Understanding default capabilities
You can find over 50 built-in capabilities in the WordPress default database. Most of these capabilities are focused on providing permissions related to website or blog creation. Therefore, it's a must to create our own capabilities in developing web applications. If you are curious to learn, you can look at the wp_user_roles option inside the wp_options table for all the available user roles and their capabilities. You can use any MySQL GUI client or phpMyAdmin application to execute the following query to view the default user role data. Take a look at the following code:
select option_value from wp_users where option_name='wp_user_roles'
You should see a serialized array like the following one:
a:10:{s:13:"administrator";a:2:{s:4:"name";s:13:"Administrator";s: 12:"capabilities";a:67:{s:13:"switch_themes";b:1;s:11:"edit_theme"
;b:1;s:16:"activate_plugins";b:1;s:12:"edit_plugins";b:1;s:10:"edi
t_users";b:1;s:10:"edit_files";b:1;s:14:"manage_options";b:1;s:17:
"moderate_comments";b:1;s:17:"manage_categories";b:1;s:12:"manage_ links";b:1;s:12
A part of the value contained in the wp_user_roles row is displayed in the preceding code. It's quite confusing and not practical to understand the capabilities of each user role by looking at this serialized array. Therefore, we can take advantage of an existing WordPress plugin to view and manage user roles and capabilities.
There are plenty of great and free plugins for managing user roles and permissions. My favorite is the Members plugin by Justin Tadlock, as it's quite clean and simple. You can grab a copy of this plugin at http://wordpress.org/plugins/members/.
Let's see how capabilities are displayed for the free member role in our application using the following screenshot of the plugin:
All the capabilities which are assigned to a specific user role will be ticked by default. As expected, the follow_forum_activities capability added in the previous section is successfully assigned to the free and premium member user roles.
So far, we have learned how to use WordPress roles and capabilities in the context of web applications. We will be updating the capabilities while creating new functionalities in the following chapters. Next, we will see how user registration works in WordPress.