• 赤色のリンクは、まだ日本語Codexに存在しないページ・画像です。英語版と併せてご覧ください。(詳細

このWikiはいつでも誰でも編集できます

ユーザーの種類と権限

提供: WordPress Codex 日本語版
2010年1月24日 (日) 07:41時点におけるBono (トーク | 投稿記録)による版 ((最新情報): リンク・見出し等調整して一旦保存/情報募集中)

移動先: 案内検索

このページ「ユーザーの種類と権限」は 情報が古くなっている可能性があります。最新版英語)も合わせてご覧ください。最新に更新してくださる協力者を求めています

このページ「ユーザーの種類と権限」は最新情報未翻訳です。和訳や日本語情報を加筆してくださる協力者を求めています

(注) 最新情報を翻訳するため、このページの後半に最新英語版をコピーしてあります。後半を翻訳後、前半も活かしてマージする予定です。

目次

はじめに

 WordPressのユーザーレベルシステムはブログの管理者が各ユーザに対して利用できる機能を制限・開放出来るように設計されています。管理者は記事の投稿・編集、ページの作成、リンクの定義、カテゴリーの追加、コメントの承認、プラグインの管理、テーマの管理、他のユーザの管理等の機能へのアクセスが出来、それらを管理する権限を有しています。さらに、管理者はユーザレベルの調節をすることも出来ます。

 WordPress 1.2, 1.5, 2.0ではそれぞれ設定が異なります。御使用のバージョンに合わせて参照してください。

バージョン2.0

via http://codex.wordpress.org/Roles_and_Capabilities

via http://wordpress.xwd.jp/me2.0-docs/index.php?%A5%E6%A1%BC%A5%B6%A1%BC%A5%EC%A5%D9%A5%EB%A4%CB%A4%C4%A4%A4%A4%C6

 バージョン2.0では「権限」の概念が導入されています。このシリーズでは予め定義された5つの「標準」の権限が設定されています。それらは、管理者、編集者、投稿者/作成者、寄稿者/投稿者、協力者/購読者です。(ドキュメントの為に統一を求む) それぞれの権限によって作業範囲が変わります。それは30項目に及び、権限の設定により定義出来ます。


2.0の役割と権限

管理者 編集者 投稿者/作成者 寄稿者/投稿者 協力者/購読者
テーマの変更
テーマの編集
プラグインの有効化
プラグインの編集
ユーザの編集
ファイルの編集
設定の管理
インポート
コメントの承認
カテゴリーの管理
リンクの管理
フィルタリングされていないHTML
投稿された記事の編集
他のユーザの記事の編集
ページの編集
ファイルアップロード
記事の投稿
記事の編集
閲覧

バージョン1.5

via http://codex.wordpress.org/User_Levels

 ユーザレベルは0から10まであります。0は最低位のレベルであり、10は最高位のレベルです。レベル10は絶対的な権力を有しています。一般的に、ユーザレベルに応じて自分より下位レベルのユーザの投稿を編集・公開することが出来ます。ディスカッションの為に、登録とログインを行う全ての来訪者をユーザと呼びます。

 レベル10のユーザは管理者権限を有しており、ここでは管理者と呼んでいます。WordPressをインストールする課程で自動的に管理者を作成し、レベル10を割り当てます。全てのユーザをコントロールする絶対的な力を持っている為、多くの場合、レベル10のユーザは一人だけであるべきです。

1.5のレベルと権限

は権限を有しています
は自分より下位レベルのユーザーに対して権限を有しています
は権限は有りますが、制限されています
レベル
10 9 8 7 6 5 4 3 2 1 0
ダッシュボード
---
投稿
記事
レベル1:「草稿として保存」
ページ
管理
記事
レベル1:自分の草稿の編集・削除、他人の閲覧
ページ
カテゴリー
レベル1,2,3:参照のみ
コメント
コメントの承認
レベル1,2,3:参照のみ
リンク
リンクの管理
リンクの追加
リンクカテゴリー
リンクのインポート
テーマ
テーマの管理
テーマの編集
プラグイン
プラグインの管理
プラグインの編集
ユーザー
あなたのプロファイル
投稿者とユーザー
レベル5:全ユーザの情報を閲覧、レベル0以外の下位のユーザの編集・レベルの変更・削除が可能
設定
一般設定
投稿設定
表示設定
ディスカッション
パーマリンク設定
その他の設定
アップロード
---(有効化時)
10 9 8 7 6 5 4 3 2 1 0

最新英語版: WordPress Codex » Roles and Capabilities

最新英語版: WordPress Codex » User Levels


(最新情報)

情報募集中 以下は 2010年1月24日時点の英語版からコピーしたものですが、最新版 WordPress の情報かどうかは未確認です。何か分かることや手掛かりがあれば 該当部分を編集するか、このページのノートまたはフォーラム等で教えてください。


Description

The WordPress Roles feature is designed to give the blog owner the ability to control and assign what users can and cannot do in the blog. A blog owner must manage and allow access to such functions as writing and editing Posts, creating Pages, defining Links, creating Categories, moderating Comments, managing Themes, and managing other users. The tool that gives the blog owner that control is the ability to assign a Role to a user.

