O WordPress permite que você adicione facilmente novos usuários ao seu site. Dependendo da função e das permissões que você atribuir a eles, esses usuários poderão trabalhar no seu site.
Muitos usuários novos do WordPress não estão cientes dessas funções e permissões de usuário. Já os vimos conceder a estranhos acesso total de administrador aos sites de suas empresas, comprometendo dados confidenciais de clientes e negócios.
Neste artigo, explicaremos detalhadamente as funções e permissões de usuário do WordPress e ensinaremos qual função de usuário deve ser atribuída ao adicionar novos usuários.
O que são funções e permissões de usuário no WordPress?
O uso correto das funções e permissões de usuário do WordPress oferece controle total sobre o seu site WordPress e pode ajudar a aumentar a segurança do site.
O WordPress permite que você adicione vários usuários ao seu site. Também é possível abrir um registro de usuário em seu site para que outros usuários possam se inscrever.
Ao adicionar um novo usuário ao seu site, você pode escolher uma função de usuário para ele. Também é possível definir uma função de usuário padrão para o seu site, que será automaticamente atribuída aos novos usuários que se inscreverem para uma conta.
Cada função de usuário inclui recursos específicos, ou permissões, que definem as ações que um usuário pode realizar em seu site.
Há cinco funções de usuário padrão disponíveis no WordPress:
- Administrador
- Editor
- Autor
- Colaborador
- Assinante
Você pode ver uma comparação visual completa entre cada função de usuário no infográfico abaixo:
Como alternativa, você pode ler o resumo de cada função de usuário e seus recursos e permissões abaixo.
1. Função de administrador
Em um site normal do WordPress, a função de administrador é a função de usuário mais poderosa. Os usuários com a função de administrador podem adicionar novas postagens, editar postagens de qualquer usuário e excluir essas postagens.
Além disso, eles podem instalar, editar e excluir plug-ins e temas.
Mais importante ainda, os usuários administradores podem adicionar e excluir usuários e alterar informações sobre os usuários existentes, inclusive suas senhas.
Essa função é reservada para proprietários de sites e lhe dá controle total do seu site WordPress.
Se estiver executando um site WordPress com vários usuários, é preciso ter muito cuidado ao atribuir a função de usuário administrador.
Posso compartilhar o acesso de administrador com um desenvolvedor?
De acordo com nossa experiência, criar um site de teste na mesma conta de hospedagem é um pouco mais seguro. Ele permite que os desenvolvedores tenham o mesmo ambiente de hospedagem na Web para testar seu código, mas sem o direito de publicar nada em seu site ativo.
Como alternativa, você pode compartilhar um site vazio na mesma conta de hospedagem com os desenvolvedores para que eles trabalhem nele. Dessa forma, eles não terão acesso aos dados armazenados em seu site.
Para obter mais informações, consulte nosso artigo sobre compartilhamento de acesso de administrador com desenvolvedores de plugins.
2. Função de editor
Os usuários com a função de editor no WordPress têm controle total sobre as seções de conteúdo do seu site.
Eles podem adicionar, editar, publicar e excluir qualquer postagem no site, inclusive as escritas por outras pessoas. Um editor também pode moderar, editar e excluir comentários.
Os editores não podem alterar as configurações do seu site, instalar plug-ins e temas ou adicionar novos usuários.
3. Função do autor
Os usuários com a função de autor podem escrever, editar e publicar suas próprias postagens. Eles também podem excluir suas próprias postagens, mesmo que já tenham sido publicadas.
Os autores não podem criar novas categorias ao escrever posts, mas podem escolher entre as existentes e adicionar tags aos seus posts.
Os autores podem visualizar os comentários, mesmo os que estão pendentes de revisão, mas não podem moderar, aprovar ou excluir nenhum comentário.
Eles não têm acesso a configurações, plug-ins ou temas do site, portanto, é uma função de usuário de risco relativamente baixo. A única exceção é a capacidade de excluir suas próprias postagens publicadas.
