Why do we need roles?

Imagine that you and a friend of yours are managing a website. Maybe you are a successful web designer whereas your friend has no idea about CSS but is a committed writer. Therefor, you have decided to share the work. In the future, you will be doing the design and administration of the website and your friend will be writing articles. This is a basic principle of any CMS by the way - separation of content and design.

Now, as both of you have to have access to the back end, your friend would still be able to edit the look of the website or to create new user accounts, although he is actually not responsible for design or administration. Therefor, you want to disable these functions for his account. At this point, you have created a role (although it exists in your mind only) that you could name "editor" or "author".

To learn how user permissions can be restricted, let's take a closer look at the roles of our example users.