Archive for the ‘WordPress Capabilities’ Category

delete_themes WordPress user capability

Monday, March 19th, 2012

delete_themes WordPress user capability


What capability to add or remove in order to allow or prohibit WordPress theme deletion? That’s simple, you can say, of course delete_themes user capability. It is clear from its name, isn’t it? You are right. But it is not full true. It’s useful to know, that if you have not switch_themes capability under single-site WordPress installation, you can not delete selected theme, even if you click ‘Delete’ command from WordPress interface. Interesting? Continue reading and see more detailed description or (if you curious enough) even look inside WordPress core source code together with me.
I found delete_themes capability in this WordPress core files:

Read the rest of this entry

delete_plugins WordPress user capability

Saturday, March 17th, 2012

delete_plugin WordPress user capability

Delete plugin

delete_plugins WordPress user capability allows user to delete not active plugins. Such user has to have access to the “Plugins” menu at WordPress administrator back-end (requires activate_plugins capability for that). In order to delete plugin user can use plugin row link, which is shown under each plugin name, or bulk action, applied to the selected set of plugins simultaneously.
delete_plugins capability is used inside these WordPress core files:
Proceed reading if you wish to look inside WordPress core code and get more details.

Read the rest of this entry

Block posting to selected categories

Sunday, February 19th, 2012

Exclude category for role

Exclude category for role

Block posting to the list of selected categories on per role base – is it possible? If you wish to limit your WordPress blog authors or users with custom created role from posting to some categories only, you can do it with piece of PHP code below (read entire post to get it.).

Just copy it and paste it into your active theme functions.php file (wp-content/themes/your-theme/functions.php) insert ID of categories to block. You can get ID of category at Categories page. Move mouse over ‘Edit’ link of selected category and look on the link at the bottom of your browser. Search ‘tag_ID=’ there. The number to the right of it is the category ID.
Congratulations! That’s all. You got it.

Read the rest of this entry

delete posts and pages WordPress user capabilities set

Sunday, February 12th, 2012

Delete posts and pages capabilities

Delete posts and pages capabilities

Delete posts and pages. Who can make these critical operation at your blog? It is worth a lot of efforts to build good content for your blog. But some time we delete old and unneeded posts or pages. Whom WordPress allows to make that? What capabilities user should have to be powerful enough, in order reduce you site content?

If you read WordPress Codex “Roles and Capabilities” page or use plugin like User Role Editor to manage WordPress roles and user capabilities, you saw there this capabilities set, in alphabetical order:
delete_others_pages, delete_others_posts, delete_pages, delete_posts, delete_private_pages, delete_private_posts, delete_published_pages, delete_published_posts.

While these capabilities names are self-explained, it’s interesting, how and where WordPress checks them.

Read the rest of this entry

create_users WordPress user capability

Wednesday, February 8th, 2012

create_users WordPress capability

create_users WordPress capability

WordPress user capability create_users is straight forward and self-explained one. WordPress Codex Roles and Capabilities page even doesn’t contain a word explaining or defining it.

You can know from that page only that this capability was added to WordPress since version 2.1 and it is included into Administrator role by default. It belongs to Superadmin (for multi-site configuration) also, but you can not see such role in WordPress roles list.

Do you wish to know a little more about this capability or dive deeper into WordPress user capabilities world? Follow me reading this post and you will get detailed report about how and there create_users capability is used by WordPress.

Read the rest of this entry

add_users WordPress user capability

Sunday, January 22nd, 2012

(image from

add_users capability

User capability “add_users” was added to the WordPress “Administrator” user role since WordPress version 3.0. But this capability is not used yet by WordPress itself in any form. Perhaps it was added for use in the future versions and could be use by themes and plugins developers of course. It does nothing in the WordPress 3.3.1. So you may skip it temporally in your WordPress capabilities system research.

The only place where you can find ‘add_users’ WordPress user capability in WordPress source code is

	$role->add_cap( 'add_users' );

moderate_comments WordPress user capability

Friday, January 20th, 2012

moderate_comments capability

moderate comments capability

moderate_comments WordPress user capability “allows users to moderate comments from the Comments SubPanel (although a user needs the edit_posts Capability in order to access this)”, – oficial WordPress Codex page says.

What I can say? Do not trust your own eyes. It is not the full true. Only last part of this declaration (about “edit_posts” capability) works as described in relation to the Comments subpanel. Are you not sure? Check it yourself. Take “User Role Editor” WordPress plugin, select the “Editor” role and uncheck “moderate_comments” capability. Then login to WordPress under the user with “Editor” role and go to the “Comments” panel. Do you still see links “unapprove, edit, spam, trash” under the comments there? Thus, you still may moderate comments inspite of you have not “moderate_comments” capability.
So, the next question – what is the real power of “moderate_comments” WordPress user capability?

Read the rest of this entry