Documentos de Académico
Documentos de Profesional
Documentos de Cultura
WordPress uses a concept of Roles, designed to give the site owner the ability to control what users
can and cannot do within the site. A site owner can manage the user access to such tasks as writing
and editing posts, creating Pages, defining links, creating categories, moderating
comments, managing plugins, managing themes, and managing other users, by assigning a specific
role to each of the users.
The Super Admin role allows a user to perform all possible capabilities. Each of the other roles has a
decreasing number of allowed capabilities. For instance, the Subscriber role has just the "read"
capability. One particular role should not be considered to be senior to another role. Rather, consider
that roles define the user's responsibilities within the site.
Summary of Roles
Super Admin – somebody with access to the site network administration features and all other
features. See the Create a Network article.
Administrator (slug: 'administrator') – somebody who has access to all the administration
features within a single site.
Editor (slug: 'editor') – somebody who can publish and manage posts including the posts of other
users.
Author (slug: 'author') – somebody who can publish and manage their own posts.
Contributor (slug: 'contributor') – somebody who can write and manage their own posts but
cannot publish them.
Subscriber (slug: 'subscriber') – somebody who can only manage their profile.
Upon installing WordPress, an Administrator account is automatically created.
The default role for new users can be set in Administration Panels > Settings > General.
You can see a listing of all defined roles by accessing the role_names property of the
global WP_Roles object (which you can retrieve with wp_roles(), or, prior to version 4.3,
with global $wp_roles;).
Roles
A Role defines a set of tasks a user assigned the role is allowed to perform. For instance, the Super
Admin role encompasses every possible task that can be performed within a Network of virtual
WordPress sites. The Administrator role limits the allowed tasks only to those which affect a single
site. On the other hand, the Author role allows the execution of just a small subset of tasks.
The following sections list the default Roles and their capabilities:
Super Admin
Multisite Super Admins have, by default, all capabilities. The following Multisite-only capabilities are
therefore only available to Super Admins:
create_sites
delete_sites
manage_network
manage_sites
manage_network_users
manage_network_plugins
manage_network_themes
manage_network_options
upgrade_network
setup_network
In the case of single site WordPress installation, Administrators are, in effect, Super Admins. As such,
they are the only ones to have access to additional admin capabilities.
Administrator
The capabilities of Administrators differs between single site and Multisite WordPress installations. All
administrators have the following capabilities:
activate_plugins
delete_others_pages
delete_others_posts
delete_pages
delete_posts
delete_private_pages
delete_private_posts
delete_published_pages
delete_published_posts
edit_dashboard
edit_others_pages
edit_others_posts
edit_pages
edit_posts
edit_private_pages
edit_private_posts
edit_published_pages
edit_published_posts
edit_theme_options
export
import
list_users
manage_categories
manage_links
manage_options
moderate_comments
promote_users
publish_pages
publish_posts
read_private_pages
read_private_posts
read
remove_users
switch_themes
upload_files
customize
delete_site
Additional Admin Capabilities
Only Administrators of single site installations have the following capabilities. In Multisite, only the
Super Admin has these abilities:
update_core
update_plugins
update_themes
install_plugins
install_themes
upload_plugins
upload_themes
delete_themes
delete_plugins
edit_plugins
edit_themes
edit_files
edit_users
create_users
delete_users
unfiltered_html
Editor
delete_others_pages
delete_others_posts
delete_pages
delete_posts
delete_private_pages
delete_private_posts
delete_published_pages
delete_published_posts
edit_others_pages
edit_others_posts
edit_pages
edit_posts
edit_private_pages
edit_private_posts
edit_published_pages
edit_published_posts
manage_categories
manage_links
moderate_comments
publish_pages
publish_posts
read
read_private_pages
read_private_posts
unfiltered_html (not with Multisite. See Unfiltered MU & RemoveKses)
upload_files
Author
delete_posts
delete_published_posts
edit_posts
edit_published_posts
publish_posts
read
upload_files
Contributor
delete_posts
edit_posts
read
Subscriber
read
Special Cases
The following capabilities are special cases:
unfiltered_upload - This capability is not available to any role by default (including Super
Admins). The capability needs to be enabled by defining the following constant:
With this constant defined, all roles on a single site install can be given the unfiltered_upload
capability, but only Super Admins can be given the capability on a Multisite install.
