我们在用wordpress开发的时候有时候需要设置不同的用户组及权限,具体有哪些角色权限呢?随ytkah一起来看看吧。WordPress使用了角色的概念,旨在让站点所有者能够控制用户在站点中可以做什么和不能做什么。通过为每个用户分配特定的角色,站点所有者可以管理用户对诸如撰写和编辑文章、创建页面、创建类别、审核评论、管理插件、管理主题和管理其他用户等任务的访问。
wordpress角色权限详细列表
| Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
|---|---|---|---|---|---|---|
| create_sites | Y | |||||
| delete_sites | Y | |||||
| manage_network | Y | |||||
| manage_sites | Y | |||||
| manage_network_users | Y | |||||
| manage_network_plugins | Y | |||||
| manage_network_themes | Y | |||||
| manage_network_options | Y | |||||
| upload_plugins | Y | |||||
| upload_themes | Y | |||||
| upgrade_network | Y | |||||
| setup_network | Y | |||||
| Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
| activate_plugins | Y | Y (single site or enabled by network setting) | ||||
| create_users | Y | Y (single site) | ||||
| delete_plugins | Y | Y (single site) | ||||
| delete_themes | Y | Y (single site) | ||||
| delete_users | Y | Y (single site) | ||||
| edit_files | Y | Y (single site) | ||||
| edit_plugins | Y | Y (single site) | ||||
| edit_theme_options | Y | Y | ||||
| edit_themes | Y | Y (single site) | ||||
| edit_users | Y | Y (single site) | ||||
| export | Y | Y | ||||
| import | Y | Y | ||||
| Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
| install_plugins | Y | Y (single site) | ||||
| install_themes | Y | Y (single site) | ||||
| list_users | Y | Y | ||||
| manage_options | Y | Y | ||||
| promote_users | Y | Y | ||||
| remove_users | Y | Y | ||||
| switch_themes | Y | Y | ||||
| update_core | Y | Y (single site) | ||||
| update_plugins | Y | Y (single site) | ||||
| update_themes | Y | Y (single site) | ||||
| edit_dashboard | Y | Y | ||||
| customize | Y | Y | ||||
| delete_site | Y | Y | ||||
| Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
| moderate_comments | Y | Y | Y | |||
| manage_categories | Y | Y | Y | |||
| manage_links | Y | Y | Y | |||
| edit_others_posts | Y | Y | Y | |||
| edit_pages | Y | Y | Y | |||
| edit_others_pages | Y | Y | Y | |||
| edit_published_pages | Y | Y | Y | |||
| publish_pages | Y | Y | Y | |||
| delete_pages | Y | Y | Y | |||
| delete_others_pages | Y | Y | Y | |||
| delete_published_pages | Y | Y | Y | |||
| delete_others_posts | Y | Y | Y | |||
| delete_private_posts | Y | Y | Y | |||
| edit_private_posts | Y | Y | Y | |||
| read_private_posts | Y | Y | Y | |||
| delete_private_pages | Y | Y | Y | |||
| edit_private_pages | Y | Y | Y | |||
| read_private_pages | Y | Y | Y | |||
| unfiltered_html | Y | Y (single site) | Y (single site) | |||
| unfiltered_html | Y | Y | Y | |||
| Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
| edit_published_posts | Y | Y | Y | Y | ||
| upload_files | Y | Y | Y | Y | ||
| publish_posts | Y | Y | Y | Y | ||
| delete_published_posts | Y | Y | Y | Y | ||
| edit_posts | Y | Y | Y | Y | Y | |
| delete_posts | Y | Y | Y | Y | Y | |
| Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
| read | Y | Y | Y | Y | Y | Y |
各权限拥有的能力
Capabilities #Capabilities
switch_themes #switch_themes
Since 2.0
Allows access to Administration Screens options:
Appearance
Appearance > Themes
edit_themes #edit_themes
Since 2.0
Allows access to Appearance > Theme Editor to edit theme files.
edit_theme_options #edit_theme_options
Since 3.0
Allows access to Administration Screens options:
Appearance > Widgets
Appearance > Menus
Appearance > Customize if they are supported by the current theme
Appearance > Header
install_themes #install_themes
Since 2.8
Allows access to Administration Screens options:
Appearance > Add New Themes
activate_plugins #activate_plugins
Since 2.0
Allows access to Administration Screens options:
Plugins
edit_plugins #edit_plugins
Since 2.0
Allows access to Administration Screens options:
Plugins > Plugin Editor
install_plugins #install_plugins
Since 2.7
Allows access to Administration Screens options:
Plugins > Add New
edit_users #edit_users
Since 2.0
Allows access to Administration Screens options:
Users
edit_files #edit_files
Since 2.0
Note: No longer used.
manage_options #manage_options
Since 2.0
Allows access to Administration Screens options:
Settings > General
Settings > Writing
Settings > Reading
Settings > Discussion
Settings > Permalinks
Settings > Miscellaneous
moderate_comments #moderate_comments
Since 2.0
Allows users to moderate comments from the Comments Screen (although a user needs the edit_posts Capability in order to access this)
manage_categories #manage_categories
Since 2.0
Allows access to Administration Screens options:
Posts > Categories
Links > Categories
manage_links #manage_links
Since 2.0
Allows access to Administration Screens options:
Links
Links > Add New
upload_files #upload_files
Since 2.0
Allows access to Administration Screens options:
Media
Media > Add New
import #import
Since 2.0
Allows access to Administration Screens options:
Tools > Import
Tools > Export
unfiltered_html #unfiltered_html
Since 2.0
Allows user to post HTML markup or even JavaScript code in pages, posts, comments and widgets.
