在wordpress中,有自己的一套用户系统,这套用户系统中有着近乎完美的权限管理系统,在wordpress中叫做角色与能力。角色与能力均可以在代码中进行添加,在本篇内容中你将会看到和官方文档完全不同的一些东西,归纳总结的也会更加完善、系统,致力于让你读完一篇文章完全了解wordpress的角色与能力。
相关官方文档:
介绍文档:https://wordpress.org/documentation/article/roles-and-capabilities/#capability-vs-role-table
开发文档:https://developer.wordpress.org/plugins/users/roles-and-capabilities/
我们再说说账户、角色和能力之间的关系。账户是独立且唯一的;角色是能力包,是一个能力集合,能将角色分配到任意账户;能力是可以干什么、能够干什么。具体看图:
我们可以看到:账户一有能力1、2、3、4,账户二有能力1、2,账户三有能力3、4,账户四有能力3、4。
开始前,我先举个例子,对于角色和能力的一个解释。我们拿最基础的公司体系来说,每个公司员工相当于一个账户;角色的划分相当于老板、管理、员工;能力相当于能行使的权力、能做的事等等,他可以是很抽象的东西,我们可以理解为“可以、能够”,比如:签合同、管理考勤、管理财务、可以获得工资。
我们记住这个例子,就能很好的理解wordpress角色与能力,在面对一些问题的时候,我们也可以理解着进行回答,配合下面几个问题:
1、一个账户可以拥有多个角色吗?
不可以。
2、一个角色能够多个账户拥有吗?
可以。
3、一个角色的能力另一个角色能拥有吗?
可以。
4、在一个账户中,能力重复会怎么样?
重复了他也算作一个能力,而不会发生错误或者能力加强,比如2个可以签合同还是可以签合同。
一、角色
添加角色
//add_role( $role, $display_name, $capabilities = array() );
add_role( 'custom_role', 'Custom Subscriber', array( 'read' => true, 'level_0' => true ) );
删除角色
//remove_role( $role );
remove_role( 'subscriber' );
角色的其他操作
获得角色
//get_role( string $role );
get_role( "subscriber" );
获得角色能力
$admin_role = get_role( 'administrator' )->capabilities;
// OutPut
Array
(
[switch_themes] => 1
[edit_themes] => 1
[activate_plugins] => 1
[edit_plugins] => 1
[edit_users] => 1
[edit_files] => 1
[manage_options] => 1
[moderate_comments] => 1
[manage_categories] => 1
[manage_links] => 1
[upload_files] => 1
[import] => 1
[unfiltered_html] => 1
[edit_posts] => 1
[edit_others_posts] => 1
[edit_published_posts] => 1
[publish_posts] => 1
[edit_pages] => 1
[read] => 1
[level_10] => 1
[level_9] => 1
[level_8] => 1
[level_7] => 1
[level_6] => 1
[level_5] => 1
[level_4] => 1
[level_3] => 1
[level_2] => 1
[level_1] => 1
[level_0] => 1
[edit_others_pages] => 1
[edit_published_pages] => 1
[publish_pages] => 1
[delete_pages] => 1
[delete_others_pages] => 1
[delete_published_pages] => 1
[delete_posts] => 1
[delete_others_posts] => 1
[delete_published_posts] => 1
[delete_private_posts] => 1
[edit_private_posts] => 1
[read_private_posts] => 1
[delete_private_pages] => 1
[edit_private_pages] => 1
[read_private_pages] => 1
[delete_users] => 1
[create_users] => 1
[unfiltered_upload] => 1
[edit_dashboard] => 1
[update_plugins] => 1
[delete_plugins] => 1
[install_plugins] => 1
[update_themes] => 1
[install_themes] => 1
[update_core] => 1
[list_users] => 1
[remove_users] => 1
[promote_users] => 1
[edit_theme_options] => 1
[delete_themes] => 1
[export] => 1
[list_roles] => 1
[create_roles] => 1
[edit_roles] => 1
[delete_roles] => 1
[edit_role_menus] => 1
[edit_posts_role_permissions] => 1
[edit_pages_role_permissions] => 1
[edit_nav_menu_permissions] => 1
[edit_content_shortcodes] => 1
[delete_content_shortcodes] => 1
[edit_login_redirects] => 1
[delete_login_redirects] => 1
[bulk_edit_roles] => 1
[edit_widget_permissions] => 1
[edit_attachments] => 1
[delete_attachments] => 1
[read_others_attachments] => 1
[edit_others_attachments] => 1
[delete_others_attachments] => 1
[edit_users_higher_level] => 1
[delete_users_higher_level] => 1
[promote_users_higher_level] => 1
[promote_users_to_higher_level] => 1
[manage_capabilities] => 1
)
设置某账户的角色
$user_id = wp_create_user('backdoor', '123456'); //创建账户
$user = new WP_User($user_id);
$user->set_role('administrator'); //设置为管理员权限
二、能力
向一个角色添加能力
//WP_Role::add_cap( string $cap, bool $grant = true )
function add_theme_caps() {
// gets the author role
$role = get_role( 'author' );
// This only works, because it accesses the class instance.
