[wp-hackers] User Capabilities

Owen Winkler ringmaster at midnightcircus.com
Fri Jul 1 15:37:40 GMT 2005

Ryan Boren wrote:
> A more useful and understandable model would be to limit roles to
> categories.  A user would have a role and a list of categories to which
> that role's post edit/create/publish capabilities would apply.  A
> Managing Editor, for example, would have capabilities on all categories,
> whereas a Copy Editor might have capabilities on only one or two
> categories.  So, a Managing Editor could edit any user's posts and a
> Copy Editor could edit other users' posts only within a set of
> categories.

Are category permissions something you would consider for the core? 
Some sites don't use categories, and with the recent focus on 
keywords/tags, this might become more prevalent.  Of course, using 
categories this way might shift thinking toward using categories 
primarily for security, and keyword plugins instead of traditional 

What are your thoughts on plugin access to these permissions?  Will the 
permission structure allow for:

if( apply_filters('perm_edit_posts', current_user_can('edit_posts'), 
$post->ID) ) {...}

Or will filters only be applied in advance?  The difference being that 
filters applied as above might allow plugins to grant/deny editing 
permissions to individual posts based on custom criteria, whereas a 
up-front filter would not.

Just a thought.


More information about the wp-hackers mailing list