问题描述
(主持人的说明:原来的标题是 「自定义用户角色限制」)
我正在开展的项目要求我创建两个新的用户角色 – 一个用于网站的所有者,另一个用于公司的代理。
使用网站所有者用户角色,我只是想要限制此组中的用户修改核心站点设置,同时可以修改所有其他设置。
下面的代码似乎对于除用户管理区域之外的所有内容都可以正常工作。我确实希望这个组的用户能够添加/修改网站用户,但是我遇到的问题是,该组的用户目前有能力在”Administrator” 类别中创建用户,他们也可以删除现有的”Administrators” 。
我正在寻找的是修改下面的代码的方法,以便这些用户不能删除或修改设置为”Administrator” 的用户帐户,并限制用户能够创建新的管理员帐户。
有人知道如何做到这一点吗?
// CREATE CUSTOM - SITE OWNER - USER ROLE WITH CUSTOM CAPABILITIES
if (!get_role('website_owner')) {
//let's use the editor as the base capabilities
$caps = get_role('editor')->capabilities;
$caps = array_merge( $caps, array(
'install_plugins' => false,
'activate_plugins' => false,
'update_plugins' => false,
'delete_plugins' => false,
'list_users' => true,
'add_users' => true,
'create_users' => true,
'edit_users' => true,
'delete_users' => true,
'remove_users' => true,
'unfiltered_upload' => true,
'install_themes' => false,
'update_themes' => false,
'delete_themes' => false,
'switch_themes' => false,
'edit_theme_options' => true,
'manage_options' => false,
'import' => false,
'update_core' => false,
'edit_dashboard' => false,
'gravityforms_view_entries' => true,
'gravityforms_edit_entries' => true,
'gravityforms_delete_entries' => true,
'gravityforms_export_entries' => true,
'gravityforms_view_entry_notes' => true,
'gravityforms_edit_entry_notes' => true,
'gravityforms_feed' => true,
)); //adding new capabilities.
// Ref: http://codex.wordpress.org/Roles_and_Capabilities#Capability_vs._Role_Table
add_role( 'website_owner', 'Website Owner', $caps );
}
最佳解决方法
Hi @NetConstructor:
我认为这是你需要的。请注意,我没有包括'website_owner'角色的完整设置,只是添加了一个名为'manage_administrators'的新功能。
此外,我只是尝试从任何没有'manage_administrators'功能的用户 (当然需要添加到管理员角色) 中删除”Delete” 链接,而且我也简单地删除了管理员作为角色选项 「添加新用户」 页面。我没有试图确保他们不能通过一些恶意的方法删除或添加管理员,我没有禁用允许他们添加或删除管理员的任何其他功能。也就是说,这可以吗?
add_action('user_row_actions','yoursite_user_row_actions',10,2);
function yoursite_user_row_actions($actions, $user_object) { // remove the ability to delete an administrator
global $pagenow;
if ($pagenow=='users.php' && isset($user_object->caps['administrator']) && !current_user_can('manage_administrators'))
unset($actions['edit']);
unset($actions['delete']);
return $actions;
}
add_action('editable_roles','yoursite_editable_roles');
function yoursite_editable_roles($all_roles) { // remove the ability to add an administrator
global $pagenow;
if (in_array($pagenow,array('user-edit.php','user-new.php')) &&
!current_user_can('manage_administrators'))
unset($all_roles['administrator']);
return $all_roles;
}
add_action('admin_init','yoursite_admin_init');
function yoursite_admin_init() {
$wp_roles = new WP_Roles();
$wp_roles->use_db = true;
$administrator = $wp_roles->get_role('administrator');
if (!$administrator->has_cap('manage_administrators'))
$wp_roles->add_cap('administrator','manage_administrators');
$website_owner = $wp_roles->get_role('website_owner');
if (!$website_owner) {
//let's use the editor as the base capabilities
$caps = get_role('editor')->capabilities;
$caps = array_merge( $caps, array(
'install_plugins' => false,
'activate_plugins' => false,
'update_plugins' => false,
'delete_plugins' => false,
'list_users' => true,
'add_users' => true,
'create_users' => true,
'edit_users' => true,
'delete_users' => true,
'remove_users' => true,
'unfiltered_upload' => true,
'install_themes' => false,
'update_themes' => false,
'delete_themes' => false,
'switch_themes' => false,
'edit_theme_options' => true,
'manage_options' => false,
'import' => false,
'update_core' => false,
'edit_dashboard' => false,
'gravityforms_view_entries' => true,
'gravityforms_edit_entries' => true,
'gravityforms_delete_entries' => true,
'gravityforms_export_entries' => true,
'gravityforms_view_entry_notes' => true,
'gravityforms_edit_entry_notes' => true,
'gravityforms_feed' => true,
'manage_administrators' => false,
));
$wp_roles->add_role('website_owner','Website Owner',$caps);
}
}
参考文献
注:本文内容整合自 Google/Baidu/Bing 辅助翻译的英文资料结果。如果您对结果不满意,可以加入我们改善翻译效果:薇晓朵技术论坛。