Note: Enabling this option for untrusted users may result in their posting malicious or poorly formatted code.
Note: In WordPress Multisite, only Super Admins have the unfiltered_html capability.
edit_posts #edit_posts
Since 2.0
Allows access to Administration Screens options:
Posts
Posts > Add New
Comments
Comments > Awaiting Moderation
edit_others_posts #edit_others_posts
Since 2.0
Allows access to Administration Screens options:
Manage > Comments (Lets user delete and edit every comment, see edit_posts above)
user can edit other users’ posts through function get_others_drafts()
user can see other users’ images in inline-uploading [no? see inline-uploading.php]
See Exceptions
edit_published_posts #edit_published_posts
Since 2.0
User can edit their published posts. This capability is off by default.
The core checks the capability edit_posts, but on demand this check is changed to edit_published_posts.
If you don’t want a user to be able to edit their published posts, remove this capability.
publish_posts #publish_posts
Since 2.0
See and use the “publish” button when editing their post (otherwise they can only save drafts)
Can use XML-RPC to publish (otherwise they get a “Sorry, you can not post on this weblog or category.”)
edit_pages #edit_pages
Since 2.0
Allows access to Administration Screens options:
Pages
Pages > Add New
read #read
Since 2.0
Allows access to Administration Screens options:
Dashboard
Users > Your Profile
Used nowhere in the core code except the menu.php
publish_pages #publish_pages
Since 2.1
edit_others_pages #edit_others_pages
Since 2.1
edit_published_pages #edit_published_pages
Since 2.1
delete_pages #delete_pages
Since 2.1
delete_others_pages #delete_others_pages
Since 2.1
delete_published_pages #delete_published_pages
Since 2.1
delete_posts #delete_posts
Since 2.1
delete_others_posts #delete_others_posts
Since 2.1
delete_published_posts #delete_published_posts
Since 2.1
delete_private_posts #delete_private_posts
Since 2.1
edit_private_posts #edit_private_posts
Since 2.1
read_private_posts #read_private_posts
Since 2.1
delete_private_pages #delete_private_pages
Since 2.1
edit_private_pages #edit_private_pages
Since 2.1
read_private_pages #read_private_pages
Since 2.1
delete_users #delete_users
Since 2.1
create_users #create_users
Since 2.1
Allows creating new users.
Without other capabilities, created users will have your blog’s New User Default Role.
unfiltered_upload #unfiltered_upload
Since 2.3
edit_dashboard #edit_dashboard
Since 2.5
customize #customize
Since 4.0
Allows access to the Customizer.
delete_site #delete_site
Since 4.0
Allows the user to delete the current site (Multisite only).
update_plugins #update_plugins
Since 2.6
delete_plugins #delete_plugins
Since 2.6
update_themes #update_themes
Since 2.7
update_core #update_core
Since 3.0
list_users #list_users
Since 3.0
Allows access to Administration Screens options:
Users
remove_users #remove_users
Since 3.0
add_users #add_users
Since 3.0
Replaced in 4.4 with promote_users
promote_users #promote_users
Since 3.0
Enables the “Change role to…” dropdown in the admin user list.
This does not depend on ‘edit_users‘ capability.
Enables the ‘Add Existing User’ to function for multi-site installs.
delete_themes #delete_themes
Since 3.0
export #export
Since 3.0
edit_comment #edit_comment
Since 3.1
create_sites #create_sites
Since 3.1
Multi-site only
Allows user to create sites on the network
delete_sites #delete_sites
Since 3.1
Multi-site only
Allows user to delete sites on the network
manage_network #manage_network
Since 3.0
Multi-site only
Allows access to Super Admin menu
Allows user to upgrade network
manage_sites #manage_sites
Since 3.0
Multi-site only
Allows access to Network Sites menu
Allows user to add, edit, delete, archive, unarchive, activate, deactivate, spam and unspam new site/blog in the network
manage_network_users #manage_network_users
Since 3.0
Multi-site only
Allows access to Network Users menu
manage_network_themes #manage_network_themes
Since 3.0
Multi-site only
Allows access to Network Themes menu
manage_network_options #manage_network_options
Since 3.0
Multi-site only
Allows access to Network Options menu
manage_network_plugins #manage_network_plugins
Multi-site only
Allows access to Network Plugins menu
upload_plugins #upload_plugins
Since 4.0
Multi-site only
Allows user to upload plugin ZIP files from the Network Plugins -> Add New menu
upload_themes #upload_themes
Since 4.0
Multi-site only
Allows user to upload theme ZIP files from the Network Themes -> Add New menu
upgrade_network #upgrade_network
Since 4.8
Multi-site only
is used to determine whether a user can access the Network Upgrade page in the network admin. Related to this, the capability is also checked to determine whether to show the notice that a network upgrade is required. The capability is not mapped, so it is only granted to network administrators. See #39205 for background discussion.
setup_network #setup_network
Since 4.8
Multi-site only
is used to determine whether a user can setup multisite, i.e. access the Network Setup page. Before setting up a multisite, the capability is mapped to the `manage_options` capability, so that it is granted to administrators. Once multisite is setup, it is mapped to `manage_network_options`, so that it is granted to network administrators. See #39206 for background discussion.
参考资料:https://wordpress.org/support/article/roles-and-capabilities/