- 赤色のリンクは、まだ日本語Codexに存在しないページ・画像です。英語版と併せてご覧ください。(詳細)
ユーザーの種類と権限
このページ「ユーザーの種類と権限」は 情報が古くなっている可能性があります。最新版(英語)も合わせてご覧ください。最新に更新してくださる協力者を求めています。
このページ「ユーザーの種類と権限」は最新情報が未翻訳です。和訳や日本語情報を加筆してくださる協力者を求めています。
(注) 最新情報を翻訳するため、このページの後半に最新英語版をコピーしてあります。後半を翻訳後、前半も活かしてマージする予定です。
目次
- 1 はじめに
- 2 バージョン2.0
- 3 バージョン1.5
- 4 (最新情報)
- 4.1 Description
- 4.2 Super Powers for Blog Owner
- 4.3 Summary of Roles
- 4.4 Roles
- 4.5 Capabilities
- 4.5.1 switch_themes
- 4.5.2 edit_themes
- 4.5.3 activate_plugins
- 4.5.4 edit_plugins
- 4.5.5 edit_users
- 4.5.6 edit_files
- 4.5.7 manage_options
- 4.5.8 moderate_comments
- 4.5.9 manage_categories
- 4.5.10 manage_links
- 4.5.11 upload_files
- 4.5.12 import
- 4.5.13 unfiltered_html
- 4.5.14 edit_posts
- 4.5.15 edit_others_posts
- 4.5.16 edit_published_posts
- 4.5.17 publish_posts
- 4.5.18 edit_pages
- 4.5.19 read
- 4.5.20 edit_others_pages
- 4.5.21 edit_published_pages
- 4.5.22 edit_published_pages
- 4.5.23 delete_pages
- 4.5.24 delete_others_pages
- 4.5.25 delete_published_pages
- 4.5.26 delete_posts
- 4.5.27 delete_others_posts
- 4.5.28 delete_published_posts
- 4.5.29 delete_private_posts
- 4.5.30 edit_private_posts
- 4.5.31 read_private_posts
- 4.5.32 delete_private_pages
- 4.5.33 edit_private_pages
- 4.5.34 read_private_pages
- 4.5.35 delete_users
- 4.5.36 create_users
- 4.5.37 unfiltered_upload
- 4.5.38 edit_dashboard
- 4.5.39 update_plugins
- 4.5.40 delete_plugins
- 4.5.41 level_10
- 4.5.42 level_9
- 4.5.43 level_8
- 4.5.44 level_7
- 4.5.45 level_6
- 4.5.46 level_5
- 4.5.47 level_4
- 4.5.48 level_3
- 4.5.49 level_2
- 4.5.50 level_1
- 4.5.51 level_0
- 4.6 User Level to Role Conversion
- 4.7 Role to User Level Conversion
- 4.8 Resources
はじめに
WordPressのユーザーレベルシステムはブログの管理者が各ユーザに対して利用できる機能を制限・開放出来るように設計されています。管理者は記事の投稿・編集、ページの作成、リンクの定義、カテゴリーの追加、コメントの承認、プラグインの管理、テーマの管理、他のユーザの管理等の機能へのアクセスが出来、それらを管理する権限を有しています。さらに、管理者はユーザレベルの調節をすることも出来ます。
WordPress 1.2, 1.5, 2.0ではそれぞれ設定が異なります。御使用のバージョンに合わせて参照してください。
バージョン2.0
via http://codex.wordpress.org/Roles_and_Capabilities
バージョン2.0では「権限」の概念が導入されています。このシリーズでは予め定義された5つの「標準」の権限が設定されています。それらは、管理者、編集者、投稿者/作成者、寄稿者/投稿者、協力者/購読者です。(ドキュメントの為に統一を求む) それぞれの権限によって作業範囲が変わります。それは30項目に及び、権限の設定により定義出来ます。
2.0の役割と権限
管理者 | 編集者 | 投稿者/作成者 | 寄稿者/投稿者 | 協力者/購読者 | |
---|---|---|---|---|---|
テーマの変更 | |||||
テーマの編集 | |||||
プラグインの有効化 | |||||
プラグインの編集 | |||||
ユーザの編集 | |||||
ファイルの編集 | |||||
設定の管理 | |||||
インポート | |||||
コメントの承認 | |||||
カテゴリーの管理 | |||||
リンクの管理 | |||||
フィルタリングされていないHTML | |||||
投稿された記事の編集 | |||||
他のユーザの記事の編集 | |||||
ページの編集 | |||||
ファイルアップロード | |||||
記事の投稿 | |||||
記事の編集 | |||||
閲覧 |
バージョン1.5
via http://codex.wordpress.org/User_Levels
ユーザレベルは0から10まであります。0は最低位のレベルであり、10は最高位のレベルです。レベル10は絶対的な権力を有しています。一般的に、ユーザレベルに応じて自分より下位レベルのユーザの投稿を編集・公開することが出来ます。ディスカッションの為に、登録とログインを行う全ての来訪者をユーザと呼びます。
レベル10のユーザは管理者権限を有しており、ここでは管理者と呼んでいます。WordPressをインストールする課程で自動的に管理者を作成し、レベル10を割り当てます。全てのユーザをコントロールする絶対的な力を持っている為、多くの場合、レベル10のユーザは一人だけであるべきです。
1.5のレベルと権限
は権限を有しています | |||||||||||
は自分より下位レベルのユーザーに対して権限を有しています | |||||||||||
は権限は有りますが、制限されています | |||||||||||
レベル | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |
ダッシュボード | |||||||||||
--- | |||||||||||
投稿 | |||||||||||
記事 | |||||||||||
レベル1:「草稿として保存」 | |||||||||||
ページ | |||||||||||
管理 | |||||||||||
記事 | |||||||||||