delete_sites Y
manage_network Y
manage_sites Y
manage_network_users Y
manage_network_plugins Y
manage_network_themes Y
manage_network_options Y
upload_plugins Y
upload_themes Y
upgrade_network Y
setup_network Y
edit_theme_options Y Y
export Y Y
import Y Y
list_users Y Y
manage_options Y Y
promote_users Y Y
remove_users Y Y
switch_themes Y Y
edit_dashboard Y Y
customize Y Y
delete_site Y Y
manage_categories Y Y Y
manage_links Y Y Y
edit_others_posts Y Y Y
edit_pages Y Y Y
edit_others_pages Y Y Y
edit_published_pages Y Y Y
publish_pages Y Y Y
delete_pages Y Y Y
delete_others_pages Y Y Y
delete_published_pages Y Y Y
delete_others_posts Y Y Y
delete_private_posts Y Y Y
edit_private_posts Y Y Y
read_private_posts Y Y Y
delete_private_pages Y Y Y
edit_private_pages Y Y Y
read_private_pages Y Y Y
upload_files Y Y Y Y
publish_posts Y Y Y Y
delete_published_posts Y Y Y Y
edit_posts Y Y Y Y Y
delete_posts Y Y Y Y Y
Capabilities
switch_themes
Since 2.0
Allows access to Administration Panel options:
Appearance
Appearance > Themes
edit_themes
Since 2.0
Allows access to Appearance > Theme Editor to edit theme files.
edit_theme_options
Since 3.0
Allows access to Administration Panel options:
Appearance > Widgets
Appearance > Menus
Appearance > Customize if they are supported by the current theme
Appearance > Background
Appearance > Header
install_themes
Since 2.8
Allows access to Administration Panel options:
Appearance > Add New Themes
activate_plugins
Since 2.0
Allows access to Administration Panel options:
Plugins
edit_plugins
Since 2.0
Allows access to Administration Panel options:
Plugins > Plugin Editor
install_plugins
Since 2.7
Allows access to Administration Panel options:
Plugins > Add New
edit_users
Since 2.0
Allows editing other users' profiles.
This allows changing roles independently of 'promote_users' capability.
edit_files
Since 2.0
Note: No longer used.
manage_options
Since 2.0
Allows access to Administration Panel options:
Settings > General
Settings > Writing
Settings > Reading
Settings > Discussion
Settings > Permalinks
Settings > Miscellaneous
moderate_comments
Since 2.0
Allows users to moderate comments from the Comments SubPanel (although a user needs
the edit_posts Capability in order to access this)
manage_categories
Since 2.0
Allows access to Administration Panel options:
Posts > Categories
Links > Categories
manage_links
Since 2.0
Allows access to Administration Panel options:
Links
Links > Add New
upload_files
Since 2.0
Allows access to Administration Panel options:
Media
Media > Add New
import
Since 2.0
Allows access to Administration Panel options:
Tools > Import
Tools > Export
unfiltered_html
Since 2.0
Allows user to post HTML markup or even JavaScript code in pages, posts, comments and
widgets.
Note: Enabling this option for untrusted users may result in their posting malicious or poorly
formatted code.
Note: In WordPress Multisite, only Super Admins have the unfiltered_html capability.
edit_posts
Since 2.0
Allows access to Administration Panel options:
Posts
Posts > Add New
Comments
Comments > Awaiting Moderation
edit_others_posts
Since 2.0
Allows access to Administration Panel options:
Manage > Comments (Lets user delete and edit every comment, see edit_posts above)
user can edit other users' posts through function get_others_drafts()
user can see other users' images in inline-uploading [no? see inline-uploading.php]
See Exceptions
edit_published_posts
Since 2.0
User can edit their published posts. This capability is off by default.
The core checks the capability edit_posts, but on demand this check is changed
to edit_published_posts.
If you don't want a user to be able to edit their published posts, remove this capability.
publish_posts
Since 2.0
See and use the "publish" button when editing their post (otherwise they can only save drafts)
Can use XML-RPC to publish (otherwise they get a "Sorry, you can not post on this weblog or
category.")
edit_pages
Since 2.0
Allows access to Administration Panel options:
Pages
Pages > Add New
read
Since 2.0
Allows access to Administration Panel options:
Dashboard
Users > Your Profile
Used nowhere in the core code except the menu.php
publish_pages
Since 2.1
edit_others_pages
Since 2.1
edit_published_pages
Since 2.1
delete_pages
Since 2.1
delete_others_pages
Since 2.1
delete_published_pages
Since 2.1
delete_posts
Since 2.1
delete_others_posts
Since 2.1
delete_published_posts
Since 2.1
delete_private_posts
Since 2.1
edit_private_posts
Since 2.1
read_private_posts
Since 2.1
delete_private_pages
Since 2.1
edit_private_pages
Since 2.1
read_private_pages
Since 2.1
delete_users
Since 2.1
Allows deleting users from the blog.
create_users
Since 2.1
Allows creating new users.
