Rootstuff Block Permissions

Rootstuff Block Permissions is a lightweight block manager that lets you hide or disable Gutenberg blocks and block patterns per user role and per post type. Tick what you want hidden, save, and your clients only see the blocks they actually need. Unlike generic block managers, every rule is scoped by role and post type, so editors can have a different toolkit on Pages than on Posts, contributors can be locked down further, and administrators can be exempt entirely (or included for previewing the client experience). What it does

• Hide any registered block from the inserter — core, theme, plugin, ACF blocks, anything.
• Hide block patterns the same way.
• Optional per-role overrides (Editor, Author, Contributor, custom roles).
• Optional per-post-type overrides (Posts, Pages, custom post types).
• Combine both: e.g. "Editor on Page only" gets a different set than "Editor on Post".
• Disable the WordPress.org remote pattern directory.
• Disable WordPress core patterns entirely.

Why a separate plugin Most block-management plugins are global — they hide a block for everyone, everywhere. That breaks down the moment you have multiple client roles or different post types with different needs. Rootstuff Block Permissions lets you say "hide the Cover block for Authors on Pages, but keep it for Editors on Posts" without writing any code. Mental model The plugin is a denylist. An empty list means nothing is blocked. You tick what you want to hide. New blocks added to the site later are automatically allowed unless you come back and tick them. A default rule applies to everyone unless you create an override. Overrides are matched most-specific-first:

1. Exact role and exact post type
2. That role on any post type
3. Any role on that post type
4. The default rule
5. None of the above — no restrictions

Multi-role users get the least restrictive of their roles' resolved rules: a block is hidden only if every one of their roles' rules hides it. Administrators By default, administrators bypass all restrictions. There's an "Apply to administrators" toggle so you can preview the client experience without switching accounts. Privacy The plugin stores its configuration in a single WordPress option (rootstuff_bp_settings). It does not connect to any external service, send analytics, or store data about your users. Development Source code is available on GitHub: https://github.com/rootstuff/rootstuff-block-permissions The build/admin.js file is generated from the src/ directory using @wordpress/scripts. To rebuild from source:

1. Clone the repository.
2. Run npm install.
3. Run npm run build.

1. From your WordPress admin, go to Plugins > Add New.
2. Search for Rootstuff Block Permissions.
3. Click Install Now, then Activate.
4. Go to Settings > Rootstuff Block Permissions to configure.

Or upload manually:

1. Download the ZIP.
2. Upload the rootstuff-block-permissions folder to /wp-content/plugins/.
3. Activate Rootstuff Block Permissions through the Plugins menu in WordPress.
4. Go to Settings > Rootstuff Block Permissions to configure.

Activating without ticking anything has zero effect on the editor — the plugin only enforces a rule once you actually tick at least one block or pattern.

0.1.1

• Refreshed plugin metadata (tags, short description, intro copy) for clearer discovery in the WordPress.org directory. No functional changes.

0.1.0

• Initial release.