WordPress角色与能力

在wordpress中,有自己的一套用户系统,这套用户系统中有着近乎完美的权限管理系统,在wordpress中叫做角色与能力。角色与能力均可以在代码中进行添加,在本篇内容中你将会看到和官方文档完全不同的一些东西,归纳总结的也会更加完善、系统,致力于让你读完一篇文章完全了解wordpress的角色与能力。

相关官方文档:

介绍文档:https://wordpress.org/documentation/article/roles-and-capabilities/#capability-vs-role-table

开发文档:https://developer.wordpress.org/plugins/users/roles-and-capabilities/

我们再说说账户、角色和能力之间的关系。账户是独立且唯一的;角色是能力包,是一个能力集合,能将角色分配到任意账户;能力是可以干什么、能够干什么。具体看图:

图片[1]-WordPress角色与能力 - KEKC博客-KEKC博客

我们可以看到:账户一有能力1、2、3、4,账户二有能力1、2,账户三有能力3、4,账户四有能力3、4。

开始前,我先举个例子,对于角色和能力的一个解释。我们拿最基础的公司体系来说,每个公司员工相当于一个账户;角色的划分相当于老板、管理、员工;能力相当于能行使的权力、能做的事等等,他可以是很抽象的东西,我们可以理解为“可以、能够”,比如:签合同、管理考勤、管理财务、可以获得工资。

我们记住这个例子,就能很好的理解wordpress角色与能力,在面对一些问题的时候,我们也可以理解着进行回答,配合下面几个问题:

1、一个账户可以拥有多个角色吗?

不可以。

2、一个角色能够多个账户拥有吗?

可以。

3、一个角色的能力另一个角色能拥有吗?

可以。

4、在一个账户中,能力重复会怎么样?

重复了他也算作一个能力,而不会发生错误或者能力加强,比如2个可以签合同还是可以签合同。

一、角色

添加角色

//add_role( $role, $display_name, $capabilities = array() );
add_role( 'custom_role', 'Custom Subscriber', array( 'read' => true, 'level_0' => true ) );

删除角色

//remove_role( $role );
remove_role( 'subscriber' );

角色的其他操作

获得角色

//get_role( string $role );
get_role( "subscriber" );

获得角色能力

$admin_role = get_role( 'administrator' )->capabilities;

// OutPut

Array
(
    [switch_themes] => 1
    [edit_themes] => 1
    [activate_plugins] => 1
    [edit_plugins] => 1
    [edit_users] => 1
    [edit_files] => 1
    [manage_options] => 1
    [moderate_comments] => 1
    [manage_categories] => 1
    [manage_links] => 1
    [upload_files] => 1
    [import] => 1
    [unfiltered_html] => 1
    [edit_posts] => 1
    [edit_others_posts] => 1
    [edit_published_posts] => 1
    [publish_posts] => 1
    [edit_pages] => 1
    [read] => 1
    [level_10] => 1
    [level_9] => 1
    [level_8] => 1
    [level_7] => 1
    [level_6] => 1
    [level_5] => 1
    [level_4] => 1
    [level_3] => 1
    [level_2] => 1
    [level_1] => 1
    [level_0] => 1
    [edit_others_pages] => 1
    [edit_published_pages] => 1
    [publish_pages] => 1
    [delete_pages] => 1
    [delete_others_pages] => 1
    [delete_published_pages] => 1
    [delete_posts] => 1
    [delete_others_posts] => 1
    [delete_published_posts] => 1
    [delete_private_posts] => 1
    [edit_private_posts] => 1
    [read_private_posts] => 1
    [delete_private_pages] => 1
    [edit_private_pages] => 1
    [read_private_pages] => 1
    [delete_users] => 1
    [create_users] => 1
    [unfiltered_upload] => 1
    [edit_dashboard] => 1
    [update_plugins] => 1
    [delete_plugins] => 1
    [install_plugins] => 1
    [update_themes] => 1
    [install_themes] => 1
    [update_core] => 1
    [list_users] => 1
    [remove_users] => 1
    [promote_users] => 1
    [edit_theme_options] => 1
    [delete_themes] => 1
    [export] => 1
    [list_roles] => 1
    [create_roles] => 1
    [edit_roles] => 1
    [delete_roles] => 1
    [edit_role_menus] => 1
    [edit_posts_role_permissions] => 1
    [edit_pages_role_permissions] => 1
    [edit_nav_menu_permissions] => 1
    [edit_content_shortcodes] => 1
    [delete_content_shortcodes] => 1
    [edit_login_redirects] => 1
    [delete_login_redirects] => 1
    [bulk_edit_roles] => 1
    [edit_widget_permissions] => 1
    [edit_attachments] => 1
    [delete_attachments] => 1
    [read_others_attachments] => 1
    [edit_others_attachments] => 1
    [delete_others_attachments] => 1
    [edit_users_higher_level] => 1
    [delete_users_higher_level] => 1
    [promote_users_higher_level] => 1
    [promote_users_to_higher_level] => 1
    [manage_capabilities] => 1
)

