Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 854 lines (850 sloc) 28.611 kB
6478115 branch 1.3.55 from http://plugins.svn.wordpress.org/role-scoper/tags/…
Matt Richmond authored
1 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
2 <html><head>
3 <meta content="text/html; charset=ISO-8859-1" http-equiv="content-type"><title>Role Scoper Usage Guide</title>
4
5 <style type="text/css">
6 ul li {
7 list-style-type: disc;
8 margin-bottom: 0.7em;
9 }
10 ol li {
11 margin-bottom: 0.7em;
12 }
13 ul {
14 margin-right: 1em;
15 }
16 ol {
17 margin-right: 1em;
18 }
19 .step_list {
20 border: 1px solid black;
21 margin-left: 2em;
22 width: 32em;
23 padding-right: 0.5em;
24 color: white;
25 background-color: #008c00;
26 font-family: Verdana,Helvetica,sans-serif;
27 margin-top: 0.1em;
28 font-weight: bold;
29 font-size: small;
30 padding-top: 0.2em;
31 padding-bottom: 0.2em;
32 }
33 h1 {
34 font-family: Arial,Helvetica,sans-serif;
35 margin-top: 2em;
36 }
37 h2 {
38 font-family: Arial,Helvetica,sans-serif;
39 }
40 h3 {
41 font-family: Arial,Helvetica,sans-serif;
42 margin-bottom: 0.05em;
43 margin-top: 1.75em;
44 }
45 .steplist li {
46 color: white;
47 }
48 p {
49 margin-top: 0.3em;
50 }
51 h4 {
52 font-family: Verdana,Helvetica,sans-serif;
53 margin-bottom: 0.2em;
54 }
55 h5 {
56 font-family: "Times New Roman",Times,serif;
57 font-weight: bold;
58 margin-bottom: 0.2em;
59 font-size: medium;
60 }
61 </style>
62 </head>
63 <body>
64 <div id="wrap">
65 <h1 align="center">Role Scoper
66 plugin for WordPress</h1>
67 <h1 align="center"><span style="font-size: 20pt; font-family: Arial;">Usage Guide</span></h1>
68 <h3 style="margin-bottom: 0.2in; text-align: center; font-family: Arial;" align="center"><font size="-1">by Kevin Behrens</font></h3>
69 <p style="text-align: center;" align="center"><a href="http://agapetry.net/"><span style="font-family: &quot;Courier New&quot;;">http://agapetry.net/</span></a></p>
70 <p style="text-align: center;" align="center"><a href="http://agapetry.net/forum/"><span style="font-family: &quot;Courier New&quot;;">http://agapetry.net/forum/</span></a></p>
71 <p style="margin-bottom: 0.2in; text-align: center; font-family: Arial;" align="center"><font size="-1">original
72 document: 10
73 July 2008</font></p>
74 <p style="margin-bottom: 0.2in; text-align: center; font-family: Arial;" align="center"><font size="-1">revision: 3 November 2008</font></p>
75
76 <p>This
77 document
78 contains Topical commentary to orient an experienced WordPress blog
79 administrator to the new permission controls offered by Role Scoper.
