WordPress.org

fr:Rôles et Capacités

Languages: English • Español • Français • 日本語 • Português do Brasil • 中文(简体) • (Add your language)

Contents 1 Description 2 Les rôles en résumé 3 Les Rôles 3.1 Super Admin 3.2 Administrator 3.2.1 Additional Admin Capabilities 3.3 Editor 3.4 Author 3.5 Contributor 3.6 Subscriber 3.7 Special Cases 3.8 Capability vs. Role Table 4 Capabilities 4.1 switch_themes 4.2 edit_themes 4.3 edit_theme_options 4.4 install_themes 4.5 activate_plugins 4.6 edit_plugins 4.7 install_plugins 4.8 edit_users 4.9 edit_files 4.10 manage_options 4.11 moderate_comments 4.12 manage_categories 4.13 manage_links 4.14 upload_files 4.15 import 4.16 unfiltered_html 4.17 edit_posts 4.18 edit_others_posts 4.19 edit_published_posts 4.20 publish_posts 4.21 edit_pages 4.22 read 4.23 publish_pages 4.24 edit_others_pages 4.25 edit_published_pages 4.26 edit_published_pages 4.27 delete_pages 4.28 delete_others_pages 4.29 delete_published_pages 4.30 delete_posts 4.31 delete_others_posts 4.32 delete_published_posts 4.33 delete_private_posts 4.34 edit_private_posts 4.35 read_private_posts 4.36 delete_private_pages 4.37 edit_private_pages 4.38 read_private_pages 4.39 delete_users 4.40 create_users 4.41 unfiltered_upload 4.42 edit_dashboard 4.43 update_plugins 4.44 delete_plugins 4.45 update_themes 4.46 update_core 4.47 list_users 4.48 remove_users 4.49 add_users 4.50 promote_users 4.51 delete_themes 4.52 export 4.53 edit_comment 4.54 manage_network 4.55 create_products 4.56 manage_sites 4.57 manage_network_users 4.58 manage_network_themes 4.59 manage_network_options 5 User Levels 5.1 User Level to Role Conversion 6 Change Log 7 Resources

Description

WordPress utilise un système de Rôles, qui permet à l'administrateur d'un site de contrôler ce que chaque contributeur peut faire ou ne pas faire. L'administrateur du site peut permettre ou interdire l'accès à des fonctions comme: créer et modifier des articles, créer des pages, créer des catégories, modérer des commentaires, installer des plugins, activer des thèmes, et gérer les autres utilisateurs. Le degré d'autorisation pour chaque action est défini par le Rôle attribué à l'utilisateur.

WordPress propose six Rôles prédéfinis: Super Admin, Administrateur, Éditeur, Auteur, Contributeur et Abonné. Chaque rôle a le pouvoir d'accomplir certaines tâches, ce sont ses Capacités ("Capabilities" en anglais). Il existe une longue liste de Capacités, parmi lesquelles publish_posts, moderate_comments, et edit_users. Un ensemble de Capacités par défaut est préconfiguré pour chaque Rôle, mais d'autres capacités peuvent être ajoutées à travers l'API des plugins WordPress, en utilisant les fonctions add_cap() et remove_cap(). Des rôles peuvent être ajoutés ou enlevés, en utilisant les fonctions add_role() et remove_role().

Le Rôle de Super Admin donne accès à toutes les capacités existantes. Tous les autres rôles ont un nombre plus restreint de capacités. À titre d'exemple, le rôle d'Abonné ne donne droit qu'à la capacité de "lecture". Ces rôles ne doivent pas être compris comme une échelle hiérarchique. Il s'agit plutôt de définir les responsabilités de chaque utilisateur dans le site..

Les rôles en résumé

• Super Admin – Accède aux réglages d'administration multisite, ainsi qu'à toutes les autres fonctionalités. Voir l'article créer un réseau.
• Administrateur - Accède à toutes les fonctionnalités d'administration dans un site unique.
• Éditeur - Peut publier et gérer articles et pages, les siens ainsi que ceux des autres utilisateurs.
• Auteur - Peut publier et gérer ses propres articles.
• Contributeur - Peut écrire et gérer ses articles, mais ne peut les publier.
• Abonné - Ne peut gérer que son profil.

