View only mode for admin user in Wordpress

Is there a way to create a user (role or capability) in Wordpress where all they can do is view all areas, but not able to create / change any setting anywhere?

Use case:
I often get 3rd party developers to investigate issues in our production environment, but do not want them to change anything - i.e. they just need to "see" everything, so they would need super admin like access in order to get to all the different areas of the system, but no ability to change / create / write anything to the DB, it's purely for investigative purposes only.

Access areas for this user:
- Wordpress (view only)
- Database (read only) ^
- Files (ready only) ^

^ these 2 I can solve, but need to find a solution for this type of user in Wordpress

Environments:
Having a dev access the Prod environment is not ideal, but it saves me from cloning Prod into a new environment each time as the issues come up again for the the dev to diagnose, and to just try & solve one problem each time - sounds like a lot of overhead. Open to any better ideas of how to handle this situation.


Thanks in advance :-)

1 answer

  • answered 2018-09-21 10:01 TeeJayEss

    You certainly can do this, yes.

    This is essentially all that happens with WordPress' standard Subscriber user type. Except what you'll want to do is set read__ capabilities but not edit__ or create__.

    For this, I normally use User Role Editor but there are other non-plugin based options found here