WordPress has a mechanism of roles and opportunities, or, in other words, groups of users and their rights in order to control the behavior of users on the site, especially in the administrative part.
For example, "Administrators" is a group of users, and Switch_themes (the possibility of changing the topic of registration) already relates to the rights of this group.
As usual I will start from simple to complex.
1. Roll
In WordPress, by default, there are already 6 user groups:
- Super Admin is a superadeministrator who has the right to manage the network of sites.
- Administrator - administrator.
- Editor - editor, can publish and edit posts of other users.
- Author - author, can publish and edit your own posts.
- Contributor - participant, can write and send his posts for moderation.
- Subscriber is a subscriber, all that he can edit his profile.
Immediately after installing WordPress, an administrator is automatically created.
You can also set what role you need to assign just a registered user. This is configured in "Settings\u003e General."
You can change the user's role on the page of its profile or on the page with all users:
2. Opportunities
In the table to save space, I did not consider the role of the Superadeministrator and the subscriber. Superadmin is essentially the same administrator, only with the network management rights (WordPress Multisite). I'll write about it just below. But I will not write about subscribers, since everything is clear about them - it has only one possibility read.
| Opportunity | Admin. | Editor | Author | Contributor |
|---|---|---|---|---|
| Plugins | ||||
| Install_Plugins Installing new plugins | + | |||
| Update_Plugins Update plugins | + | |||
| ACTIVATE_PLUGINS Gives access to the plug-in page | + | |||
| edit_plugins Ability to edit plug-in files | + | |||
| Delete_Plugins Removing plugins | + | |||
| Topics | ||||
| install_themes installation of new topics | + | |||
| Switch_Themes Change Active Theme | + | |||
| edit_themes Editing the theme Files | + | |||
| edit_theme_options Changing the theme settings | + | |||
| Update_Themes Update The | + | |||
| delete_themes Removal Topics | + | |||
| WordPress Settings | ||||
| Update_core Move Update | + | |||
| Import / Export Ability to use import and export functions | + | |||
| Manage_Options Changing site settings | + | |||
| Edit_Dashboard Changes on the Console page | + | |||
| Users | ||||
| Create_users Creating new users | + | |||
| Edit_users Editing users | + | |||
| Delete_users Deleting users | + | |||
| List_users Access to the list of users | + | |||
| Promote_users Changing user roles | + | |||
| Remove_users Deleting users | + | |||
| Comments | ||||
| Moderate_Comments moderation comments | + | + | ||
| Rubric | ||||
| Manage_categories Changing headings | + | + | ||
| Pages | ||||
| Edit_pages Editing Pages | + | + | ||
| edit_others_pages Editing pages created by other editors | + | + | ||
| edit_published_pages Editing Published Pages | + | + | ||
| Publish_pages Publication of pages | + | + | ||
| Delete_Pages Delete pages | + | + | ||
| delete_hothers_pages Removing Pages of other users | + | + | ||
| delete_published_pages Deleting published pages | + | + | ||
| Delete_Private_Pages Deleting Personal Pages | + | + | ||
| edit_private_pages Editing Personal Pages | + | + | ||
| read_private_pages View Personal Pages | + | + | ||
| Entries | ||||
| edit_others_posts Editing other users | + | + | ||
| delete_others_posts Removing records of other users | + | + | ||
| delete_private_posts Removing posts marked as "personal" | + | + | ||
| edit_private_posts Editing Personal Posts | + | + | ||
| read_private_posts View Personal Posts | + | + | ||
| edit_published_posts Editing your own published entries | + | + | + | |
| publish_posts Publication of posts | + | + | + | |
| delete_published_posts Removing your own published records | + | + | + | |
| Edit_Posts Editing your own entries | + | + | + | + |
| Delete_Posts Deleting your own entries | + | + | + | + |
| Other | ||||
| UNFILTERED_HTML Ability to insert HTML and JavaScript in posts, pages, comments and widgets | + | + | + | + | + |
| Read View Site | + | + | + | + |
As promised, I will stop a little more details on Superadministors. Regular administrators have all the rights to manage their sites. Superministors can manage any site on the network, as well as the entire network as a whole.
