edit_dashboard WordPress capability

Edit Dashboard WordPress capability

Edit Dashboard

Since version 2.5 WordPress has “edit_dashboard” (Edit Dashboard) capability in its capabilities system. What is the purpose of this capability? Does it forbid logged-in user to remove some widget from the dashboard if he decides that such widget is unneeded to him and wish to hide it using the “Screen Options” link at the top of dashboard screen? Definitely “No”.
If user has “edit_dashboard” capability he has access to the configuration parameters of widgets which included to his dashboard. If widget has some parameters to tune its work, such user is able to change them. Let’s see. Go to WordPress dashboard and move your mouse pointer to the right top corner of the widget box. Let’s take for example a “WordPress Development Blog” widget which is accessible to all logged-in users. Do you look a small down headed arrow? As you may know already it serves to collapse/expand widget box. Move your mouse to the left of that arrow. If you have “edit_dashboard” capability you will see that “Configure” link appears there.
Find that link at the image below:
edit_dashboard WordPress Capability

edit_dashboard WordPress Capability

If you click on “Configure” link of the “WordPress Development Blog” you will see its configuration panel:
Widget Configuration Panel

Widget Configuration Panel

In order to approve my conclusion about “edit_dashboard” capability I scanned all PHP files included to WordPress installation package on the word “edit_dashboard” occurrence. It was found in the only place – line #142 of ‘wp-admin/includes/dashboard.php’ file. I include the quote from it below for your further reference:

 function wp_add_dashboard_widget( $widget_id, $widget_name, $callback, $control_callback = null ) {
	$screen = get_current_screen();
	global $wp_dashboard_control_callbacks;
	if ( $control_callback && current_user_can( 'edit_dashboard' ) && is_callable( $control_callback ) ) {
		$wp_dashboard_control_callbacks[$widget_id] = $control_callback;
		if ( isset( $_GET['edit'] ) && $widget_id == $_GET['edit'] ) {
			list($url) = explode( '#', add_query_arg( 'edit', false ), 2 );
			$widget_name .= ' <span class="postbox-title-action">' . __( 'Cancel' ) . '</span>';
			$callback = '_wp_dashboard_control_callback';
		} else {
			list($url) = explode( '#', add_query_arg( 'edit', $widget_id ), 2 );
			$widget_name .= ' <span class="postbox-title-action">' . __( 'Configure' ) . '</span>';

By default “edit_dashbord” capability is included to the “Administrator” role only.

Русский перевод этой статьи доступен по этой ссылке.

Tags: , ,