80 Those
81 uninterested in this discussion may skip to step-by-step instructions
82 in the
83 How-to Guide. This document is a work in progress which will be
84 expanded and
85 updated periodically.</p>
86 <p>For
87 a general
88 overview of Role Scoper&#8217;s motives and screen shots which may provide a
89 helpful
90 accompaniment, see the following online document: <a href="http://agapetry.net/news/introducing-role-scoper/">http://agapetry.net/news/introducing-role-scoper/</a></p>
91 <h3>Contents</h3>
92 <p>Section
93 1: <a href="#Section1%7Cregion">Glossary
94 and Commentary</a></p>
95 <p>Section
96 2: <a href="#Section2%7Cregion">How-to
97 Guide</a></p>
98 <p>Section
99 3: <a href="#Section3%7Cregion">Customizations
100 and Extensions</a></p>
101 <p><a href="#Section3%7Cregion"><span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-weight: bold;"></span></span></a></p>
102 <h3>Installation</h3>
103 <ol class="step_list">
104 <li>Upload / extract the zip to your web server such that the
105 directory <b>wp-content/plugins/role-scoper/ </b>contains
106 role-scoper.php, etc.&nbsp; <br>
107 <br>
108 <span style="font-weight: normal;">If your site has
109 CPanel, just copy the
110 zip
111 into wp-content/plugins and extract.&nbsp; Otherwise, extract the
112 zip on
113 your local computer and use FTP to create the new server directory and
114 upload all files.</span></li>
115 <li>Log into WordPress (yoursite/wp-admin/) as an Administrator</li>
116 <li>Click on Plugins; activate Role Scoper</li>
117 </ol>
118 Once the plugin is activated, this Usage Guide should prove
119 helpful.&nbsp; Your steps from here depend on what you're trying to
120 accomplish. &nbsp;If this document and the Role Scoper interface
121 don't
122 point the way, you can always place a request for help in the <a href="http://agapetry.net/forum/">support forum</a>.<br>
123 <a name="Section1|region"></a>
124 <h1 align="center">Section
125 1:
126 Glossary and Commentary</h1>
127 <h3>Description</h3>
128 <p>Role
129 Scoper is
130 a comprehensive drop-in replacement for capability enforcement and
131 administration in WordPress. Assign reading, editing or administration
132 roles to
133 users or groups on a page-specific, category-specific or other
134 content-specific
135 basis.</p>
136 <h3>Menu
137 Access</h3>
138 <p>After
139 activating Role Scoper, you will find two new utility links on the
140 right next
141 to &#8220;Settings&#8221;: Roles and Groups. Most of Role Scoper&#8217;s settings are
142 accessed
143 through the &#8220;Roles&#8221; or &#8220;Groups&#8221; links.</p>
144 &#8220;Groups&#8221;
145 pertains to the definition of User Groups, and to role assignments for
146 those
147 groups (see &#8220;User Groups&#8221; below. The role assignment portion of the
148 &#8220;Groups&#8221;
149 tab is therefore a mirror of corresponding role assignment links on the
150 &#8220;Roles&#8221;
151 tab which pertain to individual users.
152 <p>Those
153 wishing
154 only to assign or restrict access to an individual post or page may go
155 straight
156 to the WordPress post/page editor interface and look for the new
157 &#8220;Readers&#8221;,
158 &#8220;Contributors&#8221; and &#8220;Editors&#8221; tabs.</p>
159 <a name="general_roles"></a>
160 <h3>Scope:
161 Blog, Section or Object</h3>
162 <p>By
163 default,
164 Wordpress roles specify capabilities that a user has blog-wide. Pages
165 and Posts
166 can be marked private. If a user&#8217;s role includes the read_private_pages
167 capability, <b>all</b> private pages are readable to them.
