In this article the post is the same as post, page, media or any custom post type while category is any hierarchical taxonomy. AAM does not work with tags for performance reasons however upon request this feature can be created.
The big part of the AAM functionality is dedicated to manage access to posts and categories. WordPress core originally was not designed to restrict access to any content and everything is intended to be public.
AAM alters WordPress core and allows to manage access to your website content for both frontend and backend for any user, group or users (role-based access), visitors or even define default access to everybody.
Please Note! The free AAM version allows to manage access only to unlimited number of posts. With premium Plus Package you are able to manage access to categories and define the default access to all posts and categories.
To understand the full spectrum of possibilities for content access management, it is very important to understand how AAM inherits access settings. The diagram below outlines the general workflow.
The first step is to check if the post has access settings defined for the current user. If no settings found, then it checks if there is a parent post and inherit settings from it but only when Inherit From Parent Post option is enabled (this feature is available only with Plus Package extension).
The Inherit From Parent Post feature is optional as it is used in rare cases. It also significantly increases the work for AAM because parent post is actually the post too and the same inheritance mechanism is applied to it.
If nothing found, then AAM drills up to check if the post has a parent category and here AAM applies term access inheritance mechanism as it is shown below.
If no settings found, then AAM checks if there are defined default settings for the current user and if no, then the same sequence of steps is performed for the user’s parent role.
Please note! AAM does not support multi-roles and takes in consideration the first user’s role while disregards all others. This is due to possible conflict in access settings. For example if Role A allows access to the post while Role B does not, there is no really good way to determine if user should have access to the post or not.
WordPress does not support role hierarchy and list of roles are linear. With Role Hierarchy, you can create a complex tree of roles and AAM will take this hierarchy in consideration during the inheritance process.
Finally, if there are no settings found in all the steps above, then AAM checks for the global default settings but note that this step is available only with Plus Package extension.
It might be a bit confusing to see so many “default” settings, so it is good to explain the difference.
- Default settings on the user level. For example, you can restrict access to read all posts in the category “Science” for user John Smith and if necessary overwrite this rule for “Introduction to the Science” post that belongs to “Science” category;
- Default settings on the role level. For example, you can limit access to all CPT Houses for all users with the role Subscriber and display only a teaser message “You have to be a member of the group Manager to see all houses”;
- Global default settings. This feature has been introduced in AAM 3.9.5 release upon numerous requests and basically it allows you to define default access for everybody to any post, category or to all posts and categories. For example, you can restrict to edit all pages for everybody and overwrite this rule for Administrator role and John Smith who is the trusted Editor.
AAM has large variety of options that define how access to the post or category should be handled. You can find the complete list of all available options on the Posts & Pages tab. They all are well documented and some of them even have quick video tutorials.
It can be overwhelming to deal with so many different access options so please do not hesitate to contact us if you have any questions or something is not working as expected. We are more than happy to help you asap.
Last but not least, with AAM you can manage access to your media library. It will not only restrict access to protected media posts but also deny physical access to them. For more information about this please refer to the How to manage access to the WordPress media library article .