問題描述
(主持人的説明:原來的標題是 「自定義用户角色限制」)
我正在開展的項目要求我創建兩個新的用户角色 – 一個用於網站的所有者,另一個用於公司的代理。
使用網站所有者用户角色,我只是想要限制此組中的用户修改核心站點設置,同時可以修改所有其他設置。
下面的代碼似乎對於除用户管理區域之外的所有內容都可以正常工作。我確實希望這個組的用户能夠添加/修改網站用户,但是我遇到的問題是,該組的用户目前有能力在”Administrator” 類別中創建用户,他們也可以刪除現有的”Administrators” 。
我正在尋找的是修改下面的代碼的方法,以便這些用户不能刪除或修改設置為”Administrator” 的用户帳户,並限制用户能夠創建新的管理員帳户。
有人知道如何做到這一點嗎?
// CREATE CUSTOM - SITE OWNER - USER ROLE WITH CUSTOM CAPABILITIES
if (!get_role('website_owner')) {
//let's use the editor as the base capabilities
$caps = get_role('editor')->capabilities;
$caps = array_merge( $caps, array(
'install_plugins' => false,
'activate_plugins' => false,
'update_plugins' => false,
'delete_plugins' => false,
'list_users' => true,
'add_users' => true,
'create_users' => true,
'edit_users' => true,
'delete_users' => true,
'remove_users' => true,
'unfiltered_upload' => true,
'install_themes' => false,
'update_themes' => false,
'delete_themes' => false,
'switch_themes' => false,
'edit_theme_options' => true,
'manage_options' => false,
'import' => false,
'update_core' => false,
'edit_dashboard' => false,
'gravityforms_view_entries' => true,
'gravityforms_edit_entries' => true,
'gravityforms_delete_entries' => true,
'gravityforms_export_entries' => true,
'gravityforms_view_entry_notes' => true,
'gravityforms_edit_entry_notes' => true,
'gravityforms_feed' => true,
)); //adding new capabilities.
// Ref: http://codex.wordpress.org/Roles_and_Capabilities#Capability_vs._Role_Table
add_role( 'website_owner', 'Website Owner', $caps );
}
最佳解決方法
Hi @NetConstructor:
我認為這是你需要的。請注意,我沒有包括'website_owner'角色的完整設置,只是添加了一個名為'manage_administrators'的新功能。
此外,我只是嘗試從任何沒有'manage_administrators'功能的用户 (當然需要添加到管理員角色) 中刪除”Delete” 鏈接,而且我也簡單地刪除了管理員作為角色選項 「添加新用户」 頁面。我沒有試圖確保他們不能通過一些惡意的方法刪除或添加管理員,我沒有禁用允許他們添加或刪除管理員的任何其他功能。也就是説,這可以嗎?
add_action('user_row_actions','yoursite_user_row_actions',10,2);
function yoursite_user_row_actions($actions, $user_object) { // remove the ability to delete an administrator
global $pagenow;
if ($pagenow=='users.php' && isset($user_object->caps['administrator']) && !current_user_can('manage_administrators'))
unset($actions['edit']);
unset($actions['delete']);
return $actions;
}
add_action('editable_roles','yoursite_editable_roles');
function yoursite_editable_roles($all_roles) { // remove the ability to add an administrator
global $pagenow;
if (in_array($pagenow,array('user-edit.php','user-new.php')) &&
!current_user_can('manage_administrators'))
unset($all_roles['administrator']);
return $all_roles;
}
add_action('admin_init','yoursite_admin_init');
function yoursite_admin_init() {
$wp_roles = new WP_Roles();
$wp_roles->use_db = true;
$administrator = $wp_roles->get_role('administrator');
if (!$administrator->has_cap('manage_administrators'))
$wp_roles->add_cap('administrator','manage_administrators');
$website_owner = $wp_roles->get_role('website_owner');
if (!$website_owner) {
//let's use the editor as the base capabilities
$caps = get_role('editor')->capabilities;
$caps = array_merge( $caps, array(
'install_plugins' => false,
'activate_plugins' => false,
'update_plugins' => false,
'delete_plugins' => false,
'list_users' => true,
'add_users' => true,
'create_users' => true,
'edit_users' => true,
'delete_users' => true,
'remove_users' => true,
'unfiltered_upload' => true,
'install_themes' => false,
'update_themes' => false,
'delete_themes' => false,
'switch_themes' => false,
'edit_theme_options' => true,
'manage_options' => false,
'import' => false,
'update_core' => false,
'edit_dashboard' => false,
'gravityforms_view_entries' => true,
'gravityforms_edit_entries' => true,
'gravityforms_delete_entries' => true,
'gravityforms_export_entries' => true,
'gravityforms_view_entry_notes' => true,
'gravityforms_edit_entry_notes' => true,
'gravityforms_feed' => true,
'manage_administrators' => false,
));
$wp_roles->add_role('website_owner','Website Owner',$caps);
}
}
參考文獻
注:本文內容整合自 Google/Baidu/Bing 輔助翻譯的英文資料結果。如果您對結果不滿意,可以加入我們改善翻譯效果:薇曉朵技術論壇。