168 Otherwise <b>none</b>
169 are. The same is true for editing or publishing capabilities - a user
170 can edit <b>all</b>
171 posts made by other users, or <b>none </b>of them.</p>
172 <p>Role
173 Scoper
174 allows you to assign roles in any of three scopes: blog-wide (Blog
175 scope),
176 category-wide (Section scope) or for a specific post/page (Object
177 scope). To reduce confusions, the
178 generic names &#8220;section&#8221; and "object" are not generally used in the User
179 Interface or in this documentation. &nbsp;However, a
180 section can consist of some custom taxonomy other than &#8220;category&#8221;, and
181 may or may not use the WP term_taxonomy schema. &nbsp;Likewise, Role
182 Scoper can be configured to control permissions for "objects" other
183 than posts and pages. &nbsp;In the future, other
184 plugins may use Role Scoper API to define sections
185 such as
186 forums, calendars or galleries.</p>
187 <p>When
188 some read
189 or edit operation is requested, Role Scoper filters the request and
190 grants
191 permission if the user has a qualifying role in any scope:</p>
192 <p style="text-align: center;" align="center"><span style="color: blue;">Blog
193 scope</span> <b>or</b>
194 <span style="color: blue;">Section
195 scope</span> <b>or</b> <span style="color: blue;">Object
196 scope</span>.</p>
197 <a name="roles~category"></a>
198 <h3>Category&nbsp;Role Assignment</h3>
199 <p>Category
200 roles, as an instance of &#8220;Section Roles&#8221;, are assigned on the WP Admin
201 -&gt;
202 Roles -&gt; Category page. &nbsp;Users and/or Groups may
203 receive a Category Role assignment.&nbsp;
204 Each Category has
205 a separate set of role checkboxes. Note that whether assigning or
206 removing role
207 assignments, you must check all the users/groups and all the roles
208 being
209 modified. The
210 dropdown list next to the &#8220;Update&#8221; button determine what effect the
211 update has.</p>
212 <p>When
213 assigning Category Roles, you can choose whether to assign to the selected
214 categories
215 only, to the selected and all subcategories (present or future), or to
216 subcategories only.</p>
217 <a name="roles~page"></a>
218 <a name="post"></a>
219 <a name="page"></a>
220 <h3>Post / Page Role Assignment</h3>
221 <p>Post
222 Roles and
223 Page Roles are instances of &#8220;Object Roles&#8221;. They may be assigned via
224 new tabs
225 on the WP post / page edit interface - &#8220;Readers&#8221;, &#8220;Editors&#8221;, etc. When
226 selecting users or groups for page role assignment, note that the
227 normal
228 checkboxes assign the role to current page, whereas the braced {[]}
229 checkbox
230 assigns the role to all subpages (present or future).</p>
231 <a name="restrictions~category"></a>
232 <h3>Category Restrictions <small><small>(previously
233 known as "Exclusive Section
234 Roles")</small></small></h3>
235 <p>A
236 role
237 assignment <b>grants </b>a user or group capabilities
238 which they may not
239 already have. When you assign several users the Post Editor role in
240 &#8220;Category
241 A&#8221;, you are allowing them to edit &#8220;Category A&#8221; posts on the basis
242 of&nbsp;Category Role. Some may already qualify based on their general
243 (blog-wide) WordPress role,
244 others may not.</p>
245 <p>However,
246 <b>one
247 user&#8217;s role assignment</b> <b>does not reduce access</b>
248 for any other users.
249 To deny some users access to &#8220;Category A&#8221; even though their General Role
250 qualifies, you must specify a<b>&nbsp;Category Restriction</b>.
251 There is a
252 separate setting for each Role in each Category. For Category A, if the
253 Post
254 Reader role is restricted, then users with a general Wordpress role of Post
255 Reader (which includes anonymous users) cannot read Category A posts
256 unless they
257 have a Category Role or Post Role assignment. Users with a different general role
258 which also contains the required capabilities will not be excluded.</p>
259 <p>Another
260 way of
261 describing&nbsp;Restrictions is that they allow you to selectively
262 remove
263 one or more qualifying clauses from the {General Role <b>OR</b> Category
264 Role <b>OR</b> Post/Page
265 Role} formula.</p>
266 <h5><b>Some
267 &#8220;Category Restriction&#8221; details to note:</b></h5>
268 <ul>
269 <li>If a
270 post is in &#8220;Category A&#8221; and &#8220;Category B&#8221;, a
271 user will not be excluded unless both categories have the necessary role restrictions.</li>
272 <li>With
273 any role assignment, a user is considered
274 to possess the assigned role <b>and</b> all roles it
275 &#8220;contains&#8221;. The Author
276 role contains the Contributor role if Author also has all of
277 Contributor&#8217;s
278 capabilities. The contained role is a subset of the containing role.</li>
279 <li>For a
280 user to be excluded, restrictions must be set for their General Role and all the roles it contains. For
281 example, if
282 a user&#8217;s&nbsp;Author role has been marked Restricted for &#8220;Category
283 A&#8221;, they
284 are not excluded from reading posts unless the roles &#8220;contained&#8221; in
285 Author (Post
286 Contributor and Post Reader) are also restricted. The actual role requirement in that case is Post Reader.</li>
287 <li>Blogs
288 which have used Role Manager to customize
289 WP roles should be aware of the following: If Role Scoper is configured
290 to use
291 &#8220;RS&#8221; role types, Category and Post/Page Restrictions are
292 applied on
293 the basis of which &#8220;RS&#8221; roles a user&#8217;s WP role contains. This statement will only
294 be
295 decipherable in conjunction with the documentation on &#8220;role types&#8221;. It
296 should
297 be a non-issue for WP installations which have removed any caps from
298 the
299 default WP role definitions.</li>
300 </ul>
301 <h3>Restricted Post / Page Roles</h3>
302 <p>As
303 stated
304 above, categories can be configured such that a user&#8217;s General Role is
305 ignored -
306 and a qualifying Category Role or Post/Page role assignment is required.