Without other capabilities, created users will have your blog's New User Default Role.
unfiltered_upload
Since 2.3
edit_dashboard
Since 2.5
customize
Since 4.0
Allows access to the Customizer.
delete_site
Since 3.1
Allows the user to delete the current site (Multisite only).
update_plugins
Since 2.6
delete_plugins
Since 2.6
update_themes
Since 2.7
update_core
Since 3.0
list_users
Since 3.0
Allows access to Administration Panel options:
Users
remove_users
Since 3.0
add_users
Since 3.0
Replaced in 4.4 with promote_users
promote_users
Since 3.0
Enables the "Change role to..." dropdown in the admin user list.
This does not depend on 'edit_users' capability.
Enables the 'Add Existing User' to function for multi-site installs.
delete_themes
Since 3.0
export
Since 3.0
edit_comment
Since 3.1
create_sites
Since 3.1
Multi-site only
Allows user to create sites on the network
delete_sites
Since 3.1
Multi-site only
Allows user to delete sites on the network
manage_network
Since 3.0
Multi-site only
Allows access to Super Admin menu
Allows user to upgrade network
manage_sites
Since 3.0
Multi-site only
Allows access to Network Sites menu
Allows user to edit, archive, unarchive, activate, deactivate, spam, and unspam sites on the
network
manage_network_users
Since 3.0
Multi-site only
Allows access to Network Users menu
manage_network_themes
Since 3.0
Multi-site only
Allows access to Network Themes menu
manage_network_options
Since 3.0
Multi-site only
Allows access to Network Options menu
manage_network_plugins
Multi-site only
Allows access to Network Plugins menu
upload_plugins
Since 4.0
Multi-site only
Allows user to upload plugin ZIP files from the Network Plugins -> Add New menu
upload_themes
Since 4.0
Multi-site only
Allows user to upload theme ZIP files from the Network Themes -> Add New menu
upgrade_network
Since 4.8
Multi-site only
is used to determine whether a user can access the Network Upgrade page in the network admin.
Related to this, the capability is also checked to determine whether to show the notice that a
network upgrade is required. The capability is not mapped, so it is only granted to network
administrators. See #39205 for background discussion.
setup_network
Since 4.8
Multi-site only
is used to determine whether a user can setup multisite, i.e. access the Network Setup page.
Before setting up a multisite, the capability is mapped to the `manage_options` capability, so that it
is granted to administrators. Once multisite is setup, it is mapped to `manage_network_options`, so
that it is granted to network administrators. See #39206 for background discussion.
User Levels
Prior to version 2.0, WordPress used a user User Levels system. This was replaced in version 2.0
with the much improved and more extensible Roles and Capabilities system you see today. To
maintain backwards compatibility with plugins that still use the user levels system (although this is
very much discouraged), the default Roles in WordPress also include Capabilities that correspond to
these levels. User Levels were finally deprecated in version 3.0.
Capability Administrator Editor Author Contributor Subscriber
level_10
level_9
level_8
level_7
level_6
level_5
level_4
level_3
level_2
level_1
level_0
Change Log
1.5: User Levels system was introduced.
2.0: Roles and Capabilities system was introduced.
3.0: User Levels system deprecated & Multisite Super Admins introduced.
Resources
Plugins
Members Plugin
Role Scoper Plugin
User Access Manager
Advanced Access Manager
User Role Editor
WordPress User Role Editor
Simple Membership Plugin
View Admin As (manage & test roles)
Information
Ryan Boren's What's New in 2.0: Roles and Capabilities
WordPress Capabilities
WordPress Roles and Capabilities at a Glance - A simplified visual representation of WordPress
roles and capabilities
Dev
Hackers email list Original User Capability discussion
related functions: current_user_can(), user_can()
You can set and get a user's role and capabilities programmatically using the WP_User class.
Other Codex Articles
Roles and Capabilities:
add_role()
remove_role()
get_role()
add_cap()
remove_cap()
Categories:
Getting Started
Installation
UI Link