WordPress 中文文档
Roles and Capabilities
From WordPress Chinese
The WordPress Roles feature is designed to give the blog owner the ability to control and assign what users can and cannot do in the blog. A blog owner must manage and allow access to such functions as writing and editing Posts, creating Pages, defining Links, creating Categories, moderating Comments, managing Plugins, managing Themes, and managing other users. The tool that gives the blog owner that control is the ability to assign a Role to a user; and, this article provides the details on those Roles.
WordPress Version 2.0
WordPress Version 2.0 introduces the concept of Roles. The WordPress distribution comes delivered 'standard' with five pre-defined Roles: Administrator, Editor, Author, Contributor, and Subscriber. Each Role is allowed to perform a set of tasks called Capabilities. There are thirty Capabilities including publish_posts, moderate_comments, and edit_users. The Capabilities are pre-assigned to each Role.
The Administrator Role is allowed to perform all possible Capabilities. Each of the other Roles has a decreasing number of allowed Capabilities. For instance, the Subscriber Role is allowed just the read and level_0 Capabilities. One particular Role should not be considered to be 'senior to' another Role. Rather, consider that Roles define the user's responsibilities within the blog.
Plugin developers will likely revise the 'standard' Roles and Capabilities because WordPress Developers left open the future possibility of assigning a user to one or more Roles, or assigning Capabilities directly to a User. Since Plugins might change Roles and Capabilities, just the 'standard' Roles and Capabilities are addressed in this article.
Super Powers for Blog Owner
The person with the most important Role is that of blog owner. Typically, the blog owner is the person responsibile for maintaining and backing up the WordPress MySQL database as well as managing the WordPress repository of files (programs, scripts, plugins, themes, images, uploads). Ultimately, the smooth operation of a blog depends on the blog owner fulfilling this 'ultimate role'. Note: The blog owner, in many cases, also acts the Role of Administrator but may choose to assign other users the Administrator Role.
Summary of Roles
- Administrator - Somebody who has access to all the administration features
- Editor - Somebody who can publish posts, manage posts as well as manage other people's posts, etc.
- Author - Somebody who can publish and manage their own posts
- Contributor - Somebody who can write and manage their posts but not publish posts
- Subscriber - Somebody who can read comments/comment/receive news letters, etc.
Roles
The identity a particular user assumes in a blog is called their Role. A Role essentially describes the set of tasks, called Capabilities, a person is allowed to perform. For instance, the role of Administrator encompasses every possible task that can be performed within a WordPress blog. On the other hand, the Author Role allows the execution of just a small sub-set of Capabilities.
Administrator
Role Name: Administrator
Capabilities:
- switch_themes
- edit_themes
- activate_plugins
- edit_plugins
- edit_users
- edit_files
- manage_options
- moderate_comments
- manage_categories
- manage_links
- upload_files
- import
- unfiltered_html
- edit_posts
- edit_others_posts
- edit_published_posts
- publish_posts
- edit_pages
- read
- level_10
- level_9
- level_8
- level_7
- level_6
- level_5
- level_4
- level_3
- level_2
- level_1
- level_0
Editor
Role Name: Editor
Capabilities:
Author
Role Name: Author
Capabilities:
Contributor
Role Name Contributor
Capabilities:
Subscriber
Role Name: Subscriber
Capabilities:
Capability vs. Role Table
| Capability | admin | editor | author | contributor | subscriber |
|---|---|---|---|---|---|
| switch_themes | |||||
| edit_themes | |||||
| activate_plugins | |||||
| edit_plugins | |||||
| edit_users | |||||
| edit_files | |||||
| manage_options | |||||
| import | |||||
| moderate_comments | |||||
| manage_categories | |||||
| manage_links | |||||
| unfiltered_html | |||||
| edit_published_posts | |||||
| edit_others_posts | |||||
| edit_pages | |||||
| upload_files | |||||
| publish_posts | |||||
| edit_posts | |||||
| read | |||||
| level_10 | |||||
| level_9 | |||||
| level_8 | |||||
| level_7 | |||||
| level_6 | |||||
| level_5 | |||||
| level_4 | |||||
| level_3 | |||||
| level_2 | |||||
| level_1 | |||||
| level_0 | |||||
Capabilities
switch_themes
Allows access to Administration Panel options:
- Presentation
- Presentation->Themes
edit_themes
Allows access to Administration Panel options:
- Presentation->Theme Editor
- Presentation->Current Theme Options
activate_plugins
Allows access to Administration Panel options:
- Plugins
- Plugins->Plugins
edit_plugins
Allows access to Administration Panel options:
- Plugins->Plugin Editor
edit_users
Allows access to Administration Panel options:
- Users
- Users->Authors & Users
edit_files
Allows access to Administration Panel options:
- Manage->Files
manage_options
Allows access to Administration Panel options:
- Options->General
- Options->Writing
- Options->Reading
- Options->Discussion
- Options->Permalinks
- Options->Miscellaneous
moderate_comments
Allows access to Administration Panel options:
- Question: This is blank. I guess the User can accept and deny (= delete) a comment in moderation. Can he also delete other comments? Tordans 17:56, 8 Apr 2006 (GMT)
manage_categories
Allows access to Administration Panel options:
- Manage->Categories
manage_links
Allows access to Administration Panel options:
- Links
- Links->Manage Links
- Links->Add Link
- Links->Link Categories
- Links->Import Links
upload_files
Allows access to Administration Panel options:
- Upload
import
Allows access to Administration Panel options:
- Import
unfiltered_html
Allows - if enabled - the user to post HTML markup or even Javascript code in posts, pages or comments.