4. Função de colaborador
Os usuários com a função de colaborador podem adicionar novas mensagens e editar suas mensagens, mas não podem publicar nenhuma mensagem.
Ao escrever posts, eles podem escolher entre as categorias existentes e criar suas tags.
A desvantagem mais significativa da função de colaborador é que eles não podem fazer upload de arquivos, portanto, não podem adicionar imagens às suas postagens.
Os colaboradores também podem visualizar todos os comentários do site, mas não podem aprovar ou excluir comentários.
Por fim, eles não têm acesso às configurações, plug-ins ou temas do site, portanto, não podem alterar nenhuma configuração em seu site.
5. Função de assinante
Os usuários com a função de assinante podem fazer login no seu site WordPress, atualizar seus perfis de usuário e alterar suas senhas.
Eles não podem escrever posts, ver comentários ou fazer qualquer outra coisa na área de administração do WordPress.
Essa função de usuário é particularmente útil se você tiver um site de associação, uma loja on-line ou outro site em que os usuários possam se registrar e fazer login.
Se você quiser criar uma experiência de login personalizada para seus visitantes, consulte nosso guia sobre como adicionar uma página de login de front-end e widgets no WordPress.
Bônus: função de superadministrador
Essa função de usuário só está disponível em uma rede WordPress com vários sites.
Os usuários com a função de usuário superadministrador podem adicionar e excluir sites em uma rede multissite. Eles também podem instalar plug-ins e temas, adicionar usuários e executar ações em toda a rede em uma configuração de vários sites do WordPress.
Pense nisso como ter acesso de administrador a todos os sites da rede.
Como personalizar funções e permissões de usuários existentes no WordPress
As funções de usuário padrão do WordPress têm recursos que funcionam para a maioria dos sites e blogs do WordPress.
Por exemplo, se você administra um site de revista, a função “Editor” pode ser atribuída à equipe sênior, a função de usuário “Autor” pode ser atribuída a redatores juniores e a função “Colaborador” pode ser atribuída a redatores convidados.
Mas, às vezes, você pode querer personalizar as permissões e os recursos atribuídos à função para atender às necessidades específicas do seu site.
Assim como a função de autor padrão, que permite que os usuários publiquem suas postagens e também lhes dá a capacidade de excluir as postagens publicadas, talvez você queira remover o recurso que permite que os autores excluam suas postagens nesse caso.
Há alguns plug-ins que adicionam funções específicas ao seu site, como um plug-in de função de usuário moderador de comentários.
No entanto, a maneira mais fácil de personalizar as funções de usuário do WordPress é usar o plug-in Members. Ele permite criar, gerenciar e alterar as funções de usuário em seu site.
A primeira coisa que você precisa fazer é ativar e instalar o plug-in. Para obter mais detalhes, consulte nosso guia passo a passo sobre como instalar um plug-in do WordPress.
Após a ativação, você terá um novo item de menu chamado “Membros” no painel de administração do WordPress.
Você precisa ir para Members ” Roles e clicar na função de usuário que deseja editar.
Neste exemplo, editaremos a função “Autor”, mas você pode escolher a melhor função para suas necessidades.
Isso o leva a uma tela em que é possível personalizar totalmente os recursos dessa função.
Para remover um recurso da função, marque a caixa “Negar”. Se você quiser adicionar um novo recurso, marque a caixa “Grant” (Conceder).
Aqui, marcaremos a caixa “Deny” (Negar) para o recurso de usuário Delete Posts (Excluir publicações).
Se você não marcar uma caixa para uma função disponível, o usuário não terá esse recurso.
Quando terminar de personalizar sua função, clique no botão “Update” (Atualizar).
As alterações feitas serão aplicadas automaticamente a todos os usuários existentes com essa função e a todos os novos usuários aos quais a função for atribuída.
Como criar funções de usuário personalizadas no WordPress
Outra coisa que você pode fazer é criar funções de usuário totalmente personalizadas no WordPress com conjuntos exclusivos de recursos.
Para fazer isso, você usará o mesmo plug-in acima.