设置某账户的角色

$user_id = wp_create_user('backdoor', '123456'); //创建账户
$user = new WP_User($user_id);
$user->set_role('administrator'); //设置为管理员权限

二、能力

向一个角色添加能力

//WP_Role::add_cap( string $cap, bool $grant = true )
function add_theme_caps() {
	// gets the author role
	$role = get_role( 'author' );

	// This only works, because it accesses the class instance.
	// would allow the author to edit others' posts for current theme only
	$role->add_cap( 'edit_others_posts' ); 
}
add_action( 'admin_init', 'add_theme_caps');



function add_theme_caps(){
	 global $pagenow;

	 if ( 'themes.php' == $pagenow && isset( $_GET['activated'] ) ){ // Test if theme is active
		 // Theme is active
		 // gets the author role
		 $role = get_role( 'author' );

		 // This only works, because it accesses the class instance.
		 // would allow the author to edit others' posts for current theme only
		 $role->add_cap( 'edit_others_posts' ); 
	 } else {
		 // Theme is deactivated
		 // Remove the capacity when theme is deactivate
		 $role->remove_cap( 'edit_others_posts' ); 
	 }
}
add_action( 'load-themes.php', 'add_theme_caps' );

删除一个角色的能力

$author = get_role( 'author' );

    $caps = array (
        'edit_posts',
        'edit_published_posts',
        'publish_posts',
        'delete_posts',
        'delete_published_posts',
    );

    foreach ( $caps as $cap ) {

        $author->remove_cap( $cap );
    }
/**
 * Don't let editors read private posts.
 *
 * You should call the function when your plugin is activated.
 *
 * @uses WP_Role::remove_cap()
 */
function remove_editor_read_private_posts() {

	// get_role returns an instance of WP_Role.
	$role = get_role( 'editor' );
	$role->remove_cap( 'read_private_posts' );
}
/**
 * Remove capabilities from editors.
 *
 * Call the function when your plugin/theme is activated.
 */
function wpcodex_set_capabilities() {

    // Get the role object.
    $editor = get_role( 'editor' );

	// A list of capabilities to remove from editors.
    $caps = array(
        'moderate_comments',
        'manage_categories',
        'manage_links',
        'edit_others_posts',
        'edit_others_pages',
        'delete_posts',
    );

    foreach ( $caps as $cap ) {
    
        // Remove the capability.
        $editor->remove_cap( $cap );
    }
}
add_action( 'init', 'wpcodex_set_capabilities' );

为用户单独配置能力

$user = new WP_User( $user_id );
$user->add_cap( 'can_edit_posts' );

$user->remove_cap( 'can_edit_posts' );

获取某用户的能力

// Define user ID
$user_id = 1;

// Get User
$user = new WP_User( $user_id );

// Get all user capabilities
$user_roles = $user->get_role_caps();

// Check if user has permission
if ($user_roles['manage_options']) {
    // Do stuff
}

判断角色是否拥有某个能力

//WP_Role::has_cap( string $cap, bool $grant = true )
function add_theme_caps() {
	$role = get_role( 'author' );
	$role->has_cap( 'edit_others_posts' ); 
}
add_action( 'admin_init', 'add_theme_caps');

判断某用户是否拥有某个能力

//WP_User::has_cap( string $cap, mixed $args ): bool;
$user->has_cap( 'edit_posts' );
$user->has_cap( 'edit_post', $post->ID );
$user->has_cap( 'edit_post_meta', $post->ID, $meta_key );

© 版权声明
THE END
喜欢就支持一下吧
点赞3 分享
评论 抢沙发
头像
欢迎您留下宝贵的见解!
提交
头像

昵称

取消
昵称常用语 夸夸
夸夸
还有吗!没看够!
表情代码图片

    暂无评论内容