via opened dialog window with installed plugins list:
installed plugins list
Installed plugins list

Restrict a role

It’s possible to restrict a group of users. You can go to “Users->User Role Editor”, select a role and set for it the list of plugins available for activation/deactivation. Click “Plugins” button:

plugins button
Plugins button

Just select plugins, to allow/block:

plugins button
Plugins button

If a role has the same “selection model” as a user then list of allowed plugins from a role is combined with a list from a user. In other case user’s list has a priority. If user’s list is empty then a list from role takes action.

This is a restricted list of plugins available to this user after login. Only 3 from 34 installed plugins are available to this user with the restrictions we set:

Restricted list of plugins
Restricted list of plugins

In conclusion let’s look on the described process in action: