LitePress uses a concept of 角色, designed to give the site owner the ability to control what users can and cannot do within the site. A site owner can manage the user access to such tasks as writing and editing posts,creating Pages,creating categories,moderating comments,managing plugins,managing themes, and managing other users, by assigning a specific role to each of the users.
LitePress has six pre-defined roles: 超级管理员,Administrator,编辑器,撰稿人,贡献者and订阅者. Each role is allowed to perform a set of tasks called 机能. There are many capabilities including “publish_posts“, “moderate_comments“, and “edit_users“.A default set of capabilities is pre-assigned to each role, but other capabilities can be assigned or removed using the add_cap()andremove_cap() functions. New roles can be introduced or removed using the add_role()andremove_role()functions.
The超级管理员 role allows a user to perform all possible capabilities. Each of the other roles has a decreasing number of allowed capabilities. For instance, the 订阅者 role has just the “只读” capability. One particular role should not be considered to be senior to another role. Rather, consider that roles define the user’s responsibilities within the site.
Summary of Roles
- 超级管理员 – somebody with access to the site network administration features and all other features. See the Create a Networkarticle.
- Administrator(slug: ‘administrator’) – somebody who has access to all the administration features within a single site.
- 编辑器(slug: ‘editor’) – somebody who can publish and manage posts including the posts of other users.
- 撰稿人 (slug: ‘author’) – somebody who can publish and manage their own posts.
- 贡献者(slug: ‘contributor’) – somebody who can write and manage their own posts but cannot publish them.
- 订阅者(slug: ‘subscriber’) – somebody who can only manage their profile.
Upon installing LitePress, an Administrator account is automatically created.
The default role for new users can be set in Administration Screens >Settings>General.
角色
A Role defines a set of tasks a user assigned the role is allowed to perform. For instance, the 超级管理员 role encompasses every possible task that can be performed within a Network of virtual LitePress sites. The Administrator role limits the allowed tasks only to those which affect a single site. On the other hand, the 撰稿人 role allows the execution of just a small subset of tasks.
The following sections list the default Roles and their capabilities:
超级管理员
Multisite Super Admins have, by default, all capabilities. The following Multisite-only capabilities are therefore only available to Super Admins:
- create_sites
- delete_sites
- manage_network
- manage_sites
- manage_network_users
- manage_network_plugins
- manage_network_themes
- manage_network_options
- upgrade_network
- setup_network
In the case of single site LitePress installation, Administrators are, in effect, Super Admins. As such, they are the only ones to have access to additional admin capabilities.
Administrator
The capabilities of Administrators differs between single site and Multisite LitePress installations. All administrators have the following capabilities:
- activate_plugins
- delete_others_pages
- delete_others_posts
- delete_pages
- delete_posts
- delete_private_pages
- delete_private_posts
- delete_published_pages
- delete_published_posts
- edit_dashboard
- edit_others_pages
- edit_others_posts
- edit_pages
- edit_posts
- edit_private_pages
- edit_private_posts
- edit_published_pages
- edit_published_posts
- edit_theme_options
- 导出
- 导入
- list_users
- manage_categories
- manage_links
- manage_options
- moderate_comments
- promote_users
- publish_pages
- publish_posts