They have several outdoor opportunities:
- manage_NETWORK gives access to the network console,
- manage_sites access to the network management page,
- manage_Network_users The ability to manage network users,
- manage_network_themes network topics management,
- manage_network_options access to network parameters;
3. Levels
Starting from the version of Wordpress 3.0, user levels are no longer used!
4. Functions for working with roles and user capabilities
add_role () - creating your own role
The function enters the data into the database, so it is best to use it only once, for example, when activating a plug-in or theme.
| / * * Suppose I will add this code to the plugin file and make it started when the plugin itself is activated * / register_activation_hook (__file__, "True_New_role_Plugin_ActiveIVATE" ); Function true_new_role_plugin_activate () ($ new_role \u003d add_role ("Comm_Moderator", // Title Role __ ("Comment Moderator"), // Displayed Role Title (Comment Moderator) Array ( // Array of opportunities, True - Allowed, False - Prohibited "Read" \u003d\u003e true, // Well, this is understandable "moderate_comments" \u003d\u003e True // Allow to moderate comments )); if (null! \u003d\u003d $ Result) ( // Watch the result // role successfully created ) ELSE ( // If NULL, then the role already exists } } |
remove_role () - Remove Roles
Also, like the Add_role (), the function changes the contents of the database - which means it is not necessary to just stupidly insert it in functions.php.
In the example, we delete the role created in the last chapter:
get_role () - getting information about the user group
If success, returns the WP_ROLE object (which consists mainly from the role of the role), in case of failure - NULL.
add_cap () and remove_cap () - Adding and removing features
Thanks to these features, you can add or delete rights to users of a specific role or even for users with defined ID.
These functions also change the contents of the database, so as an example we will hang them on activation / deactivation of the theme.
| function true_author_caps () (Global $ Pagenow; $ Role \u003d get_role ("Author"); // For example, take the role of the author // $ ROLE \u003d new WP_USER ($ user_id); So we can take a specific user if ("themes.php" \u003d\u003d $ pagenow && isset ($ _Get ["Activated"])) ( // If the topic has been activated $ role -\u003e add_cap ("edit_others_posts"); // Allow the authors to edit posts of other authors ) ELSE ( // if the topic is deactivated $ Role -\u003e Remove_cap ("edit_others_posts"); )) Add_action ("Load-themes.php", "true_author_caps"); // Hover the function on the Hook |
If you need help with your site or may even develop from scratch.
Today I will deal with such a question as the appointment of users of your site for the role of the author, editor or participant.
If you want to assign any of your users a non-standard role (by default, all registered users are assigned a role. "subscriber" which is specified in the settings of the management console of your site on the WordPress: "Parameters" — "General" — "The role of a new user" ), then it will help you in this wonderful, and most importantly - a Russified plugin for WordPress " ", or USER ROLE EDITOR. .
Setting the plugin - ""
To install the plugin first you need to download it. Make it by clicking on the link - http://downloads.wordpress.org/plugin/user-role-editor.zip.. The plugin is guaranteed clean from viruses and other "roughness" - this confirms the fact of its location on the site developers of the WordPress.
Installing the plugin "User role editor" is almost no different from the installation of other plugins.
To install the plugin, you need to log in to the management console of your site, and on the left in the control panel Find item — "Add new". Then choose "download":
Exterior View window of the settings of the plugin "User role editor"
You can see the settings of the plug-in by clicking from the management console to your site on Wordpress by selecting "" - " Installed". In the list of plugins we are looking for and click " installations «:
Learning below there is a couple more additional settings - adding a new feature, adding a new role and set the default role:
Settings of the plugin "User role editor"
In Vordpress there are several categories of users of the site:
- Administrator (Administrator) - can all, including delete users and change the rules;
- Editor - can edit the entire contents of the site and create new records;
- Author (Author) - can create new entries and edit them, but only their own;
- Participant (Contributor) - can create new entries and edit them, but they will not be published on the site until the editor or the administrator does;
- Subscriber (Subscriber) - nothing can only read, comment and receive notifications.