WordPress Version 2.0/en introduces the concept of Roles. The WordPress distribution comes delivered 'standard' with five pre-defined Roles: Administrator, Editor, Author, Contributor, and Subscriber. Each Role is allowed to perform a set of tasks called Capabilities. There are fifty (40 + 10 for backward compatibility) Capabilities including publish_posts, moderate_comments, and edit_users. The Capabilities are pre-assigned to each Role.

The Administrator Role is allowed to perform all possible Capabilities. Each of the other Roles has a decreasing number of allowed Capabilities. For instance, the Subscriber Role is allowed just the read and level_0. One particular Role should not be considered to be 'senior to' another Role. Rather, consider that Roles define the user's responsibilities within the blog.

Plugin developers will likely revise the 'standard' Roles and Capabilities because WordPress Developers/en left open the future possibility of assigning a user to one or more Roles, or assigning Capabilities directly to a User. Since Plugins might change Roles and Capabilities, just the 'standard' Roles and Capabilities are addressed in this article.

Super Powers for Blog Owner

The person with the most important Role is that of blog owner. Typically, the blog owner is the person responsibile for maintaining and backing up the WordPress MySQL database as well as managing the WordPress repository of files (programs, scripts, plugins, themes, images, uploads). Ultimately, the smooth operation of a blog depends on the blog owner fulfilling this 'ultimate role'. Note: The blog owner, in many cases, also acts the Role of Administrator but may choose to assign other users the Administrator Role.

Summary of Roles

  • Administrator - Somebody who has access to all the administration features
  • Editor - Somebody who can publish posts, manage posts as well as manage other people's posts, etc.
  • Author - Somebody who can publish and manage their own posts
  • Contributor - Somebody who can write and manage their posts but not publish posts
  • Subscriber - Somebody who can read comments/comment/receive news letters, etc.

The default role for a new user can be set using the Settings General SubPanel.

Roles

The identity a particular user assumes in a blog is called their Role. A Role essentially describes the set of tasks, called Capabilities, a person is allowed to perform. For instance, the role of Administrator encompasses every possible task that can be performed within a WordPress blog. On the other hand, the Author role allows the execution of just a small subset of tasks.

WordPress 2.0 simplifies the User Level approach of WordPress 1.5 by rolling up adjacent levels with similar permissions into logical, named roles. For example, Level 0 is now assigned to the Subscriber role, while Levels 5-7 together make up the Editor role; The levels have been kept purely for backwards compatibility with older plugins, Plugin and Theme authors are strongly encouraged to use roles and/or capabilities in preference to using the older "level" style checking.

The following sections list the Roles and their Capabilities:

Administrator

Editor

Author

Contributor

Subscriber

Capability vs. Role Table

Capability admin editor author contributor subscriber
install_themes
update_themes
switch_themes
edit_themes
install_plugins
activate_plugins
edit_plugins
update_plugins
delete_plugins
create_users
edit_users
delete_users
edit_files
manage_options
import
unfiltered_upload
edit_dashboard
moderate_comments
manage_categories
manage_links
unfiltered_html
edit_published_posts
edit_others_posts
edit_pages
edit_others_pages
edit_published_pages
publish_pages
delete_pages
delete_others_pages
delete_published_pages
delete_others_posts
delete_private_posts
edit_private_posts
read_private_posts
delete_private_pages
edit_private_pages
read_private_pages
upload_files
publish_posts
delete_published_posts
edit_posts
delete_posts
read
Level admin editor author contributor subscriber
level_10
level_9
level_8
level_7
level_6
level_5
level_4
level_3
level_2
level_1
level_0

Capabilities

switch_themes

Allows access to Administration Panel options:

  • Design
  • Design > Themes
  • Design > Widgets

edit_themes

Allows access to Administration Panel options:

  • Design > Theme Editor
  • Design > Current Theme Options

activate_plugins

Allows access to Administration Panel options:

edit_plugins

Allows access to Administration Panel options:

edit_users

Allows access to Administration Panel options:

edit_files

No longer used.

