wordpress角色权限汇总

我们在用wordpress开发的时候有时候需要设置不同的用户组及权限，具体有哪些角色权限呢？随ytkah一起来看看吧。WordPress使用了角色的概念，旨在让站点所有者能够控制用户在站点中可以做什么和不能做什么。通过为每个用户分配特定的角色，站点所有者可以管理用户对诸如撰写和编辑文章、创建页面、创建类别、审核评论、管理插件、管理主题和管理其他用户等任务的访问。

wordpress角色权限详细列表

Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
create_sites	Y
delete_sites	Y
manage_network	Y
manage_sites	Y
manage_network_users	Y
manage_network_plugins	Y
manage_network_themes	Y
manage_network_options	Y
upload_plugins	Y
upload_themes	Y
upgrade_network	Y
setup_network	Y
Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
activate_plugins	Y	Y (single site or enabled by network setting)
create_users	Y	Y (single site)
delete_plugins	Y	Y (single site)
delete_themes	Y	Y (single site)
delete_users	Y	Y (single site)
edit_files	Y	Y (single site)
edit_plugins	Y	Y (single site)
edit_theme_options	Y	Y
edit_themes	Y	Y (single site)
edit_users	Y	Y (single site)
export	Y	Y
import	Y	Y
Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
install_plugins	Y	Y (single site)
install_themes	Y	Y (single site)
list_users	Y	Y
manage_options	Y	Y
promote_users	Y	Y
remove_users	Y	Y
switch_themes	Y	Y
update_core	Y	Y (single site)
update_plugins	Y	Y (single site)
update_themes	Y	Y (single site)
edit_dashboard	Y	Y
customize	Y	Y
delete_site	Y	Y
Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
moderate_comments	Y	Y	Y
manage_categories	Y	Y	Y
manage_links	Y	Y	Y
edit_others_posts	Y	Y	Y
edit_pages	Y	Y	Y
edit_others_pages	Y	Y	Y
edit_published_pages	Y	Y	Y
publish_pages	Y	Y	Y
delete_pages	Y	Y	Y
delete_others_pages	Y	Y	Y
delete_published_pages	Y	Y	Y
delete_others_posts	Y	Y	Y
delete_private_posts	Y	Y	Y
edit_private_posts	Y	Y	Y
read_private_posts	Y	Y	Y
delete_private_pages	Y	Y	Y
edit_private_pages	Y	Y	Y
read_private_pages	Y	Y	Y
unfiltered_html	Y	Y (single site)	Y (single site)
unfiltered_html	Y	Y	Y
Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
edit_published_posts	Y	Y	Y	Y
upload_files	Y	Y	Y	Y
publish_posts	Y	Y	Y	Y
delete_published_posts	Y	Y	Y	Y
edit_posts	Y	Y	Y	Y	Y
delete_posts	Y	Y	Y	Y	Y
Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
read	Y	Y	Y	Y	Y	Y

各权限拥有的能力

Capabilities #Capabilities

switch_themes #switch_themes
Since 2.0
Allows access to Administration Screens options:
Appearance
Appearance > Themes

edit_themes #edit_themes
Since 2.0
Allows access to Appearance > Theme Editor to edit theme files.

edit_theme_options #edit_theme_options
Since 3.0
Allows access to Administration Screens options:
Appearance > Widgets
Appearance > Menus
Appearance > Customize if they are supported by the current theme
Appearance > Header

install_themes #install_themes
Since 2.8
Allows access to Administration Screens options:
Appearance > Add New Themes

activate_plugins #activate_plugins
Since 2.0
Allows access to Administration Screens options:
Plugins

edit_plugins #edit_plugins
Since 2.0
Allows access to Administration Screens options:
Plugins > Plugin Editor

install_plugins #install_plugins
Since 2.7
Allows access to Administration Screens options:
Plugins > Add New

edit_users #edit_users
Since 2.0
Allows access to Administration Screens options:
Users

edit_files #edit_files
Since 2.0
Note: No longer used.

manage_options #manage_options
Since 2.0
Allows access to Administration Screens options:
Settings > General
Settings > Writing
Settings > Reading
Settings > Discussion
Settings > Permalinks
Settings > Miscellaneous

moderate_comments #moderate_comments
Since 2.0
Allows users to moderate comments from the Comments Screen (although a user needs the edit_posts Capability in order to access this)

manage_categories #manage_categories
Since 2.0
Allows access to Administration Screens options:
Posts > Categories
Links > Categories

manage_links #manage_links
Since 2.0
Allows access to Administration Screens options:
Links
Links > Add New

upload_files #upload_files
Since 2.0
Allows access to Administration Screens options:
Media
Media > Add New

import #import
Since 2.0
Allows access to Administration Screens options:
Tools > Import
Tools > Export

unfiltered_html #unfiltered_html
Since 2.0
Allows user to post HTML markup or even JavaScript code in pages, posts, comments and widgets.
Note: Enabling this option for untrusted users may result in their posting malicious or poorly formatted code.
Note: In WordPress Multisite, only Super Admins have the unfiltered_html capability.