レベル1:自分の草稿の編集・削除、他人の閲覧 | |||||||||||
ページ | |||||||||||
カテゴリー | |||||||||||
レベル1,2,3:参照のみ | |||||||||||
コメント | |||||||||||
コメントの承認 | |||||||||||
レベル1,2,3:参照のみ | |||||||||||
リンク | |||||||||||
リンクの管理 | |||||||||||
リンクの追加 | |||||||||||
リンクカテゴリー | |||||||||||
リンクのインポート | |||||||||||
テーマ | |||||||||||
テーマの管理 | |||||||||||
テーマの編集 | |||||||||||
プラグイン | |||||||||||
プラグインの管理 | |||||||||||
プラグインの編集 | |||||||||||
ユーザー | |||||||||||
あなたのプロファイル | |||||||||||
投稿者とユーザー | |||||||||||
レベル5:全ユーザの情報を閲覧、レベル0以外の下位のユーザの編集・レベルの変更・削除が可能 | |||||||||||
設定 | |||||||||||
一般設定 | |||||||||||
投稿設定 | |||||||||||
表示設定 | |||||||||||
ディスカッション | |||||||||||
パーマリンク設定 | |||||||||||
その他の設定 | |||||||||||
アップロード | |||||||||||
---(有効化時) | |||||||||||
10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
最新英語版: WordPress Codex » Roles and Capabilities
最新英語版: WordPress Codex » User Levels
(最新情報)
Description
The WordPress Roles feature is designed to give the blog owner the ability to control and assign what users can and cannot do in the blog. A blog owner must manage and allow access to such functions as writing and editing Posts, creating Pages, defining Links, creating Categories, moderating Comments, managing Themes, and managing other users. The tool that gives the blog owner that control is the ability to assign a Role to a user.
WordPress Version 2.0/en introduces the concept of Roles. The WordPress distribution comes delivered 'standard' with five pre-defined Roles: Administrator, Editor, Author, Contributor, and Subscriber. Each Role is allowed to perform a set of tasks called Capabilities. There are fifty (40 + 10 for backward compatibility) Capabilities including publish_posts, moderate_comments, and edit_users. The Capabilities are pre-assigned to each Role.
The Administrator Role is allowed to perform all possible Capabilities. Each of the other Roles has a decreasing number of allowed Capabilities. For instance, the Subscriber Role is allowed just the read and level_0. One particular Role should not be considered to be 'senior to' another Role. Rather, consider that Roles define the user's responsibilities within the blog.
Plugin developers will likely revise the 'standard' Roles and Capabilities because WordPress Developers/en left open the future possibility of assigning a user to one or more Roles, or assigning Capabilities directly to a User. Since Plugins might change Roles and Capabilities, just the 'standard' Roles and Capabilities are addressed in this article.
Super Powers for Blog Owner
The person with the most important Role is that of blog owner. Typically, the blog owner is the person responsibile for maintaining and backing up the WordPress MySQL database as well as managing the WordPress repository of files (programs, scripts, plugins, themes, images, uploads). Ultimately, the smooth operation of a blog depends on the blog owner fulfilling this 'ultimate role'. Note: The blog owner, in many cases, also acts the Role of Administrator but may choose to assign other users the Administrator Role.
Summary of Roles
- Administrator - Somebody who has access to all the administration features
- Editor - Somebody who can publish posts, manage posts as well as manage other people's posts, etc.