manage_options

Allows access to Administration Panel options:

  • Options > General
  • Options > Writing
  • Options > Reading
  • Options > Discussion
  • Options > Permalinks
  • Options > Miscellaneous

moderate_comments

Allows access to Administration Panel options:

  • Question: This is blank. I guess the User can accept and deny (= delete) a comment in moderation. Can he also delete other comments? Tordans 17:56, 8 Apr 2006 (GMT)

manage_categories

Allows access to Administration Panel options:

  • Manage > Categories

manage_links

Allows access to Administration Panel options:

  • Links
  • Links > Manage Links
  • Links > Add Link
  • Links > Link Categories
  • Links > Import Links

upload_files

Allows access to Administration Panel options:

  • Upload

import

Allows access to Administration Panel options:

  • Import

unfiltered_html

Allows user to post HTML markup or even Javascript code in pages, posts, and comments.

Note: Enabling this option for untrusted users may result in their posting malicious code to your blog.

edit_posts

Allows access to Administration Panel options:

  • Write
  • Write > Write Post
  • Manage
  • Manage > Posts
  • Manage > Comments -- The "show post", "edit post", "edit comment", and "delete comment" links are enabled only on own posts, since wp-admin/edit-comments.php looks for "current_user_can('edit_post', $comment->comment_post_ID)"'
  • Manage > Awaiting Moderation -- I think contributor can only see the menuitem since the capability "moderate_comments" is needed to view the comment list ( see wp-admin/moderation.php). So you cannot even see your own posts comments in the moderation list?!

edit_others_posts

  • Manage > Comments -- Lets user delete and edit every comment (see edit_posts above)
  • user can edit other users' posts through function get_others_drafts()
  • user can see other users' images in inline-uploading [no? see wp-admin/inline-uploading.php(訳注:最新版にはないようです)

See Exceptions

edit_published_posts

User can edit his published posts. This capability is off by default. The core checks the capability edit_posts, but on demand this check is changed to edit_published_posts.
If you don't want a user to be able edit his published posts, remove this capability. (see also this comment on the Role Manager Plugin Homepage).

publish_posts

User can

  • see and choose the radiobox "publish" when writing a post
  • see and use the "publish" button below their post (otherwise they can only save drafts)
  • can use xmlrpc to publish (otherwise they get a "Sorry, you can not post on this weblog or category.")

edit_pages

Allows access to Administration Panel options:

  • Write > Write Page -- gives acces to "page-new.php"
  • Manage > Pages -- all users can view "/wp-admin/edit-pages.php" but only those here do see the link 'edit' and 'delete' in the table list.

As far as I see all editors can edit each others' pages. Dave J. (Scoop0901) 16:38, 30 Jan 2007 (UTC) fixed typo]

read

Allows access to Administration Panel options:

  • Dashboard
  • Your Profile

Used nowhere in the core code except the menu.php

edit_others_pages

Since 2.1

edit_published_pages

Since 2.1

edit_published_pages

Since 2.1

delete_pages

Since 2.1

delete_others_pages

Since 2.1

delete_published_pages

Since 2.1

delete_posts

Since 2.1

delete_others_posts

Since 2.1

delete_published_posts

Since 2.1

delete_private_posts

Since 2.1

edit_private_posts

Since 2.1

read_private_posts

Since 2.1

delete_private_pages

Since 2.1

edit_private_pages

Since 2.1

read_private_pages

Since 2.1

delete_users

Since 2.1

create_users

Since 2.1

unfiltered_upload

Since 2.3

edit_dashboard

Since 2.5

update_plugins

Since 2.6

delete_plugins

Since 2.6

level_10

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

level_9

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

level_8

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

level_7

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

level_6

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

level_5

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

level_4

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

level_3

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

level_2

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

level_1

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

level_0

Allows access to Administration Panel options:

  • Maintained for backward compatibility for Plugins

User Level to Role Conversion

Role to User Level Conversion

Subscriber Role

User Level 0

Contributor Role

User Level 1

Author Role

User Levels 2, 3, and 4

Editor Role

User Levels 5, 6, and 7

Administrator Role

User Level 8, 9, and 10

Exceptions

WP 2.7.1 does not allow Editors to edit the posts of Administrators. Given that "One particular Role should not be considered to be 'senior to' another Role ... "*, this may be a bug in this release. Either that, or some clarification is required in this article.

Resources

最新英語版: WordPress Codex » Roles and Capabilities最新版との差分