Wordpress - security levels

I have designing a sports website. The client would like to have different levels of security using userids/passwords. For example, the coaches should have access to their teams to enter scores, the officers of the league should have full access to all the features, etc. Can this be done in wordpress or is there another CMS that is better suited for this
Thanks
HidesignAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

techawayManaged IT Service ProviderCommented:
Have you thought of using a plugin like WordPress Access Control?

Source: https://wordpress.org/plugins/wordpress-access-control/
0
HidesignAuthor Commented:
Thanks - this looks like it would be good - will I be able to have different levels of security - it looks like I can
0
techawayManaged IT Service ProviderCommented:
Yes, you will be able to create roles so you can have different levels of security which will be decided by the roles you create.
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Jason C. LevineNo oneCommented:
WordPress will work so long as you are looking for role-based security.  However, WordPress's ability to get more granular than that is a little limited.

In your particular case you should be fine, though (and the other Expert posted a good plugin to assist).  I'm just adding this comment for completeness (so no points for me, please)
0
HidesignAuthor Commented:
Jason - what did you mean by more granular - just want to  make sure I understand wordpress limitations
Thanks
0
Jason C. LevineNo oneCommented:
User Roles in WordPress allow you to enable/disable access to various Capabilities.  So you should read the Codex to learn a bit more about how to do various things:

http://codex.wordpress.org/Roles_and_Capabilities

So when you say:

For example, the coaches should have access to their teams to enter scores,

You are going to want to relate that to the Author or Contributor Role somehow...either simply by designating coaches as Authors or Contributors and allowing them to access their own posts or by creating a new Role based on one of those existing Roles but adding more complexity (custom post type, custom fields, Gravity Forms integration for content creation, etc.) to handle the functionality.  

When you say:

The officers of the league should have full access to all the features, etc

That means making them Administrators (full control) or Editors (if you don't want them messing with the theme and plugins).

Fairly simple, right?  This works really well when handling large numbers of users.

What the WordPress Role-based system lacks is the ability to get granular within the Role.  So let's say you wanted some coaches to do stuff that other coaches couldn't...perhaps edit a calendar page or something like that.  In WordPress, adding or removing the capability to the Role adds or removes it for all users of that role.  There isn't an easy way to say:

Make this user a member of the "Coaches" Role but also give just this user permission to edit the Page named "schedule"

Instead, you would have to make a new Role that has all of the Capabilities of Coaches but adds a new Capability to do whatever.  If a third sub-group is needed, the complexity grows again.  A more granular approach is to be able to assign permissions on a per-user basis, perhaps using a group or role to set the basic permissions but then tweaking individuals from there on an as-needed basis.  WordPress doesn't do this natively and the coding/plugins required to make it happen aren't the easiest things in the world to deploy and use.  Joomla and especially Drupal handle this type of security a bit better but those CMS' are not as easy to deploy and use as WordPress is.  

Does this clarify it for you?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
HidesignAuthor Commented:
Jason - Yes - your explanation was a big help. I will be talking with my client to figure out how to best  deploy this.
0
madunixCommented:
0
Jason C. LevineNo oneCommented:
What the heck does that have to do with what we're discussing?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Applications

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.