- Author - Somebody who can publish and manage their own posts
- Contributor - Somebody who can write and manage their posts but not publish posts
- Subscriber - Somebody who can read comments/comment/receive news letters, etc.
The default role for a new user can be set using the Settings General SubPanel.
Roles
The identity a particular user assumes in a blog is called their Role. A Role essentially describes the set of tasks, called Capabilities, a person is allowed to perform. For instance, the role of Administrator encompasses every possible task that can be performed within a WordPress blog. On the other hand, the Author role allows the execution of just a small subset of tasks.
WordPress 2.0 simplifies the User Level approach of WordPress 1.5 by rolling up adjacent levels with similar permissions into logical, named roles. For example, Level 0 is now assigned to the Subscriber role, while Levels 5-7 together make up the Editor role; The levels have been kept purely for backwards compatibility with older plugins, Plugin and Theme authors are strongly encouraged to use roles and/or capabilities in preference to using the older "level" style checking.
The following sections list the Roles and their Capabilities:
Administrator
- activate_plugins
- create_users
- delete_others_pages
- delete_others_posts
- delete_pages
- delete_plugins
- delete_posts
- delete_private_pages
- delete_private_posts
- delete_published_pages
- delete_published_posts
- delete_users
- edit_dashboard
- edit_files
- edit_others_pages
- edit_others_posts
- edit_pages
- edit_plugins
- edit_posts
- edit_private_pages
- edit_private_posts
- edit_published_pages
- edit_published_posts
- edit_themes
- edit_users
- import
- install_plugins
- install_themes
- manage_categories
- manage_links
- manage_options
- moderate_comments
- publish_pages
- publish_posts
- read
- read_private_pages
- read_private_posts
- switch_themes
- unfiltered_html
- unfiltered_upload
- update_plugins
- update_themes
- upload_files
- level_0
- level_1
- level_2
- level_3
- level_4
- level_5
- level_6
- level_7
- level_8
- level_9
- level_10
Editor
- delete_others_pages
- delete_others_posts
- delete_pages
- delete_posts
- delete_private_pages
- delete_private_posts
- delete_published_pages
- delete_published_posts
- edit_others_pages
- edit_others_posts
- edit_pages
- edit_posts
- edit_private_pages
- edit_private_posts
- edit_published_pages
- edit_published_posts
- manage_categories
- manage_links
- moderate_comments
- publish_pages
- publish_posts
- read
- read_private_pages
- read_private_posts
- unfiltered_html
- upload_files
- level_0
- level_1
- level_2
- level_3
- level_4
- level_5
- level_6
- level_7
Author
Contributor
Subscriber
Capability vs. Role Table
Capability | admin | editor | author | contributor | subscriber |
---|---|---|---|---|---|
install_themes | |||||
update_themes | |||||
switch_themes | |||||
edit_themes | |||||
install_plugins | |||||
activate_plugins | |||||
edit_plugins | |||||
update_plugins | |||||
delete_plugins | |||||
create_users | |||||
edit_users | |||||
delete_users | |||||
edit_files | |||||
manage_options | |||||
import | |||||
unfiltered_upload | |||||
edit_dashboard | |||||
moderate_comments | |||||
manage_categories | |||||
manage_links | |||||
unfiltered_html | |||||
edit_published_posts | |||||
edit_others_posts | |||||
edit_pages | |||||
edit_others_pages | |||||
edit_published_pages | |||||
publish_pages | |||||
delete_pages | |||||
delete_others_pages | |||||
delete_published_pages | |||||
delete_others_posts | |||||
delete_private_posts | |||||
edit_private_posts | |||||
read_private_posts | |||||
delete_private_pages | |||||
edit_private_pages | |||||
read_private_pages | |||||
upload_files | |||||
publish_posts | |||||
delete_published_posts | |||||
edit_posts | |||||
delete_posts | |||||
read | |||||
Level | admin | editor | author | contributor | subscriber |
level_10 | |||||
level_9 | |||||
level_8 | |||||
level_7 | |||||
level_6 | |||||
level_5 | |||||
level_4 | |||||
level_3 | |||||
level_2 | |||||
level_1 | |||||
level_0 |
Capabilities
switch_themes
Allows access to Administration Panel options:
- Design
- Design > Themes
- Design > Widgets
edit_themes
Allows access to Administration Panel options:
- Design > Theme Editor
- Design > Current Theme Options
activate_plugins
Allows access to Administration Panel options:
edit_plugins
Allows access to Administration Panel options:
edit_users
Allows access to Administration Panel options:
edit_files
No longer used.