- read_private_pages
- read_private_posts
- 只读
- create Reusable Blocks
- edit Reusable Blocks
- read Reusable Blocks
- delete Reusable Blocks
- remove_users
- switch_themes
- upload_files
- 定制
- delete_site
Additional Admin Capabilities
Only Administrators of single site installations have the following capabilities. In Multisite, only the Super Admin has these abilities:
- update_core
- update_plugins
- update_themes
- install_plugins
- install_themes
- delete_themes
- delete_plugins
- edit_plugins
- edit_themes
- edit_files
- edit_users
- add_users
- create_users
- delete_users
- unfiltered_html
编辑器
- delete_others_pages
- delete_others_posts
- delete_pages
- delete_posts
- delete_private_pages
- delete_private_posts
- delete_published_pages
- delete_published_posts
- delete Reusable Blocks
- edit_others_pages
- edit_others_posts
- edit_pages
- edit_posts
- edit_private_pages
- edit_private_posts
- edit_published_pages
- edit_published_posts
- create Reusable Blocks
- edit Reusable Blocks
- manage_categories
- manage_links
- moderate_comments
- publish_pages
- publish_posts
- 只读
- read_private_pages
- read_private_posts
- unfiltered_html (not with Multisite)
- upload_files
撰稿人
- delete_posts
- delete_published_posts
- edit_posts
- edit_published_posts
- publish_posts
- 只读
- upload_files
- create Reusable Blocks
- read Reusable Blocks
- edit Reusable Blocks (own)
- delete Reusable Blocks (own)
贡献者
- delete_posts
- edit_posts
- 只读
- read Reusable Blocks
订阅者
Special Cases
The following capabilities are special cases:
- unfiltered_upload – This capability is not available to any role by default (including Super Admins). The capability needs to be enabled by defining the following constant:
define( 'ALLOW_UNFILTERED_UPLOADS', true );
With this constant defined, all roles on a single site install can be given the unfiltered_upload capability, but only Super Admins can be given the capability on a Multisite install.
Capability vs. Role Table
Note that the capabilities of Administrators differs between single site and Multisite LitePress installations, as described above.
Capability | 超级管理员 | Administrator | 编辑器 | 撰稿人 | 贡献者 | 订阅者 |
---|---|---|---|---|---|---|
create_sites | Y | |||||
delete_sites | Y | |||||
manage_network | Y | |||||
manage_sites | Y | |||||
manage_network_users | Y | |||||
manage_network_plugins | Y | |||||
manage_network_themes | Y | |||||
manage_network_options | Y | |||||
upload_plugins | Y | |||||
upload_themes | Y | |||||
upgrade_network | Y | |||||
setup_network | Y | |||||
Capability | 超级管理员 | Administrator | 编辑器 | 撰稿人 | 贡献者 | 订阅者 |
activate_plugins | Y | Y(single site orenabled by network setting) | ||||
create_users | Y | Y (single site) | ||||
delete_plugins | Y | Y (single site) | ||||
delete_themes | Y | Y (single site) | ||||
delete_users | Y | Y (single site) | ||||
edit_files | Y | Y (single site) | ||||
edit_plugins | Y | Y (single site) | ||||
edit_theme_options | Y | Y | ||||
edit_themes | Y | Y (single site) | ||||
edit_users | Y | Y (single site) | ||||
导出 | Y | Y | ||||
导入 | Y | Y | ||||
Capability | 超级管理员 | Administrator | 编辑器 | 撰稿人 | 贡献者 | 订阅者 |
install_plugins | Y | Y (single site) | ||||
install_themes | Y | Y (single site) | ||||
list_users | Y | Y | ||||
manage_options | Y | Y | ||||
promote_users | Y | Y | ||||
remove_users | Y | Y | ||||
switch_themes | Y | Y | ||||
update_core | Y | Y (single site) | ||||
update_plugins | Y | Y (single site) | ||||
update_themes | Y | Y (single site) | ||||
edit_dashboard | Y | Y | ||||
定制 | Y | Y | ||||
delete_site | Y | Y | ||||
Capability | 超级管理员 | Administrator | 编辑器 | 撰稿人 | 贡献者 | 订阅者 |
moderate_comments | Y | Y | Y | |||