Note: Enabling this option for non-privileged users may result in their posting malicious code to your blog.
edit_posts
Allows access to Administration Panel options:
- Write
- Manage
- Write->Write Post
- Manage->Posts
- Manage->Comments -- meaning: "show post"-link; "edit post"-, "edit comment"- and "delete comment"-links only on own posts since edit-comment.php looks for "current_user_can('edit_post', $comment->comment_post_ID)"'
- Manage->Awaiting Moderation -- I think contributor can only see the menuitem since the capability "moderate_comments" is needed to view the comment-list (see moderate.php). So you even cannot see your own posts comments in the moderation-list?!
edit_others_posts
- Manage->Comments -- you can delete and edit every comment now (see edit_posts above)
- you can see other users images in inline-uploading [can't you? see inline-uploading.php]
- gives you edit-access to others posts through function get_others_drafts()
edit_published_posts
If an own post is published you need this capability to edit this post. The core checks the capability edit_posts but on demand this ceck is changed to edit_published_posts.
If you don't want what a user can edit his published posts, remove this capability. (see also this comment on the Role Manager Plugin Homepage).
publish_posts
User can
- see and choose the radiobox "publish" when writing a post
- see and use the "publish"-button below their post (otherwise they can only save drafts)
- can use xmlrpc to publish (otherwise they get a "Sorry, you can not post on this weblog or category.")
edit_pages
Allows access to Administration Panel options:
- Write->Write Page -- gives acces to "page-new.php"
- Manage->Pages -- all users can view "/wp-admin/edit-pages.php" but only those here do see the link 'edit' and 'delete' in the table-list.
As far as I see all editors can edit each others' pages. [[[User:Scoop0901|Dave J. (Scoop0901)]] 16:38, 30 Jan 2007 (UTC) fixed typo]
read
Allows access to Administration Panel options:
- Dashboard
- Your Profile
Used nowhere in the core-code except the menu.php
level_10
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_9
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_8
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_7
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_6
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_5
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_4
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_3
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_2
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_1
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_0
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
User Level to Role Conversion
- User Level 0 converts to Subscriber Role
- User Level 1 converts to Contributor Role
- User Level 2 converts to Author Role
- User Level 3 converts to Author Role
- User Level 4 converts to Author Role
- User Level 5 converts to Editor Role
- User Level 6 converts to Editor Role
- User Level 7 converts to Editor Role
- User Level 8 converts to Administrator Role
- User Level 9 converts to Administrator Role
- User Level 10 converts to Administrator Role
Role to User Level Conversion
Subscriber Role
User Level 0
Contributor Role
User Level 1
Author Role
User Levels 2, 3, and 4
Editor Role
User Levels 5, 6, and 7
Administrator Role
User Level 8, 9, and 10
Resources
- Role Manager Plugin for WordPress (for WordPress version 2.0 and higher)
- Owen Winkler's Role Manager Plugin (for WordPress 2.0.x only)
- Ryan Boren's What's New in 2.0: Roles and Capabilities
- Owen Winkler's Permission Change Overview
- Hackers email list Original User Capability discussionTemplate:Copyedit
