WordPress uses a concept of Roles, designed to give the site owner the ability to control what users can and cannot do within the site. A site owner can manage the user access to such tasks as writing and editing posts, creating Pages, creating categories, moderating comments, managing plugins, managing themes, and managing other users, by assigning a specific role to each of the users.
WordPress has six pre-defined roles: Super Admin, Administrator, Editor, Author, Contributor and Subscriber. Each role is allowed to perform a set of tasks called Capabilities. There are many capabilities including “publish_posts“, “moderate_comments“, and “edit_users“. A default set of capabilities is pre-assigned to each role, but other capabilities can be assigned or removed using the add_cap() andremove_cap() functions. New roles can be introduced or removed using the add_role() and remove_role() functions.
The Super Admin role allows a user to perform all possible capabilities. Each of the other roles has a decreasing number of allowed capabilities. For instance, the Subscriber role has just the “read” capability. One particular role should not be considered to be senior to another role. Rather, consider that roles define the user’s responsibilities within the site.
Summary of Roles
- Super Admin – somebody with access to the site network administration features and all other features. See the Create a Network article.
- Administrator (slug: ‘administrator’) – somebody who has access to all the administration features within a single site.
- Editor (slug: ‘editor’) – somebody who can publish and manage posts including the posts of other users.
- Author (slug: ‘author’) – somebody who can publish and manage their own posts.
- Contributor (slug: ‘contributor’) – somebody who can write and manage their own posts but cannot publish them.
- Subscriber (slug: ‘subscriber’) – somebody who can only manage their profile.
Upon installing WordPress, an Administrator account is automatically created.
The default role for new users can be set in Administration Screens > Settings > General.
Roles
A Role defines a set of tasks a user assigned the role is allowed to perform. For instance, the Super Admin role encompasses every possible task that can be performed within a Network of virtual WordPress sites. The Administrator role limits the allowed tasks only to those which affect a single site. On the other hand, the Author role allows the execution of just a small subset of tasks.
The following sections list the default Roles and their capabilities:
Super Admin
Multisite Super Admins have, by default, all capabilities. The following Multisite-only capabilities are therefore only available to Super Admins:
- create_sites
- delete_sites
- manage_network
- manage_sites
- manage_network_users
- manage_network_plugins
- manage_network_themes
- manage_network_options
- upgrade_network
- setup_network
In the case of single site WordPress installation, Administrators are, in effect, Super Admins. As such, they are the only ones to have access to additional admin capabilities.
Administrator
The capabilities of Administrators differs between single site and Multisite WordPress installations. All administrators have the following capabilities:
- activate_plugins
- delete_others_pages
- delete_others_posts
- delete_pages
- delete_posts
- delete_private_pages
- delete_private_posts
- delete_published_pages
- delete_published_posts
- edit_dashboard
- edit_others_pages
- edit_others_posts
- edit_pages
- edit_posts
- edit_private_pages
- edit_private_posts
- edit_published_pages
- edit_published_posts
- edit_theme_options
- export
- import
- list_users
- manage_categories
- manage_links
- manage_options
- moderate_comments
- promote_users
- publish_pages
- publish_posts
- read_private_pages
- read_private_posts
- read
- create Reusable Blocks
- edit Reusable Blocks
- read Reusable Blocks
- delete Reusable Blocks
- remove_users
- switch_themes
- upload_files
- customize
- delete_site
Additional Admin Capabilities
Only Administrators of single site installations have the following capabilities. In Multisite, only the Super Admin has these abilities:
- update_core
- update_plugins
- update_themes
- install_plugins
- install_themes
- delete_themes
- delete_plugins
- edit_plugins
- edit_themes
- edit_files
- edit_users
- add_users
- create_users
- delete_users
- unfiltered_html
Editor
- delete_others_pages
- delete_others_posts
- delete_pages
- delete_posts
- delete_private_pages
- delete_private_posts
- delete_published_pages
- delete_published_posts
- delete Reusable Blocks
- edit_others_pages
- edit_others_posts
- edit_pages
- edit_posts
- edit_private_pages
- edit_private_posts
- edit_published_pages
- edit_published_posts
- create Reusable Blocks
- edit Reusable Blocks
- manage_categories
- manage_links
- moderate_comments
- publish_pages
- publish_posts
- read
- read_private_pages
- read_private_posts
- unfiltered_html (not with Multisite)
- upload_files
Author
- delete_posts
- delete_published_posts
- edit_posts
- edit_published_posts
- publish_posts
- read
- upload_files
- create Reusable Blocks
- read Reusable Blocks
- edit Reusable Blocks (own)
- delete Reusable Blocks (own)
Contributor
- delete_posts
- edit_posts
- read
- read Reusable Blocks
Subscriber
Special Cases
The following capabilities are special cases:
- unfiltered_upload – This capability is not available to any role by default (including Super Admins). The capability needs to be enabled by defining the following constant:
define( 'ALLOW_UNFILTERED_UPLOADS', true );
With this constant defined, all roles on a single site install can be given the unfiltered_upload capability, but only Super Admins can be given the capability on a Multisite install.