Basta navegar até Membros ” Adicionar nova função e dar um nome à sua nova função.
Por exemplo, você pode criar uma função de desenvolvedor que pode ser atribuída a um desenvolvedor do WordPress com permissões específicas concedidas.
A coluna da esquerda tem diferentes seções que contêm listas de recursos disponíveis. Selecionaremos a guia “Appearance” e adicionaremos recursos para editar, instalar e atualizar temas.
Depois disso, clique no botão “Add Role” (Adicionar função) para salvar a função do usuário.
Em seguida, você pode criar um novo usuário e atribuir a ele a nova função de usuário.
Para fazer isso, vá para Usuários ” Adicionar novo e preencha as informações do novo usuário.
Na parte inferior da tela, você verá a seção “User Roles” (Funções do usuário).
Agora, você pode marcar as caixas das funções de usuário que deseja atribuir ao novo usuário e, em seguida, clicar no botão “Add New User” (Adicionar novo usuário).
Agora, você criou uma nova função de usuário personalizada do WordPress e a atribuiu a um novo usuário.
Para obter mais detalhes, consulte nosso guia sobre como adicionar novos usuários e autores ao WordPress.
Se quiser criar uma função de usuário do WordPress que seja apenas para moderar comentários, consulte nosso guia sobre como permitir que os usuários do blog moderem comentários no WordPress.
Esperamos que este artigo o tenha ajudado a entender as funções e permissões dos usuários. Talvez você também queira consultar nosso guia sobre como impedir que os autores excluam postagens ou dar uma olhada em nosso tutorial sobre como limitar os autores às suas próprias postagens.
Se você gostou deste artigo, inscreva-se em nosso canal do YouTube para receber tutoriais em vídeo sobre o WordPress. Você também pode nos encontrar no Twitter e no Facebook.
Tammy
What role is suggested if you want someone to be able to view/download the analytics of a woocommerce site but not be able to change and/or update the content of the site otherwise? Do the basic roles cover that or is that a custom role?
WPBeginner Support
You would likely need to create a custom role for that functionality
Administrador
LDB
Why do all articles on user permissions for WordPress never talk about what can be done with ‘pages’?. Seems like such a glaring omission from these articles. Am I missing something? Why do no articles not give info about permission related to building and editing pages?
WPBeginner Support
If you take a look at the infographic we cover which roles can modify pages
Administrador
Traci
I am building a website in wordpress for a company. They want a dedicated page for sales or specials but they want to be the one’s handling updating that page each week. Can I give them permission only to post pictures and write add information for the sale items?
WPBeginner Support
It sounds like you would want to set them as the author role and set them as the author of that page.
Administrador
Harish
Is there any limitation for user roles count?
WPBeginner Support
No, but you would want to ensure you are not adding roles for every user normally as multiple users can use the same role.
Administrador
Maame
Hi,
Is it possible to customize the role of a shop manager? I would like to make some features accessible to them
WPBeginner Support
Yes, we cover the default roles in this guide but more roles can be added or modified
Administrador
DannyO
Great writeup. Very close to what I was searching for.
Mine is a bit different,
I have a custom made plugin which I want to assign someone to manage the role. He needs to be entering data on a daily basis in dashboard of this custom plugin. But under the Type-Specific Capabilities, I dont see the name of this plugin. How can I achieve this then, when I cant see the custom plugin name?
WPBeginner Support
You would want to reach out to the plugin’s creator for what permissions are required to be able to use your plugin.
Administrador
Katherine
Hi! I work for a site and I’m was assigned Editor. But for some reason, I can’t delete drafts, published articles, or media from Gallery that aren’t mine. The Trash/Delete option just isn’t anywhere on-screen. Is there anything I can do?
WPBeginner Support
You would want to reach out to the admin of the site to ensure there haven’t been any changes to the permissions for your role.
Administrador
luka sheklashvili
Hi,
We have a website where is possible to buy food
We have customers and also we have accountant
which premmision will be best for accountant to do his/her work
we are using woocomerce platforme of ecomerce
WPBeginner Support
You would want to take a look at the default WooCommerce roles added and you can add or modify the role depending on the access you want to give.