manage_options
Allows access to Administration Panel options:
- Options > General
- Options > Writing
- Options > Reading
- Options > Discussion
- Options > Permalinks
- Options > Miscellaneous
moderate_comments
Allows access to Administration Panel options:
- Question: This is blank. I guess the User can accept and deny (= delete) a comment in moderation. Can he also delete other comments? Tordans 17:56, 8 Apr 2006 (GMT)
manage_categories
Allows access to Administration Panel options:
- Manage > Categories
manage_links
Allows access to Administration Panel options:
- Links
- Links > Manage Links
- Links > Add Link
- Links > Link Categories
- Links > Import Links
upload_files
Allows access to Administration Panel options:
- Upload
import
Allows access to Administration Panel options:
- Import
unfiltered_html
Allows user to post HTML markup or even Javascript code in pages, posts, and comments.
Note: Enabling this option for untrusted users may result in their posting malicious code to your blog.
edit_posts
Allows access to Administration Panel options:
- Write
- Write > Write Post
- Manage
- Manage > Posts
- Manage > Comments -- The "show post", "edit post", "edit comment", and "delete comment" links are enabled only on own posts, since
wp-admin/edit-comments.php
looks for "current_user_can('edit_post', $comment->comment_post_ID)"' - Manage > Awaiting Moderation -- I think contributor can only see the menuitem since the capability "moderate_comments" is needed to view the comment list ( see
wp-admin/moderation.php
). So you cannot even see your own posts comments in the moderation list?!
edit_others_posts
- Manage > Comments -- Lets user delete and edit every comment (see edit_posts above)
- user can edit other users' posts through function get_others_drafts()
- user can see other users' images in inline-uploading [no? see
wp-admin/inline-uploading.php
(訳注:最新版にはないようです)
See Exceptions
edit_published_posts
User can edit his published posts. This capability is off by default.
The core checks the capability edit_posts, but on demand this check is changed to edit_published_posts.
If you don't want a user to be able edit his published posts, remove this capability. (see also this comment on the Role Manager Plugin Homepage).
publish_posts
User can
- see and choose the radiobox "publish" when writing a post
- see and use the "publish" button below their post (otherwise they can only save drafts)
- can use xmlrpc to publish (otherwise they get a "Sorry, you can not post on this weblog or category.")
edit_pages
Allows access to Administration Panel options:
- Write > Write Page -- gives acces to "page-new.php"
- Manage > Pages -- all users can view "/wp-admin/edit-pages.php" but only those here do see the link 'edit' and 'delete' in the table list.
As far as I see all editors can edit each others' pages. Dave J. (Scoop0901) 16:38, 30 Jan 2007 (UTC) fixed typo]
read
Allows access to Administration Panel options:
- Dashboard
- Your Profile
Used nowhere in the core code except the menu.php
edit_others_pages
Since 2.1
edit_published_pages
Since 2.1
edit_published_pages
Since 2.1
delete_pages
Since 2.1
delete_others_pages
Since 2.1
delete_published_pages
Since 2.1
delete_posts
Since 2.1
delete_others_posts
Since 2.1
delete_published_posts
Since 2.1
delete_private_posts
Since 2.1
edit_private_posts
Since 2.1
read_private_posts
Since 2.1
delete_private_pages
Since 2.1
edit_private_pages
Since 2.1
read_private_pages
Since 2.1
delete_users
Since 2.1
create_users
Since 2.1
unfiltered_upload
Since 2.3
edit_dashboard
Since 2.5
update_plugins
Since 2.6
delete_plugins
Since 2.6
level_10
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_9
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_8
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_7
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_6
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_5
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_4
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_3
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_2
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_1
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
level_0
Allows access to Administration Panel options:
- Maintained for backward compatibility for Plugins
User Level to Role Conversion
- User Level 0 converts to Subscriber Role
- User Level 1 converts to Contributor Role
- User Level 2 converts to Author Role
- User Level 3 converts to Author Role
- User Level 4 converts to Author Role
- User Level 5 converts to Editor Role
- User Level 6 converts to Editor Role
- User Level 7 converts to Editor Role
- User Level 8 converts to Administrator Role
- User Level 9 converts to Administrator Role
- User Level 10 converts to Administrator Role
Role to User Level Conversion
Subscriber Role
User Level 0
Contributor Role
User Level 1
Author Role
User Levels 2, 3, and 4
Editor Role
User Levels 5, 6, and 7
Administrator Role
User Level 8, 9, and 10
Exceptions
WP 2.7.1 does not allow Editors to edit the posts of Administrators. Given that "One particular Role should not be considered to be 'senior to' another Role ... "*, this may be a bug in this release. Either that, or some clarification is required in this article.