Fetch a filtered list of user roles that the current user is allowed to edit.
get_editable_roles()
is a simple function whose main purpose is to allow filtering of the list of roles in the global $wp_roles object. Plugins can hook this filter to remove inappropriate roles depending on the situation or user making edits. Specifically because without filtering anyone with the edit_users capability can edit others to be administrators, even if they themselves are only editors or authors. This is mitigated by the fact that normally only administrators have the edit_users capability.
Which roles a user can assign are determined by passing all roles through the editable_roles
filter. The filter and function allow administrators to delegate user management.
<?php $roles = get_editable_roles() ?>
array('name'=>'...', 'capabilities'=>array('read'=>true, ...))
.
Currently, you can assign the following roles:
<dl>
<?php foreach (get_editable_roles() as $role_name => $role_info): ?>
<dt><?php echo $role_name ?></dt>
<dd>
<ul>
<?php foreach ($role_info['capabilities'] as $capability => $_): ?>
<li><?php echo $capability ?></li>
<?php endforeach; ?>
</ul>
</dd>
<?php endforeach; ?>
</dl>
The file that defines this function (wp-admin/includes/user.php) is only loaded in the admin sections.
Since Version 2.8
get_editable_roles()
is defined in wp-admin/includes/user.php
.