Administrador
Kshitij Gajam
Hi,
Thanks for the great article! it is neatly structured and presented.
I would like to know is it possible to restrict access up to 3 blogs for users who dont subscribe to the website. Only after subscribing they get full access. If yes, how can I do it? Is there a plug in or I have to code?
WPBeginner Support
For what you’re looking for, you would want to take a look at membership plugins below and you would need to reach out to the support for what you’re wanting to use for if they have that available.
https://www.wpbeginner.com/plugins/5-best-wordpress-membership-plugins-compared/
Administrador
Felicia Kay
I have recently started a new job with a local law firm and we have purchased a form building tool for our WordPress site. My role permissions have been set to Editor, am I able to access it as an editor to build the new form(s) we need?
WPBeginner Support
It would depend on the specific plugin. If you reach out to the plugin’s support they should let you know what permissions are needed for using the plugin
Administrador
lynda
I have been a WordPress user for many years and decided several months ago to combine two blogs. At that time I added the user name of the other blog as a user on my primary blog. Now that second user appears as the author of posts. It appears as the writer of replies to comments. How do I change this?
WPBeginner Support
If you do not want your additional user to be on the site you can delete that user and attribute all of their content to your a different user
Administrador
Maude
Hi, do you know if there is a way to create a user who will have access to everything, but can edit nothing. I want to show someone how my website is built so we can talk about it, but I want to be sure he can’t mess anything up.
WPBeginner Support
That would heavily depend on your site and the plugins you are using, you may want to send screenshots or share screens for what you are wanting.
Administrador
Jerusha
Hi, I have just started my blog. And installed a new theme. My site is not even live yet … it still had the ‘coming soon” page, however today I discovered I have 308 subscribers under the ‘user’s title on my dashboard… how is that possible?
WPBeginner Support
Your site may be allowing user registration, for more on that you would want to take a look at our article here:
https://www.wpbeginner.com/beginners-guide/how-to-allow-user-registration-on-your-wordpress-site/
Administrador
Imran
And what if a disgruntled author goes to “edit” her post and then removes all the content and then click on “update” button.
This would be a rare case but possible even if you disallow her to “delete published” posts.
WPBeginner Support
If you are concerned about that, you could disable the ability to edit published posts
Administrador
Segun Wonda
Hello, thank you for this great article.
I have a question please.
After modifying my author role to stop author from deleting their own post with this plugin, will the modification still be active when I disable or delete the plugin?
WPBeginner Support
Yes, your changes should still be active when you remove the plugin.
Administrador
sam thandi
i was searching for one of your articles in which you showed how to create user like Editorial Staff can you please give me link to that article. thanks
WPBeginner Support
It would depend on what you mean. If you’re wanting more editorial options you could take a look at our article here: https://www.wpbeginner.com/plugins/how-to-improve-your-editorial-workflow-in-multi-author-wordpress-blogs/
If you wanted to hide the author’s name we have our article here:
https://www.wpbeginner.com/wp-themes/how-to-remove-author-name-from-wordpress-posts/
Administrador
Pablo
I can see that there are more user categories now, in addition to the 5 mentioned here. Participant, Moderator, Spectator… Cant see the permissions for these! Any ideas where to find them?
WPBeginner Support
If you have other plugins that add user roles those would likely be why you have the extra roles
Administrador
Infoneter
Nice and useful information. thanks
WPBeginner Support
You’re welcome
Administrador
Kirk Bullen
Great post.. And great site. It’s my ‘Go To’ site, for everything I need, and have learnt so much.
What I want to do, is create a Movie Mod User. So that they can Add Movies/Shows. But I don’t want to give all Admin permissions. They would only require to use the Plugin used to add these Movies/Shows. All it.would require them to do, is use the Import Movie/Show. Then once added, have the ability to edit the Movie/Show. So that they can add the Movie/Show Collection/Genre.
Is there a plugin available that you know of, that gives permissions to use selected Plugin Admin abilities? I have tried Editor User. But it doesnt show the ‘Import’ option.