With this plugin, you can more widely change the rights of users entering any category. As well as add a new category of users or change the capabilities of categories. So consider the settings of the plugin:
- "Show features in readable form" - set a tick. Setup displays settings in Russian;
- "Show outdated permits" - you can put a tick, and you can not install. Sometimes such permissions can also be used. Basically, it is an indication of the levels to delimit the rights of user groups;
The remaining settings in principle are understandable and written in Russian. I think you will handle.
Algorithm for assigning rights for each category of users
Suppose for the "author" group you wish to assign new opportunities. To do this, go to the settings of the plugin, choose the group "Author" In the top drop-down menu "Choose a role". Then set the right groups of the Group and click the button just below the settings. "Save".
How to assign a particular user group to any user? How to assign a role to the user?
Now, after you installed and configured plugin , configured the rights for each group of users, you can assign the right role or additional features to a specific user.
To do this, go to the console of management of your site and select the item "Users" — "All users". From now on, near the login of all users, except the administrator, there is a link "Capabilities"which will allow you to attribute any user to any category of users (assign the role).
The rights of users on the site play a rather important role, especially if there is a whole range of people, starting from the editor and ending with the chief administrator. Each of them has its own obligations and access rights. It is clear that the site owner will more rationally issue each of them only the necessary powers. This is primarily necessary for the safety of the entire site, since each user will have access to only the functions you need (for example, the editor may edit records, and the administrator is to install plugins). Such a distinction can be achieved as standard WordPress tools and taking advantage of special plugins that expand these opportunities.
What are the roles of users in WordPress?
In detail to paint the default roles available in the "engine" will not, as it was done in one of the past. Recall only that in Wordpress there are 5 standard types of users:
- subscriber,
- participant,
- author,
- editor,
- administrator.
Why create new roles of users?
In principle, standard roles will be enough for a variety of purposes. But sometimes it is necessary to go beyond these 5 roles and create a more suitable for our own needs. For example, you need to finalize any plugin. In this case, it is advisable to open access to the programmer only for a specific plug-in, without letting it be able to install, edit or delete all others.
How to add a new user role in WordPress?
There are several ways to solve the problem. Consider the most popular of them.
Method 1. Plugin WPFront User Role Editor
The simplest for the user is to use the free WPFront User Role Editor plugin, which provides for this ample opportunity and understandable interface.
To create a new role, after installing and activating the plugin, go to the admin partition Roles -\u003e Add New.
First, you need to set the display name of the new role (field Display Name.) and its unique label ( Role Name.).
Further in the big block Capabilities., It should be noted the right rights for users of the role generated. It can be seen that they are conveniently divided according to the WordPress site structure. Briefly describe each section.
- Dashboard. - Access to the admin panel.
- Posts. - Management of records (reading, editing, deleting, publishing).
- Media. - Work with media files (download, editing, deletion, attachment to publications).
- Pages - Work with pages.
- Comments. - Comment Management (editing, moderation).
- Themes. - Work with WordPress-themes (Switching, Upgrading, editing files, deletion and installation).
- Plugins. - Management of plugins.
- Users. - Working with users and their roles (creating, deleting, editing rights, change their roles).
- Tools. - Import / export opportunity.
- Admin. - Administrative rights (access to site maintenance).
- Roles. - Managing custom roles.
- Other Capabilities. - Other rights not included in the above categories (for example, for individual plugins).
After all rights have been marked, you need to click Add New Role.After which you will be displayed a list of all registered on the roles.
You can edit the role created. To do this, you just need to bring the cursor and choose Edit..
Note that the plugin allows you to create an unlimited number of roles.
Method 2. Manual
There is another way to create a new user role. It provides for the use of special WordPress tools in programming language. Php..
Note that the entire subsequent code will be located in a special file. functions.php. Your active WordPress theme.
If you do not know how to edit functions.php.In this case, the PROFUNCTIONS plugin will help you.
As an example, we will create a role in which users will have rights:
- edit themes;
- add / delete plugins;
- install new versions of "engine".
To begin with, add the following code:
$ result \u003d add_role ("wpschool_custom_admin", __ ("WPSCHOOL Custom Admin"), array ());
Here variable $ Result will contain an array with all rights. add_role () - Special WordPress feature, with which a new user role will be created and will be created. Value 'WPSCHOOL_CUSTOM_ADMIN' - this is a unique identifier of the new role, and 'WPSCHOOL CUSTOM ADMIN' - Its displayed name.