Lors de l'installation de WordPress, un compte Administrateur muni de toutes les Capacités est automatiquement créé.

Le rôle par défaut attribué aux nouveaux utilisateurs ("Abonné") peut être redéfini depuis les Réglages généraux (en anglais).

Les Rôles

Le Rôle définit l'ampleur des tâches qu'un utilisateur est autorisé à accomplir. Par exemple, le rôle de Super Admin autorise toute tâche qui peut être accomplie dans un Réseau de sites WordPress. Le rôle d'Administrateur limite ces tâches à un site unique. En comparais, le rôle d'Author permet l'exécution d'un nombre de tâches très restreint.

Les sections suivantes font la liste des Rôles par défaut et de leurs Capacités:

Super Admin

Multisite Super Admins have, by default, all capabilities. The following Multisite-only capabilities are therefore only available to Super Admins:

• manage_network
• manage_sites
• manage_network_users
• manage_network_themes
• manage_network_options

In the case of single site WordPress installation, Administrators are, in effect, Super Admins. As such, they are the only ones to have access to additional admin capabilities.

Administrator

The capabilities of Administrators differs between single site and Multisite WordPress installations. All administrators have the following capabilities:

• activate_plugins
• delete_others_pages
• delete_others_posts
• delete_pages
• delete_plugins
• delete_posts
• delete_private_pages
• delete_private_posts
• delete_published_pages
• delete_published_posts
• edit_dashboard
• edit_files
• edit_others_pages
• edit_others_posts
• edit_pages
• edit_posts
• edit_private_pages
• edit_private_posts
• edit_published_pages
• edit_published_posts
• edit_theme_options
• export
• import
• list_users
• manage_categories
• manage_links
• manage_options
• moderate_comments
• promote_users
• publish_pages
• publish_posts
• read_private_pages
• read_private_posts
• read
• remove_users
• switch_themes
• upload_files
• create_product

Additional Admin Capabilities

Only Administrators of single site installations have the following capabilities. In Multisite, only the Super Admin has these abilities:

• update_core
• update_plugins
• update_themes
• install_plugins
• install_themes
• delete_themes
• edit_plugins
• edit_themes
• edit_users
• create_users
• delete_users
• unfiltered_html

Editor

• delete_others_pages
• delete_others_posts
• delete_pages
• delete_posts
• delete_private_pages
• delete_private_posts
• delete_published_pages
• delete_published_posts
• edit_others_pages
• edit_others_posts
• edit_pages
• edit_posts
• edit_private_pages
• edit_private_posts
• edit_published_pages
• edit_published_posts
• manage_categories
• manage_links
• moderate_comments
• publish_pages
• publish_posts
• read
• read_private_pages
• read_private_posts
• unfiltered_html (not with Multisite. See Unfiltered MU)
• upload_files

Author

• delete_posts
• delete_published_posts
• edit_posts
• edit_published_posts
• publish_posts
• read
• upload_files

Contributor

• delete_posts
• edit_posts
• read

Subscriber

• read

Special Cases

The following capabilities are special cases:

• unfiltered_upload - This capability is not available to any role by default (including Super Admins). The capability needs to be enabled by defining the following constant:

define( 'ALLOW_UNFILTERED_UPLOADS', true );

With this constant defined, all roles on a single site install will be given the unfiltered_upload capability, but only Super Admins will be given the capability on a Multisite install.

Capability vs. Role Table

Note that the capabilities of Administrators differs between single site and Multisite WordPress installations, as described above .

Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
manage_network	Y
manage_sites	Y
manage_network_users	Y
manage_network_themes	Y
manage_network_options	Y
unfiltered_html	Y
Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
activate_plugins	Y	Y
create_users	Y	Y (single site)
delete_plugins	Y	Y
delete_themes	Y	Y (single site)
delete_users	Y	Y
edit_files	Y	Y
edit_plugins	Y	Y (single site)
edit_theme_options	Y	Y
edit_themes	Y	Y (single site)
edit_users	Y	Y (single site)
export	Y	Y
import	Y	Y
Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
install_plugins	Y	Y (single site)
install_themes	Y	Y (single site)
list_users	Y	Y
manage_options	Y	Y
promote_users	Y	Y
remove_users	Y	Y
switch_themes	Y	Y
update_core	Y	Y (single site)
update_plugins	Y	Y (single site)
update_themes	Y	Y (single site)
edit_dashboard	Y	Y
Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
moderate_comments	Y	Y	Y
manage_categories	Y	Y	Y
manage_links	Y	Y	Y
edit_others_posts	Y	Y	Y
edit_pages	Y	Y	Y
edit_others_pages	Y	Y	Y
edit_published_pages	Y	Y	Y
publish_pages	Y	Y	Y
delete_pages	Y	Y	Y
delete_others_pages	Y	Y	Y
delete_published_pages	Y	Y	Y
delete_others_posts	Y	Y	Y
delete_private_posts	Y	Y	Y
edit_private_posts	Y	Y	Y
read_private_posts	Y	Y	Y
delete_private_pages	Y	Y	Y
edit_private_pages	Y	Y	Y
read_private_pages	Y	Y	Y
Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber
edit_published_posts	Y	Y	Y	Y
upload_files	Y	Y	Y	Y
create_product	Y	Y	Y	Y
publish_posts	Y	Y	Y	Y
delete_published_posts	Y	Y	Y	Y
edit_posts	Y	Y	Y	Y	Y
delete_posts	Y	Y	Y	Y	Y
read	Y	Y	Y	Y	Y	Y
Capability	Super Admin	Administrator	Editor	Author	Contributor	Subscriber

Capabilities

switch_themes

• Since 2.0
• Allows access to Administration Panel options:
  • Appearance
  • Appearance > Themes

edit_themes

• Since 2.0
• Allows access to Appearance > Theme Editor to edit theme files.

edit_theme_options

• Since 3.0
• Allows access to Administration Panel options:
  • Appearance > Widgets
  • Appearance > Menus
  • Appearance > Theme Options if they are supported by the current theme
  • Appearance > Background
  • Appearance > Header

install_themes

• Since 2.8
• Allows access to Administration Panel options:
  • Appearance > Add New Themes

activate_plugins

• Since 2.0
• Allows access to Administration Panel options:
  • Plugins

edit_plugins

• Since 2.0
• Allows access to Administration Panel options:
  • Plugins > Plugin Editor

install_plugins

• Since 2.7
• Allows access to Administration Panel options:
  • Plugins > Add New

edit_users

• Since 2.0
• Allows access to Administration Panel options:
  • Users

edit_files

• Since 2.0
• Note: No longer used.

manage_options

• Since 2.0
• Allows access to Administration Panel options:
  • Settings > General
  • Settings > Writing
  • Settings > Reading
  • Settings > Discussion
  • Settings > Permalinks
  • Settings > Miscellaneous

moderate_comments

• Since 2.0
• Allows users to moderate comments from the Comments SubPanel (although a user needs the edit_posts Capability in order to access this)

manage_categories

• Since 2.0
• Allows access to Administration Panel options:
  • Posts > Categories
  • Links > Categories

manage_links

• Since 2.0
• Allows access to Administration Panel options:
  • Links
  • Links > Add New

upload_files

• Since 2.0
• Allows access to Administration Panel options:
  • Media
  • Media > Add New

import

• Since 2.0
• Allows access to Administration Panel options:
  • Tools > Import
  • Tools > Export

unfiltered_html

• Since 2.0
• Allows user to post HTML markup or even JavaScript code in pages, posts, and comments.
• Note: Enabling this option for untrusted users may result in their posting malicious or poorly formatted code.

edit_posts

• Since 2.0
• Allows access to Administration Panel options:
  • Posts
  • Posts > Add New
  • Comments
  • Comments > Awaiting Moderation

edit_others_posts

• Since 2.0
• Allows access to Administration Panel options:
  • Manage > Comments (Lets user delete and edit every comment, see edit_posts above)
• user can edit other users' posts through function get_others_drafts()
• user can see other users' images in inline-uploading [no? see inline-uploading.php]
• See Exceptions

edit_published_posts

• Since 2.0
• User can edit their published posts. This capability is off by default.
• The core checks the capability edit_posts, but on demand this check is changed to edit_published_posts.
• If you don't want a user to be able edit his published posts, remove this capability. (see also this comment on the Role Manager Plugin Homepage).