307 Likewise,
308 individual posts and pages can be configured such that General Role <b>and</b> Category Roles are ignored. These Post/Page Restrictions can be
309 used to
310 narrow read or edit access.</p>
311 <p>Limiting
312 read
313 access to a fixed set of users is a three-step operation in the
314 WordPress post
315 edit interface.</p>
316 <ol>
317 <li>select those users
318 in the &#8220;Readers&#8221; tab</li>
319 <li>check the
320 &#8220;Restrict&#8221; checkbox</li>
321 <li>save the post</li>
322 </ol>
323 <a name="groups"></a>
324 <h3>User
325 Groups</h3>
326 <p>Any General Role, Category Role or Post/Page role assignment can be applied to
327 individual
328 users <b>or</b> to a group of users. If your user base
329 includes subsets of user
330 who commonly get the same role assignments, consider defining those
331 users as
332 members of a Group.</p>
333 <h3>WP
334 Role Metagroups</h3>
335 <p>In
336 addition to
337 custom-defined user groups, you may find it convenient to assign some Category
338 Role or Post/Page Role to all users who have a certain WordPress-defined Role. You
339 will find
340 these metagroups (labeled as [WP Editor], [WP Author], etc.) alongside
341 the
342 custom-defined groups in role assignment interfaces. </p>
343 <h3>&#8220;Private&#8221; versus
344 &#8220;Restricted&#8221;</h3>
345 <p>Wordpress
346 defines &#8220;private&#8221; posts and pages as those which require a
347 corresponding
348 read_private capability, usually possessed only by Administrators,
349 Editors, and
350 by the content author. Most significantly, the content is hidden from
351 anonymous
352 users.</p>
353 <p>For
354 the
355 purpose of limiting read access, Role Scoper&nbsp;Restrictions can
356 be used
357 as an equivalent. If a post&#8217;s categories, or the post itself, Restrict
358 the&nbsp;Post Reader role, the post is effectively private regardless
359 of the
360 WP
361 private status. Likewise, Category Role or Post/Page Role assignments
362 can
363 enable
364 access to a &#8220;private&#8221; post or page as long as the assigned role
365 includes the
366 corresponding read_private capability.</p>
367 <p>Despite
368 the
369 potential equivalence stated above, setting sensitive posts or pages to
370 WP
371 &#8220;private&#8221; is still the recommended approach. This will ensure that if
372 Role
373 Scoper is accidentally disabled, content is not revealed
374 inappropriately. In
375 the future, Role Scoper may automatically set posts/pages to private
376 when a
377 corresponding Role Scoper setting is made. Due to technical
378 difficulties, you
379 must currently achieve that extra safeguard manually.</p>
380 <h3>Role
381 Type</h3>
382 <p>In
383 Wordpress
384 jargon, Roles contain Capabilities. Wordpress comes with a default set
385 of Roles
386 - Administrator, Editor, Author, Contributor and Subscriber. Those
387 default role
388 definitions are sensible and sufficient for most WP installations. The
389 adventuresome can use the Role Manager plugin to add or remove
390 capabilities
391 from any role, perhaps to account for new capabilities defined by some
392 other
393 plugin. The intent is that for any user, there is one role definition
394 which
395 comprehensively describes every capability the user has, for any object
396 type
397 which exists within the blog. Every user has one general role.</p>
398 <p>By
399 default,
400 Role Scoper takes a different approach - the &#8220;RS&#8221; role type. Each
401 object type
402 has a different set of role definitions. So, for posts, there are &#8220;Post