edit_posts #edit_posts
Since 2.0
Allows access to Administration Screens options:
Posts
Posts > Add New
Comments
Comments > Awaiting Moderation

edit_others_posts #edit_others_posts
Since 2.0
Allows access to Administration Screens options:
Manage > Comments (Lets user delete and edit every comment, see edit_posts above)
user can edit other users’ posts through function get_others_drafts()
user can see other users’ images in inline-uploading [no? see inline-uploading.php]
See Exceptions

edit_published_posts #edit_published_posts
Since 2.0
User can edit their published posts. This capability is off by default.
The core checks the capability edit_posts, but on demand this check is changed to edit_published_posts.
If you don’t want a user to be able to edit their published posts, remove this capability.

publish_posts #publish_posts
Since 2.0
See and use the “publish” button when editing their post (otherwise they can only save drafts)
Can use XML-RPC to publish (otherwise they get a “Sorry, you can not post on this weblog or category.”)

edit_pages #edit_pages
Since 2.0
Allows access to Administration Screens options:
Pages
Pages > Add New

read #read
Since 2.0
Allows access to Administration Screens options:
Dashboard
Users > Your Profile
Used nowhere in the core code except the menu.php

publish_pages #publish_pages
Since 2.1

edit_others_pages #edit_others_pages
Since 2.1

edit_published_pages #edit_published_pages
Since 2.1

delete_pages #delete_pages
Since 2.1

delete_others_pages #delete_others_pages
Since 2.1

delete_published_pages #delete_published_pages
Since 2.1

delete_posts #delete_posts
Since 2.1

delete_others_posts #delete_others_posts
Since 2.1

delete_published_posts #delete_published_posts
Since 2.1

delete_private_posts #delete_private_posts
Since 2.1

edit_private_posts #edit_private_posts
Since 2.1

read_private_posts #read_private_posts
Since 2.1

delete_private_pages #delete_private_pages
Since 2.1

edit_private_pages #edit_private_pages
Since 2.1

read_private_pages #read_private_pages
Since 2.1

delete_users #delete_users
Since 2.1

create_users #create_users
Since 2.1
Allows creating new users.
Without other capabilities, created users will have your blog’s New User Default Role.

unfiltered_upload #unfiltered_upload
Since 2.3

edit_dashboard #edit_dashboard
Since 2.5

customize #customize
Since 4.0
Allows access to the Customizer.

delete_site #delete_site
Since 4.0
Allows the user to delete the current site (Multisite only).

update_plugins #update_plugins
Since 2.6

delete_plugins #delete_plugins
Since 2.6

update_themes #update_themes
Since 2.7

update_core #update_core
Since 3.0

list_users #list_users
Since 3.0
Allows access to Administration Screens options:
Users

remove_users #remove_users
Since 3.0

add_users #add_users
Since 3.0
Replaced in 4.4 with promote_users

promote_users #promote_users
Since 3.0
Enables the “Change role to…” dropdown in the admin user list.
This does not depend on ‘edit_users‘ capability.
Enables the ‘Add Existing User’ to function for multi-site installs.

delete_themes #delete_themes
Since 3.0

export #export
Since 3.0

edit_comment #edit_comment
Since 3.1

create_sites #create_sites
Since 3.1
Multi-site only
Allows user to create sites on the network

delete_sites #delete_sites
Since 3.1
Multi-site only
Allows user to delete sites on the network

manage_network #manage_network
Since 3.0
Multi-site only
Allows access to Super Admin menu
Allows user to upgrade network

manage_sites #manage_sites
Since 3.0
Multi-site only
Allows access to Network Sites menu
Allows user to add, edit, delete, archive, unarchive, activate, deactivate, spam and unspam new site/blog in the network

manage_network_users #manage_network_users
Since 3.0
Multi-site only
Allows access to Network Users menu

manage_network_themes #manage_network_themes
Since 3.0
Multi-site only
Allows access to Network Themes menu

manage_network_options #manage_network_options
Since 3.0
Multi-site only
Allows access to Network Options menu

manage_network_plugins #manage_network_plugins
Multi-site only
Allows access to Network Plugins menu

upload_plugins #upload_plugins
Since 4.0
Multi-site only
Allows user to upload plugin ZIP files from the Network Plugins -> Add New menu

upload_themes #upload_themes
Since 4.0
Multi-site only
Allows user to upload theme ZIP files from the Network Themes -> Add New menu

upgrade_network #upgrade_network
Since 4.8
Multi-site only
is used to determine whether a user can access the Network Upgrade page in the network admin. Related to this, the capability is also checked to determine whether to show the notice that a network upgrade is required. The capability is not mapped, so it is only granted to network administrators. See #39205 for background discussion.

setup_network #setup_network
Since 4.8
Multi-site only
is used to determine whether a user can setup multisite, i.e. access the Network Setup page. Before setting up a multisite, the capability is mapped to the `manage_options` capability, so that it is granted to administrators. Once multisite is setup, it is mapped to `manage_network_options`, so that it is granted to network administrators. See #39206 for background discussion.

参考资料：https://wordpress.org/support/article/roles-and-capabilities/