// would allow the author to edit others' posts for current theme only
$role->add_cap( 'edit_others_posts' );
}
add_action( 'admin_init', 'add_theme_caps');
function add_theme_caps(){
global $pagenow;
if ( 'themes.php' == $pagenow && isset( $_GET['activated'] ) ){ // Test if theme is active
// Theme is active
// gets the author role
$role = get_role( 'author' );
// This only works, because it accesses the class instance.
// would allow the author to edit others' posts for current theme only
$role->add_cap( 'edit_others_posts' );
} else {
// Theme is deactivated
// Remove the capacity when theme is deactivate
$role->remove_cap( 'edit_others_posts' );
}
}
add_action( 'load-themes.php', 'add_theme_caps' );
删除一个角色的能力
$author = get_role( 'author' );
$caps = array (
'edit_posts',
'edit_published_posts',
'publish_posts',
'delete_posts',
'delete_published_posts',
);
foreach ( $caps as $cap ) {
$author->remove_cap( $cap );
}
/**
* Don't let editors read private posts.
*
* You should call the function when your plugin is activated.
*
* @uses WP_Role::remove_cap()
*/
function remove_editor_read_private_posts() {
// get_role returns an instance of WP_Role.
$role = get_role( 'editor' );
$role->remove_cap( 'read_private_posts' );
}
/**
* Remove capabilities from editors.
*
* Call the function when your plugin/theme is activated.
*/
function wpcodex_set_capabilities() {
// Get the role object.
$editor = get_role( 'editor' );
// A list of capabilities to remove from editors.
$caps = array(
'moderate_comments',
'manage_categories',
'manage_links',
'edit_others_posts',
'edit_others_pages',
'delete_posts',
);
foreach ( $caps as $cap ) {
// Remove the capability.
$editor->remove_cap( $cap );
}
}
add_action( 'init', 'wpcodex_set_capabilities' );
为用户单独配置能力
$user = new WP_User( $user_id );
$user->add_cap( 'can_edit_posts' );
$user->remove_cap( 'can_edit_posts' );
获取某用户的能力
// Define user ID
$user_id = 1;
// Get User
$user = new WP_User( $user_id );
// Get all user capabilities
$user_roles = $user->get_role_caps();
// Check if user has permission
if ($user_roles['manage_options']) {
// Do stuff
}
判断角色是否拥有某个能力
//WP_Role::has_cap( string $cap, bool $grant = true )
function add_theme_caps() {
$role = get_role( 'author' );
$role->has_cap( 'edit_others_posts' );
}
add_action( 'admin_init', 'add_theme_caps');
判断某用户是否拥有某个能力
//WP_User::has_cap( string $cap, mixed $args ): bool;
$user->has_cap( 'edit_posts' );
$user->has_cap( 'edit_post', $post->ID );
$user->has_cap( 'edit_post_meta', $post->ID, $meta_key );
暂无评论内容