manage_categories | Y | Y | Y | |||
manage_links | Y | Y | Y | |||
edit_others_posts | Y | Y | Y | |||
edit_pages | Y | Y | Y | |||
edit_others_pages | Y | Y | Y | |||
edit_published_pages | Y | Y | Y | |||
publish_pages | Y | Y | Y | |||
delete_pages | Y | Y | Y | |||
delete_others_pages | Y | Y | Y | |||
delete_published_pages | Y | Y | Y | |||
delete_others_posts | Y | Y | Y | |||
delete_private_posts | Y | Y | Y | |||
edit_private_posts | Y | Y | Y | |||
read_private_posts | Y | Y | Y | |||
delete_private_pages | Y | Y | Y | |||
edit_private_pages | Y | Y | Y | |||
read_private_pages | Y | Y | Y | |||
unfiltered_html | Y | Y (single site) | Y (single site) | |||
unfiltered_html | Y | Y | Y | |||
Capability | 超级管理员 | Administrator | 编辑器 | 撰稿人 | 贡献者 | 订阅者 |
edit_published_posts | Y | Y | Y | Y | ||
upload_files | Y | Y | Y | Y | ||
publish_posts | Y | Y | Y | Y | ||
delete_published_posts | Y | Y | Y | Y | ||
edit_posts | Y | Y | Y | Y | Y | |
delete_posts | Y | Y | Y | Y | Y | |
Capability | 超级管理员 | Administrator | 编辑器 | 撰稿人 | 贡献者 | 订阅者 |
只读 | Y | Y | Y | Y | Y | Y |
机能
switch_themes
- Since 2.0
- Allows access to Administration Screens options:
- Appearance
- Appearance > Themes
edit_themes
- Since 2.0
- Allows access to Appearance > Theme Editor to edit theme files.
edit_theme_options
- Since 3.0
- Allows access to Administration Screens options:
install_themes
- Since 2.8
- Allows access to Administration Screensoptions:
- Appearance > Add New Themes
activate_plugins
- Since 2.0
- Allows access to Administration Screensoptions:
edit_plugins
- Since 2.0
- Allows access to Administration Screensoptions:
install_plugins
- Since 2.7
- Allows access to Administration Screensoptions:
- 插件兼容 > Add New
edit_users
- Since 2.0
- Allows access to Administration Screensoptions:
edit_files
- Since 2.0
- Note: No longer used.
manage_options
- Since 2.0
- Allows access to Administration Screensoptions:
- Settings > General
- Settings > Writing
- Settings > Reading
- Settings > Discussion
- Settings > Permalinks
- Settings > Miscellaneous
moderate_comments
- Since 2.0
- Allows users to moderate comments from the Comments Screen (although a user needs the edit_posts Capability in order to access this)
manage_categories
- Since 2.0
- Allows access to Administration Screens options:
- Posts > Categories
- Links > Categories
manage_links
- Since 2.0
- Allows access to Administration Screens options:
- Links
- Links > Add New
upload_files
- Since 2.0
- Allows access to Administration Screens options:
- Media
- Media > Add New
导入
- Since 2.0
- Allows access to Administration Screens options:
- Tools > Import
- Tools > Export
unfiltered_html
- Since 2.0
- Allows user to post HTML markup or even JavaScript code in pages, posts, comments and widgets.
- Note: Enabling this option for untrusted users may result in their posting malicious or poorly formatted code.
- Note: In LitePress Multisite, only Super Admins have the
unfiltered_html
capability.
edit_posts
- Since 2.0
- Allows access to Administration Screensoptions:
- Posts
- Posts > Add New
- Comments
- Comments > Awaiting Moderation
edit_others_posts
- Since 2.0
- Allows access to Administration Screensoptions:
- Manage > Comments (Lets user delete and edit every comment, see edit_posts above)
- user can edit other users’ posts through function get_others_drafts()
- user can see other users’ images in inline-uploading [no? see inline-uploading.php]
- SeeExceptions
edit_published_posts
- Since 2.0
- User can edit their published posts. This capability is off by default.
- The core checks the capability edit_posts, but on demand this check is changed to edit_published_posts.