Any advise is greatly appreciated.
WPBeginner Support
It would depend on what you are using to import the movies, if it is a plugin you should be able to reach out to the plugin’s support for what permission is required to import the movie/show.
Administrador
Steveo
Users >> Capabilities does not exist. Got another idea?
WPBeginner Support
You may want to ensure that the plugin was activated successfully on your site.
Administrador
sultan haider
I have school chains in multiple cities and i want to each school have
their login and password and add students in own schools records and
admin have access all schools records.
Its possible with wordpress or not.
WPBeginner Support
It is possible but you would likely need to have a custom plugin created to do something that specific.
Administrador
Tony
Suggest you use multisite capability, each school can have their own subdomain.
Emzee
How to check what permissions I have as a user on wordpress site please? Sorry am a beginner?
WPBeginner Support
Hi Emzee,
Using the capability manage enhanced you can see what permissions a user has on your site.
Administrador
shubhangi
Great post now i can ad more author without confusion thanks friend
Mithilesh Yadav
How to send notification mail by Guest User in Wordpress
Marianne
Good day!
Thanks for the explanation. I was wondering is there also a date stamp when the user has registered?
regards,
Kagan
i am using wholesale plugin. we want open manuel order from order woocommerce dashboard
But when i add product wholesale prices are not shown. is it possible to make this wtih user roles plugins. if so which one should we use
thank you
chintan
Hi i want make a two type of login page first is customer and second is Service provider (like a amazon seller).
service provider uplode it’s services , and it can edit it’s services.
how i do that?
beth
Hi. I created some new users but they have yet to receive their email notification. How long does it take for that to be generated?
LaVonne Carlson
Is it possible to setup a user with permission to edit only a particular page? I’m running a website for a Boy Scout troop, and I want the boys to be able to upload and rearrange photos on the gallery page, but not make any other changes to the site.
Gulfam
I’ve also problem related to your question, want to allow user only on specific plugin and page to post things.
Fahad Rafiq
How can we remove underscore from users name in wordpress users tab?
Like if name entered is First Second, it will appears as First_Second.
Any fix.?
John
Whenever my writers try to past an iframe into their stories it vanishes when saving. From a little bit of testing this occurs up to Editor level which also gives publishing ability — which I don’t want them to have.
I’ve got both adminimize and user role editor installed. Staff writers have a custom user role editor setting of Staff Writers.
How can I overcome this limitation on inserting iframes?
Thank you
WPBeginner Support
Hey John,
The capability to add iframes is part of unfiltered_html capability. However, allowing user roles the ability to add unfiltered html is too risky and not recommended. You should look for other ways to manage this. For example, if this iframe embed is from a third party service provider, they they might already have a WordPress plugin.
Administrador
John
Thank you. Ordinarily I would agree. But these are inhouse writers who need this capability. The most common is Facebook video embeds getting the iframe from Embedded Video & Live Video Player.
We also embed YouTube and other video in the body of the stories often and this explains why the html table that has been prepared for them to use by simply replacing the URL doesn’t work.
The rest of what the different level of access – editor, copy editor, photo editor, contributor, and staff writer can see and access is regulated using adminimize and user role editor.
What is the risk of giving unfiltered html access to inhouse staff?
Thank you
WPBeginner Support
Hey John,
With unfiltered html capability, users will have the ability to add malicious code which could get executed as soon as the post content is saved.
John
Ok. Thank you. That won’t be an issue in this instance. But very useful to know.
Akhil
Is it possible to delete a post by another author.?
WPBeginner Support
Hey Akhil,
If you are an administrator or editor on that site, then yes you can delete posts created by another author.
Administrador
Jake
I am not getting a lot of “email subscribers” via the subscribe widget to my blog but I do receive a lot of “New user registration” notifications from WP of people that are set up as their user role as “subscribers” and so my WP admin has a list of these people and their email addresses.