403 Reader,
404 Private Post Reader, Post Author, Post Editor&#8221; role definitions.
405 Likewise for
406 pages and, potentially, for other plugin-defined object types which
407 choose to
408 support RS role definitions. </p>
409 <p>The
410 upshot of
411 this is that instead of defining a modified &#8220;Author&#8221; role which also
412 includes
413 the &#8220;edit_pages&#8221; capability, you just assign the &#8220;Page Author&#8221; role
414 where
415 desired. Instead of just assigning one comprehensive WP-defined role,
416 you can
417 select a pertinent RS-defined role separately for each object type.</p>
418 <p>If
419 for any
420 reason you must apply WP-defined roles as Category Roles or Post/Page
421 Roles, simply
422 go to WP Admin &gt; Roles &gt; Roles and change the Role Type
423 dropdown to &#8220;WP&#8221;.
424 </p>
425 <h3>Limiting
426 the Page Parent Selection</h3>
427 <p>Another
428 happy
429 side effect of &#8220;RS&#8221; role types is the ease with which plugins can
430 enable users
431 to assign newly-defined capabilities. Role Scoper introduces the
432 &#8220;create_child_pages&#8221; capability. This capability enables a user to
433 select the
434 corresponding page as &#8220;Page Parent&#8221;. Otherwise a page is unavailable as
435 parent
436 unless the user can edit it. The new RS-defined &#8220;Page Associate&#8221;
437 contains
438 &#8220;create_child_pages&#8221;, making it one step up from Page Reader. This
439 useful role
440 distinction would have been difficult to provide if each blog
441 administrator was
442 required to manually merge the capability into existing WP roles.</p>
443 <p>Note
444 that Role
445 Scoper will not allow a page to be published with a &#8220;Main Page&#8221; parent
446 unless
447 the user has the blog-wide edit_published_ pages capability. Although
448 WordPress
449 doesn't provide a means to remove &#8220;Main Page&#8221; from the dropdown,
450 attempts by
451 unqualified users to publish a new page with &#8220;Main Page&#8221; parent will
452 result in
453 &#8220;draft&#8221; status. Attempts to modify an existing page from non-Main to
454 Main
455 (or from Main to non-Main) Page
456 Parent will revert the
457 page back to the previous stored Page Parent.<span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-weight: bold;"></span></span></p>
458 <a name="Section2|region"></a>
459 <h1 align="center">Section
460 2:
461 How-to Guide</h1>
462 <p align="center">(note:
463 this section is a
464 work in progress which does not yet fully address&nbsp;Editing
465 Roles)</p>
466 <h4>Defining a custom User Group <font size="-1">(not
467 required for direct user role assignment)</font></h4>
468 <ol class="step_list">
469 <li>Go
470 to WP Admin
471 -&gt; Groups</li>
472 <li>Click
473 the &#8220;Add New&#8221;
474 scroll link</li>
475 <li>Enter
476 a group name
477 and description</li>
478 <li>Select
479 checkboxes
480 for Group Members</li>
481 <li>Optionally,
482 select
483 Group Administrators
484 (WP admin can always manage group)</li>
485 <li>Click
486 the Create
487 button</li>
488 </ol>
489 <p>Groups
490 created in this manner will be available for role assignment in the
491 following
492 procedures.</p>
493 <p>Role
494 Scoper can be configured to hide or reveal posts regardless of any
495 WP-defined
496 &#8220;private&#8221; status. The procedures below are sufficient to set post
497 visibility.