Now add the appropriate roles:
"edit_themes" \u003d\u003e true, // Editing the "install_plugins" \u003d\u003e true, // Installing plugins "update_plugin" \u003d\u003e true, // Update plugins "Update_core" \u003d\u003e True // Wordpress kernel update
Full source code:
$ result \u003d add_role ("wpschool_custom_admin", __ ("WPSCHOOL Custom Admin"), array ("edit_themes" \u003d\u003e true, // Editing the "install_plugins" \u003d\u003e true, // Installing plugins "Update_Plugin" \u003d\u003e True, / / update plugins "Update_core" \u003d\u003e true // update the WordPress kernel));
The entire list of roles and rights for the WordPress website can be viewed on official website.
The created role can be selected when creating (or editing an existing) user.
If you have a site for registering users, then you will be interested to learn about the roles and user access rights. And if not open, now I will tell you how to open a website for registration if it is closed.
Provide registration anyone
Go to Admin Panel "Settings" \u003d\u003e "General":
Find now the item "Membership" and put the bird over there "Anyone can register".
Above item "The role of a new user" Select the role of registered ( Subscriber, Member, Author, Editor, Administrator). At the bottom, find and click on the button " Save Change»:
If you are lost, what rights and role to give new registered users, now we will go through each role and I will try to tell everything.
Only the site administration can register
In general, what to open the site to register users?
Causes can be different.
One of them is that on your website, users can add their articles.
Or you want to add to the site a group of workers, a couple of administrators and authors. For this case, you can not put a bird over " Any can register"Since you, as an administrator, can add any user through the admin panel and give it a role and right. How to do it?
In the admin panel, go "Users" \u003d\u003e "Add new":
A page will open where you just need to specify user data (password, mail, name, etc.) and give it right.
User rights can be edited as all his profile. And you can simply delete if necessary. Go "Users" \u003d\u003e "All users" And Mouse over the user's cursor on the user you need. Two links "Edit" and "Delete" will appear. Here, I think, explain, what role does the links do not need to be fulfilled ... or need ?!::
Finally, we reached clarifications about the rights and roles of users. This is an important topic if you decide on a website or blog to allow everyone to register. Since if you give users, such as administrator rights, then you can immediately bury the site, since with these rights, the user can all: delete other users, change text, plugins and code itself.
Total 5 roles:
- subscriber
- participant
- author
- editor
- administrator
Each next role includes the possibilities of the previous and plus some optional.
Subscriber (Subscriber)
The subscriber is an audience of a website or blog that has no rights, except to read records, comment on them and receive notifications about new comments and publications.
The subscriber has access to only the settings for its profile.
CONTRIBUTOR)
The participant can create entries and adjust them, but cannot publish them until the site editor or the administrator confirm their publication.
Editor
The editor has the right to edit and delete any content and create new entries and pages.
Administrator (Administrator)
The administrator has all the rights above the listed, including the ability to remove users and change their rights. And also add and remove plugins, topics and make any changes in the code.
Now you know what rights to give your users and blog readers or site.
Good luck and correct understanding, what are the rights to give blog readers, then not to break your arms from anger !!!
If you have been working or working with WordPress, then probably have already met user management feature. This is especially true when it becomes necessary to distinguish between users' access rights to your site on WordPress. Well, for example, when you hired a copywriter, and you want him to not only write to you, but I myself added them to the site. But at the same time it is necessary that he does not have access to the full management of your site, but only a certain set of functions can perform. This is the delimitation of access rights.
This process is not very difficult, if you know how to organize it correctly. By installing WordPress to your site, you get the opportunity to assign various roles and levels for your registered users. In total, WordPress implemented five roles (or six, if). The sixth role of the Superadeministor appeared only in Wordpress 3.0. It means that you can fully manage all your sites and user roles on all these sites.
WordPress users roles - This is a combination of rights (opportunities to work with the site) that you can assign the user, or vice versa to deprive it of these rights.