Capability vs. Role Table
Note that the capabilities of Administrators differs between single site and Multisite WordPress installations, as described above .
Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
---|---|---|---|---|---|---|
create_sites | Y | |||||
delete_sites | Y | |||||
manage_network | Y | |||||
manage_sites | Y | |||||
manage_network_users | Y | |||||
manage_network_plugins | Y | |||||
manage_network_themes | Y | |||||
manage_network_options | Y | |||||
upload_plugins | Y | |||||
upload_themes | Y | |||||
upgrade_network | Y | |||||
setup_network | Y | |||||
Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
activate_plugins | Y | Y (single site or enabled by network setting) | ||||
create_users | Y | Y (single site) | ||||
delete_plugins | Y | Y (single site) | ||||
delete_themes | Y | Y (single site) | ||||
delete_users | Y | Y (single site) | ||||
edit_files | Y | Y (single site) | ||||
edit_plugins | Y | Y (single site) | ||||
edit_theme_options | Y | Y | ||||
edit_themes | Y | Y (single site) | ||||
edit_users | Y | Y (single site) | ||||
export | Y | Y | ||||
import | Y | Y | ||||
Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
install_plugins | Y | Y (single site) | ||||
install_themes | Y | Y (single site) | ||||
list_users | Y | Y | ||||
manage_options | Y | Y | ||||
promote_users | Y | Y | ||||
remove_users | Y | Y | ||||
switch_themes | Y | Y | ||||
update_core | Y | Y (single site) | ||||
update_plugins | Y | Y (single site) | ||||
update_themes | Y | Y (single site) | ||||
edit_dashboard | Y | Y | ||||
customize | Y | Y | ||||
delete_site | Y | Y | ||||
Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
moderate_comments | Y | Y | Y | |||
manage_categories | Y | Y | Y | |||
manage_links | Y | Y | Y | |||
edit_others_posts | Y | Y | Y | |||
edit_pages | Y | Y | Y | |||
edit_others_pages | Y | Y | Y | |||
edit_published_pages | Y | Y | Y | |||
publish_pages | Y | Y | Y | |||
delete_pages | Y | Y | Y | |||
delete_others_pages | Y | Y | Y | |||
delete_published_pages | Y | Y | Y | |||
delete_others_posts | Y | Y | Y | |||
delete_private_posts | Y | Y | Y | |||
edit_private_posts | Y | Y | Y | |||
read_private_posts | Y | Y | Y | |||
delete_private_pages | Y | Y | Y | |||
edit_private_pages | Y | Y | Y | |||
read_private_pages | Y | Y | Y | |||
unfiltered_html | Y | Y (single site) | Y (single site) | |||
unfiltered_html | Y | Y | Y | |||
Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
edit_published_posts | Y | Y | Y | Y | ||
upload_files | Y | Y | Y | Y | ||
publish_posts | Y | Y | Y | Y | ||
delete_published_posts | Y | Y | Y | Y | ||
edit_posts | Y | Y | Y | Y | Y | |
delete_posts | Y | Y | Y | Y | Y | |
Capability | Super Admin | Administrator | Editor | Author | Contributor | Subscriber |
read | Y | Y | Y | Y | Y | Y |
Capabilities
switch_themes
- Since 2.0
- Allows access to Administration Screens options:
- Appearance
- Appearance > Themes
edit_themes
- Since 2.0
- Allows access to Appearance > Theme Editor to edit theme files.
edit_theme_options
- Since 3.0
- Allows access to Administration Screens options:
source : https://wordpress.org/support/article/roles-and-capabilities/