As far as I can tell, when I create a new post, no one with the user role “Subscriber” is being notified. Why else does WP give me their email address if not to notify them? Perhaps I am doing something wrong? How do I notify the hundreds and hundreds of people in this list?
WPBeginner Support
Hi Jake,
Please see our guide on how to add email subscriptions to your WordPress blog.
Administrador
Imtiaz Ahmed
hi, I have many Editors on my website, how I can strict, I mean editors are not able to edit Admin post. I want this on my website
Regards:
Imtiaz Ahmed
WPBeginner Support
Hey Imtiaz,
The editor user role gives users permission to edit any posts. You should change their user role to author or contributor. You can also edit permissions of a user role or create new user roles using plugins.
Administrador
Gary Wicks
I have a question if I have 300 subscribers what does that mean? Does it mean people subscribed to make a comment? I have no idea where these came from as I only have a few actual comments posted. Does this mean they were all spammers that Akismet software rejected? So the comments did not show but they are all in my users list as subscribers to make comments?
Or is this rss feed or what is it?
Steve Root
The role attribute selection on my theme has both an Allow and a Deny column. If a particular attribute is only enabled when checked what is the purpose of the Deny column (twenty-sixteen)?
deppak
Hi there,
Great post!
I created a custom role cloning the “administrator”, is it possible for administrators to change between the two? I can see the administrator can change all others’ role, but can it change its own through the back-end dashboard/menu?
Thanks!
Anne Cohen
Hi. Thank you for the post! Very helpful, but one more question….
Can Contributor writers DELETE their articles when they’re published?
What about when they’re pending?
Let’s say they had a change of heart? I just noticed a contributor alter an article that I was already editing/pending. I didn’t think that was possible.
Abhiney
Hi,
I am facing issues with the user creation. I am looking to create an editor for my website but despite deactivating all plugins, changing passwords etc,for the new user – when I try to login in through the ‘New User’ credentials it says – “Sorry, you are not allowed to access this page.”
Can you please help.
Debbie N.
Can I give permission to use a backup plugin but not other plugins? I see you can add more capabilities but I can’t figure out how to set it up for that. Thanks for any help.
Obed Aikins
Hi, nice post, very useful. i’m a college student developing a site for publishing hostels information and also book into it using wordpress. i want to create custom agent/landlord roles in WP. please help
Stuart
Users with the subscriber user role can login to your WordPress site and update their user profiles. They can change their passwords if they want to. They cannot write posts, view comments, or do anything else inside your WordPress admin area.
This user role is particularly useful if you require users to login before they can read a post or leave a comment.
I don’t understand this. So if a subscriber is logged in can they or can’t they comment on a post?
WPBeginner Support
Yes they can comment on a post.
Administrador
Alan Jordan
This was really helpful. Thank you.
Jez Butler
Great descriptions – thanks! Is there any way to set an Administrator role for individual sites on a multisite install? TIA, Jez
deepak
hi
i am collage student and i make the website on school on wordpress so i want to create the dynamic menus that was static.
how can we do?
dbutler
Please you clarify your question.
denarius
Hi Deepak,
I would like to help you. What do you mean by “create the dynamic menus that was static”? Please clarify your question.
Thanks
Mike Mullin
Can you customize the Admin role (I’d live to remove some of the capabilities like adding/removing Users) within the standard WP install or do you need a plugin like this?
Amruta
Hi,
I wants to upload video in my Website but the video size is 102 MB,
And i don’t want to show that suggestion video which shows after end the video, like You tube.
Is you have any idea about the Plugin or Site so i can link my video in website ?
Thank You
Susan
Could you change the Editors role to add/edit users. The permissions to the Admin role can be overwhelming.
WPBeginner Support
Yes you can do that.
Administrador
olivia
Is it worth mentioning that the Author Role can’t create/edit/delete Pages?
rcanu
Yeah I think that will be helpful! It will also be helpful if we can enumerate page levels of access for other page roles.
Blair Jersyer
Hi,
You wrote two time “5” in role list.
Nice post anyway.
WPBeginner Support
Thanks for notifying us. We have fixed the mistake.
Administrador