A certain hierarchy for registering users is organized in WordPress. It is just vital if you are registered on your site not only as an administrator or a superademan, but also other users. After all, it is clear that in the event of the same rights, all users on your site will immediately begin anarchy - new entries, images, without permission and control of the administrator, will be downloaded, and new files, etc. will be disappeared and appear. If in practice, to allow such chaos, as a result, after a while, I will start reading new articles in the morning on the site, and not only you are not approved, but also in different languages \u200b\u200b- Polish, Arabic (I don't know which one of them), Chinese, etc. In general, the perfect field for different kind spammestine
In general, there are enough outputs, but not all of them are perfect. It will not help, and they do not have the functions, the change of passwords is also. Here I will explain more. Always registered user, with an unsuccessful attempt to enter the admin panel, can change the password to its new one. And it will use them until I change the sharing password. And then he changes the password again, and all things. But this is if it has full access to all the functions of the administrator or editor, if I do not appoint him a role that will prohibit it access to management site. Here and use knowledge about wordPress users rights.
You can override the roles of all users in such a way that they can work on the site with restrictions, and could not change something radically. So, the role of the Superadeministrator always belongs only to you, that is, the owner of the site, and anyone else. The same applies to the administrator if you have only one site. But then this confusion begins that a simple user who just started working with WordPress is easily confused and can identify such roles that only hurt the site. Therefore, I propose to get acquainted with the table where everything is painted. With it, everything is simple and understandable. But before - about the roles of users at all. All registered Wordpress users are distributed to six groups:
1. Superadeministrator - The role that (I said above) appeared recently, in the WordPress 3.0 version, and it works, provided that you have a N number of sites on one WordPress. Superministrator can manage a common network and all sites that are included in it. The table is clearly displayed. Superministrator (CA) has full access to multiple blogs from one, can control themes, users, network settings and a website / blog as a whole. Superministrator can work with a network administrator panel to manage sites included in the common network. In the "Adding New Site Sites" section, SA can add new blogs. It is better that this role belongs to the owners of sites, editors and webmasters.
2. Administrator - This is also the highest link: it can manage all users, topics, records, pages, files, site settings, and so on. Therefore, if you are a superademan, then you choose the user very carefully for the role of the site administrator. If a common network from a variety of sites is organized on WordPress, the administrator for the roles of role will be the second after the Super Minister. If you have only one blog / site, then the role of the administrator is home, since the Superministrator is simply not available in such hierarchical construction. The administrator of one site can control themes and plugins, update them, edit, import or export data, manage user roles.
Site Administrator Rights on WordPress:
Creating new users and delete existing, work with plugins and topics, deleting records of any users, working with personal pages of all users. Also, the administrator can delete the published entry. That is, the administrator of one site has the same rights as the Super Minister of the Website Network.
The administrator also has the right to moderate comments, publish and read personal pages, change the themes of decoration, upload files, etc.
3. Editor May not only publish and edit pages and records, but also moderate comments, manage links, tags and rubrics.
6. Subscriber - This is an ordinary visitor, and he can only read articles and comment on them.
I understand that such a decoding of roles is a bit compressed, but the table reveals an understanding in full. Here everything is quite understandable and seen what role is intended for each WordPress user.
There is even a special plugin to manage user roles - USER ROLE EDITOR.. But its settings are so wide that a separate article is needed for its complete and understandable description. For example, you can create a new role for any user, or a new level. WordPress features are so multifunctioned that it is possible to study them all life. But back to the roles and levels of users. Each role can be assigned its own level on which the user can also have or not have certain privileges. So, the author can be allowed except the ability to publish entries to manage the headings, assign new or delete existing, etc.
Such a hierarchy allows you to more effectively and safely manage, see the construction of management and make the necessary changes. After all, such changes are needed if several authors, editors, etc. work on the site, etc. For example, you are a video that one of the authors clearly leads in writing articles, and deserves encouragement. Then you can assign the role of the editor, which (see table) has the right not only to publish articles, but also has access to other managerial functions in the adminpanel, which are hidden from other users.
If you carefully study the table, you will realize that the site administrator's capabilities are practically not limited - you are not only the head of the Kamchatka, but also the Lord of the Universe. Properly distributing the roles and assigning levels for blog users, you can build a clear organization of the blog's blog, that is, it is much easier to make life easier.
Well, I have everything today. Before meeting on the waves
