What is the Edit Posts Permission in WordPress?
The goal of PublishPress is to provide professional publishing tools for WordPress.
When larger, professional organizations start to use PublishPress, a lot of their questions revolve around permissions.
Permissions questions do not have easy answers in WordPress. The permissions system in WordPress can be confusing.
One example of this confusion is the “Edit Posts” permission. This single permission can control access to most key writing features in WordPress.
For example, if you don't have the Edit Posts permission, you won't be able to access the “Posts” area of WordPress at all. Also, if you don't have the Edit Posts permission, you won't be able to create new Posts or upload new media.
This isn't the only confusingly named capability in WordPress. Check out the “read” permission for another example and the moderate_comments capability.
How to see the edit_posts permission in action
Let's start exploring the Edit Posts permission. We'll start by looking at a group of users who do not have the Edit Posts permission: Subscribers.
This image below shows what people in the Subscriber role will see when they log in to WordPress. They are able to edit their profile, but that’s it. They have zero access to the Posts screen.
How to change who has the edit_posts permission
However, let's see what changes if we get the Edit posts permission to Subscribers. In this image below, I'm using the PublishPress Capabilities plugin to control access.
This next screenshot below shows a user that does have the “Edit Posts” permission. This user has access to the “Posts” screen and also the “Comments” screen. Oddly, they also have access to the “Tools” screen, even though it is blank. You'll notice that this user does not have editing access to other people's Posts, but they can see all of them. There is no separate permission that controls viewing Posts in the WordPress admin area.
Any user with the “Edit Posts” permission also has access to the “Add New” button. This means that they can write new posts, although they can only send them to the “Pending Review” status.
Now we finally get to reason behind the “Edit Posts” name. Yes, a user with this permission can edit their own posts. However, remember that they have no ability to edit anyone else's posts.
Also, in the Comments area, a user with the Edit Posts permission can view but can not edit any comments.
Editing media with the edit_posts permission
Users with the “Edit Posts” permission can write new Posts, but they can not upload or access images. If you want to give Media access, you need to give users the “upload_files” permission. Technically, in WordPress, this is because Media are Posts. Every media item uploaded to WordPress gets a Post ID.
Similar permissions for other content types
It's worth noting that the Edit Posts permission does not cover any other post types. However, there are almost identical permissions for other post types.
For example, the “Edit Pages” permission performs the same role for Pages. A post type called “Projects” will have a permission called edit_projects.
Technical details for the edit_posts permission
There are some very brief details on the WordPress codex, but if you want to dive into the technical side of the Edit Post permissions, watch for a followup post coming soon.
Summary of the edit_posts permission
Yes, the the Edit Posts permission is strangely named.
The Edit Posts permission gives WordPress users access to far more than the ability to edit posts. The Edit Posts permission grants access to all these features:
- Accessing the Posts screen.
- Creating new Posts.
- Editing your own Posts.
- Uploading and editing Media.
- Accessing the Comments screen.
- Accessing the Tools screen (although it's useless).
The WordPress permissions model does allow for separate control of post creation and post update capabilities: check out our guide to the create_posts permission.
As you can see, access to a lot of WordPress features is controlled by this single permission.
Hey steve, thanks for sharing this method. I was facing issues because people who contributed to the blog were not able to get edit permissions. It helped me… Thanks keep it up…
After posts are submitted by users, I can allow them to edit their post if I give them the “contributor” permit from Word Press. However, once they got this permit, they can edit freely without approval needed. This can pose a security problem for my website. Please help, so that I can allow users to edit their post, yet that edited post must be re-approved again.
Hi Hoang. You can do that with the Revisionary plugin https://publishpress.com/revisionary/
how to allow editing media of all other users? my editor can only see media he uploaded…
Hi Ivan. We have guides for media permissions here:
https://publishpress.com/knowledge-base/control-media-library-access/
https://publishpress.com/knowledge-base/permissions-media-files/