Media/Attachment File Permissions functionality allows you to control users permission on Media Library. User Role Editor injects some custom capabilities for you to control users permission. These new capabilities will be available as part of the Media box in role add/edit page.
edit_attachments
This capability is required to edit files existing within the media library.
delete_attachments
This capability is required to delete files existing within the media library.
read_others_attachments
This capability is required to view files which are uploaded by others within the media library. Remove this capability to give a user access to only his/her own files.
edit_others_attachments
This capability is required to edit files uploaded by other users.
delete_others_attachments
This capability is required to delete files uploaded by other users.
Initially these custom capabilities will be available for all roles which has upload_files capability to continue the existing functionality of the site.
These capabilities doesn’t limit anyone from accessing the file directly by typing the URL of that file.
Topics
Posts/Pages Extended Permissions
Media/Attachment File Permissions
Content Restriction Shortcodes