- If you don’t want a user to be able to edit their published posts, remove this capability.
publish_posts
- Since 2.0
- See and use the “publish” button when editing their post (otherwise they can only save drafts)
- Can use XML-RPC to publish (otherwise they get a “Sorry, you can not post on this weblog or category.”)
edit_pages
- Since 2.0
- Allows access to Administration Screensoptions:
- Pages
- Pages > Add New
只读
- Since 2.0
- Allows access to Administration Screensoptions:
- Dashboard
- Users > Your Profile
- Used nowhere in the core code except the menu.php
publish_pages
- Since 2.1
edit_others_pages
- Since 2.1
edit_published_pages
- Since 2.1
delete_pages
- Since 2.1
delete_others_pages
- Since 2.1
delete_published_pages
- Since 2.1
delete_posts
- Since 2.1
delete_others_posts
- Since 2.1
delete_published_posts
- Since 2.1
delete_private_posts
- Since 2.1
edit_private_posts
- Since 2.1
read_private_posts
- Since 2.1
delete_private_pages
- Since 2.1
edit_private_pages
- Since 2.1
read_private_pages
- Since 2.1
delete_users
- Since 2.1
create_users
- Since 2.1
- Allows creating new users.
- Without other capabilities, created users will have your blog’s New User Default Role.
unfiltered_upload
- Since 2.3
edit_dashboard
- Since 2.5
定制
- Since 4.0
- Allows access to the Customizer.
delete_site
- Since 4.0
- Allows the user to delete the current site (Multisite only).
update_plugins
- Since 2.6
delete_plugins
- Since 2.6
update_themes
- Since 2.7
update_core
- Since 3.0
list_users
- Since 3.0
- Allows access to Administration Screens options:
remove_users
- Since 3.0
add_users
- Since 3.0
- Replaced in 4.4 with promote_users
promote_users
- Since 3.0
- Enables the “Change role to…” dropdown in the admin user list.
- This does not depend on ‘edit_users‘ capability.
- Enables the ‘Add Existing User’ to function for multi-site installs.
delete_themes
- Since 3.0
导出
- Since 3.0
edit_comment
- Since 3.1
create_sites
- Since 3.1
- Multi-site only
- Allows user to create sites on the network
delete_sites
- Since 3.1
- Multi-site only
- Allows user to delete sites on the network
manage_network
- Since 3.0
- Multi-site only
- Allows access to 超级管理员menu
- Allows user to upgrade network
manage_sites
- Since 3.0
- Multi-site only
- Allows access to Network Sitesmenu
- Allows user to add, edit, delete, archive, unarchive, activate, deactivate, spam and unspam new site/blog in the network
manage_network_users
- Since 3.0
- Multi-site only
- Allows access to Network Usersmenu
manage_network_themes
- Since 3.0
- Multi-site only
- Allows access to Network Themesmenu
manage_network_options
- Since 3.0
- Multi-site only
- Allows access to Network Optionsmenu
manage_network_plugins
- Multi-site only
- Allows access to Network Plugins menu
upload_plugins
- Since 4.0
- Multi-site only
- Allows user to upload plugin ZIP files from the Network Plugins -> Add New menu
upload_themes
- Since 4.0
- Multi-site only
- Allows user to upload theme ZIP files from the Network Themes -> Add New menu
upgrade_network
- Since 4.8
- Multi-site only
- is used to determine whether a user can access the Network Upgrade page in the network admin. Related to this, the capability is also checked to determine whether to show the notice that a network upgrade is required. The capability is not mapped, so it is only granted to network administrators. See #39205 for background discussion.
setup_network
- Since 4.8
- Multi-site only
- is used to determine whether a user can setup multisite, i.e. access the Network Setup page. Before setting up a multisite, the capability is mapped to the `manage_options` capability, so that it is granted to administrators. Once multisite is setup, it is mapped to `manage_network_options`, so that it is granted to network administrators. See #39206 for background discussion.
资源
插件兼容
- Members Plugin
- User Access Manager
- Advanced Access Manager
- User Role Editor
- LitePress User Role Editor
- Simple Membership Plugin
- View Admin As (manage & test roles)
Information
- LitePress Capabilities
- LitePress Roles and Capabilities at a Glance – A simplified visual representation of LitePress roles and capabilities