publish_posts

• Since 2.0
• See and use the "publish" button when editing their post (otherwise they can only save drafts)
• Can use XML-RPC to publish (otherwise they get a "Sorry, you can not post on this weblog or category.")

edit_pages

• Since 2.0
• Allows access to Administration Panel options:
  • Pages
  • Pages > Add New

read

• Since 2.0
• Allows access to Administration Panel options:
  • Dashboard
  • Users > Your Profile
• Used nowhere in the core code except the menu.php

publish_pages

• Since 2.1

edit_others_pages

• Since 2.1

edit_published_pages

• Since 2.1

edit_published_pages

• Since 2.1

delete_pages

• Since 2.1

delete_others_pages

• Since 2.1

delete_published_pages

• Since 2.1

delete_posts

• Since 2.1

delete_others_posts

• Since 2.1

delete_published_posts

• Since 2.1

delete_private_posts

• Since 2.1

edit_private_posts

• Since 2.1

read_private_posts

• Since 2.1

delete_private_pages

• Since 2.1

edit_private_pages

• Since 2.1

read_private_pages

• Since 2.1

delete_users

• Since 2.1

create_users

• Since 2.1

unfiltered_upload

• Since 2.3

edit_dashboard

• Since 2.5

update_plugins

• Since 2.6

delete_plugins

• Since 2.6

update_themes

• Since 2.7

update_core

• Since 3.0

list_users

• Since 3.0

remove_users

• Since 3.0

add_users

• Since 3.0

promote_users

• Since 3.0

delete_themes

• Since 3.0

export

• Since 3.0

edit_comment

• Since 3.1

manage_network

• Since 3.1

create_products

• Since 3.0
• Multi-site only
• Allows access to Super Admin menu
• Allows user to upgrade network

manage_sites

• Since 3.0
• Multi-site only
• Allows access to Network Sites menu
• Allows user to add, edit, delete, archive, unarchive, activate, deactivate, spam and unspam new site/blog in the network

manage_network_users

• Since 3.0
• Multi-site only
• Allows access to Network Users menu

manage_network_themes

• Since 3.0
• Multi-site only
• Allows access to Network Themes menu

manage_network_options

• Since 3.0
• Multi-site only
• Allows access to Network Options menu

User Levels

Prior to version 2.0, WordPress used a user User Levels system. This was replaced in version 2.0 with the much improved and more extensible Roles and Capabilities system you see today. To maintain backwards compatibility with plugins that still use the user levels system (although this is very much discouraged), the default Roles in WordPress also include Capabilities that correspond to these levels. User Levels were finally deprecated in version 3.0.

Capability	Administrator	Editor	Author	Contributor	Subscriber
level_10
level_9
level_8
level_7
level_6
level_5
level_4
level_3
level_2
level_1
level_0

User Level to Role Conversion

• User Level 0 converts to Subscriber
• User Level 1 converts to Contributor
• User Level 2 converts to Author
• User Level 3 converts to Editor
• User Level 4 converts to Editor
• User Level 5 converts to Editor
• User Level 6 converts to Editor
• User Level 7 converts to Editor
• User Level 8 converts to Administrator
• User Level 9 converts to Administrator
• User Level 10 converts to Administrator

Change Log

• 1.5: User Levels system was introduced.
• 2.0: Roles and Capabilities system was introduced.
• 3.0: User Levels system deprecated & Multisite Super Admins introduced.

Resources

• Plugins:
  • Members Plugin
  • Role Scoper Plugin
  • User Access Manager
  • Advanced Access Manager
  • User Role Editor

• Information:
  • Ryan Boren's What's New in 2.0: Roles and Capabilities
  • Ultimate Guide to Roles and Capabilities in WordPress Plugins and Themes
  • Simple explanation of user roles and capabilities

• Dev:
  • Hackers email list Original User Capability discussion
  • related functions: current_user_can(), user_can()
  • You can set and get a user's role and capabilities programmatically using the WP_User class.

Roles and Capabilities: add_role(), remove_role(), get_role(), add_cap(), remove_cap()

• Home Page
• WordPress Lessons
• Getting Started
• Working with WordPress
• Design and Layout
• Advanced Topics
• Troubleshooting
• Developer Docs
• About WordPress

Codex Resources

• Community portal
• Current events
• Recent changes
• Random page
• Help