I had a feeling that this would happen.

I thought I had a great idea here, and while it works if the current user is an author or higher on both sites, if the user only exists on the current site you get the message above when attempting to insert an image into the post. Now, it can be solved just by granting the current user access to the ‘media site’, but then that would also allow them to create, edit, and delete all media that exists in the ‘media site’ library. That’s no good.

While searching through the WordPress Codex I came across the upload_files user capability which is required to do ANYTHING with the media library. I thought that I could create a new user role that only allowed the user to access the media library. Unfortunately, upload_files is an all-or-nothing deal. Either the user has full rights to the media library or none at all.

If only a more granular control was available for this purpose.

Do you have a solution?

UPDATE

It seems that I was a little off about the all-or-nothing nature of the upload_files user capability. The ability to delete items in the media library is handled by a different capability. That’s the good news.

Now to figure out how to bar regular users from uploading to the ‘media site’…