498 However, there are three reasons you might still choose to set the WP
499 &#8220;private&#8221;
500 status:</p>
501 <ul>
502 <li>Setting
503 the WP &#8220;private&#8221; status will enable more flexibility in controlling
504 read access
505 per category</li>
506 <li>A
507 post that has the WP &#8220;private&#8221; status will continue to be hidden if
508 Role Scoper
509 is accidentally uninstalled.</li>
510 <li>Setting
511 the WP &#8220;private&#8221; status will make the posts easier to administer,
512 taking
513 advantage of &#8220;Manage Posts&#8221; filtering provided by the WP core</li>
514 </ul>
515 <p>The
516 following procedures apply regardless of whether you check the &#8220;keep
517 this post
518 private&#8221; box:</p>
519 <h4><b>Restricting
520 Read Access to an Individual Post/Page</b></h4>
521 <ol class="step_list">
522 <li>Enter
523 the WordPress
524 Write Post / Edit
525 Post interface</li>
526 <li>Scroll
527 down to the
528 &#8220;Readers&#8221; tab (under
529 &#8220;Advanced Options&#8221;) and expand it</li>
530 <li>Check
531 the
532 &#8220;Restrict&#8221; checkbox at the
533 bottom of the tab</li>
534 <li>Save
535 the post</li>
536 </ol>
537 <p>The
538 post will now be hidden from WP Subscribers who are not selected in
539 this
540 &#8220;Readers&#8221; tab.&nbsp; If the post must also be hidden from WP
541 Contributors, set
542 the &#8220;Restrict&#8221; checkbox in the &#8220;Contributors&#8221; tab.&nbsp; To hide
543 it from WP
544 Authors and Editors, set the &#8220;Restrict&#8221; checkbox in the &#8220;Editors&#8221;
545 tab.&nbsp;
546 In Role Scoper lingo, the post&nbsp;now&nbsp;Restricts the
547 checked
548 roles.</p>
549 <h4>Granting Read Access to an Individual Post/Page</h4>
550 <ol class="step_list">
551 <li><span style="font-weight: normal;">Decide
552 whether you
553 want to manage
554 permissions user-by-user, for Wordpress role &#8220;groups&#8221;, and/or for
555 custom-defined User Groups.&nbsp;</span> If custom user
556 groups are
557 desired, define
558 those first (see above).</li>
559 <li>Enter
560 the WordPress
561 Write Post / Edit
562 Post interface</li>
563 <li>Scroll
564 down to the
565 &#8220;Readers&#8221; tab (under
566 &#8220;Advanced Options&#8221;) and expand it</li>
567 <li>Select
568 the checkbox
569 of any User and/or
570 Group who should have read access</li>
571 <li>Save
572 the Post</li>
573 </ol>
574 <p>If
575 it's convenient to manage each hidden post/page with the above
576 procedures,
577 that's all you need to know.&nbsp; If access control by category is
578 desirable,
579 read on.</p>
580 <h4><b>Restricting
581 Read Access by Post Category</b></h4>
582 <ol class="step_list">
583 <li>Go
584 to WP Admin
585 -&gt; Restrictions -&gt; Category</li>
586 <li>Scroll
587 down to your
588 category of interest,
589 perhaps using the scroll link at top</li>
590 <li>Select
591 the &#8220;Private
592 Post Reader&#8221; checkbox
593 to restrict read access to private posts by anonymous users and WP
594 Subscribers</li>
595 <li>Optionally,
596 select
597 the &#8220;Post Reader&#8221;
598 checkbox to restrict read access to non-private posts by anonymous
599 users and WP
600 Subscribers <span style="font-weight: normal;">(if the WP
601 Subscriber role has not been modified to include
602 read_private_posts)</span></li>
603 <li>Scroll
604 to the top</li>
605 <li style="font-weight: normal;">Note
606 that the
607 adjacent dropdown indicates
608 that the Update action will cause blog-wide assignment of the selected
609 roles to
610 be ignored for posts in the selected category.</li>
611 <li>Click
612 the Update
613 button</li>
614 </ol>
615 <h4><b>Granting
616 Read Access by Post Category</b></h4>
617 <ol class="step_list">
