What is the upload_files permission in WordPress?
The “upload_files” capability is one of the most important in WordPress.
If users don’t have the “upload_files” capability, they completely lose access to the Media Library. They can’t upload files or even browse media on your site.
If users do not have the “upload_files” capability, this image below shows what they will see when they use an image block in Gutenberg. They will see the message, “Upload an image file, pick one from your media library, or add one with a URL.” However, the only option available will be “Insert from URL”.
In contrast, this next image shows what a user with the upload_files capability will see. They will see the same text and the “Insert from URL” link. However, they will also see the “Upload” button and the “Media Library” link.
Also, users without the upload_files capability will not have access to the “Media” link in the WordPress admin menu. In this image below, you can see the the “Media” menu link is missing.
How to control the upload_files permission
If you use the PublishPress Capabilities plugin, you can enable or disable this capability for each user role.
- Go to “Capabilities” in your WordPress admin menu.
- In the top-left corner of the screen, load the user role that you want to customize. In this image below, I’ve chosen the “Editor” role:
In the center of the screen, you can now set the permissions. If you want to allow people in the Editor role to create posts, click the ‘Media” tab and then the “upload files” box:
If you want more on access the Media Library in WordPress, check out the tutorial, “Which WordPress Users Can Delete Files From the Media Library?” You may also find this helpful: “How to Control Featured Image Permissions in WordPress“.
Join PublishPress and power up your WordPress site
Join PublishPress today and you'll get powerful publishing and permissions plugins to improve your WordPress site.