618 <li>Go
619 to WP Admin
620 -&gt; Roles -&gt; Category
621 <br></li>
622 <li>Scroll
623 down to your
624 category of interest,
625 perhaps using the scroll link at top</li>
626 <li>Select
627 the roles you
628 would like to assign</li>
629 <li>Scroll
630 to the top</li>
631 <li>Select users and/or
632 groups to assign&nbsp;selected roles</li>
633 <li style="font-weight: normal;">Note
634 that the
635 adjacent dropdown indicates
636 that the Update action will cause the selected roles to be assigned
637 for
638 posts in the selected section.&nbsp;</li>
639 <li>If
640 you want the same
641 role to also be
642 assigned for all current and future subcategories, change the dropdown
643 to
644 &#8220;assign for selected and sub-categories&#8221;.</li>
645 <li>Click
646 the Update
647 button</li>
648 </ol>
649 <p>Note
650 that <b>if</b> a Post Restriction is <b>not</b> set for Readers, read
651 access to it will be granted if:</p>
652 <ul>
653 <li>the
654 user has a qualifying Category Role in any post category</li>
655 </ul>
656 <div style="margin-left: 80px;"><span style="font-weight: bold;">-
657 OR -</span></div>
658 <ul>
659 <li><b>any
660 </b>of
661 the post's categories
662 do not ignore the user's qualifying blog-wide general role (or another qualifying
663 role it
664 contains)</li>
665 </ul>
666 <p>So
667 you <b>cannot </b>hide a post just by assigning it to an
668 additional &#8220;hidden&#8221;
669 category.&nbsp; If individual posts don't restrict the Readers role,
670 they will be readable if <b>any</b> of their categories
671 are readable to the
672 user.&nbsp;&nbsp; If your categorization and post restriction
673 goals demand the
674 &#8220;readable cat + hidden cat = hidden post&#8221; formula, you'll be frustrated
675 with
676 this plugin.&nbsp; But here are some suggestions for making the
677 Role Scoper
678 model work with your existing categories:</p>
679 <ul>
680 <li>As
681 mentioned above, different role requirements and assignments can be
682 made for
683 &#8220;private&#8221; and &#8220;non-private&#8221; posts in the same category.</li>
684 <li>Depending
685 on how your theme displays categories, you could move some &#8220;Category A&#8221;
686 posts
687 into a new subcategory ( Category A / Category A*), and remove them
688 from
689 &#8220;Category A&#8221;.&nbsp; Then set Category Restrictions and Category Role assignments for Category A*.</li>
690 </ul>
691 <p></p>
692 <h4><b>Restrict
693 Posting
694 / Editing by Category</b></h4>
695 <p>There
696 are two pieces:
697 granting access and restricting access, and two basic ways to achieve
698 the
699 desired access and restrictions:</p>
700 <ul type="disc">
701 <li>Start
702 with user(s) who have too little access and elevate them</li>
703 <li>Start
704 with user(s) who have too much access and restrict them</li>
705 </ul>
706 <p>You can also use some
707 combination
708 of the two.&nbsp; Where
709 possible simplify your life by setting your users as WordPress
710 subscribers,
711 then following the first Role Scoper configuration procedure
712 below.&nbsp; This also provides the
713 greatest security,
714 since those users will default to zero editing ability if Role Scoper
715 is
716 accidentally deactivated or otherwise disabled.</p>
717 <h4><b>Enabling
718 a
719 Subscriber to Post in specific Categor(ies)</b></h4>
720 <ol class="step_list">
721 <li>Set
722 UserA to WordPress role of Subscriber</li>
723 <li>Assign
724 a Category Role of Post Author to UserA for the desired category (WP
725 Admin &gt;
726 Roles &gt; Category)</li>
727 </ol>
728 <p>If some users need to
729 retain a
730 higher WordPress role
731 but still be limited in posting categories, you will also need to
732 define that
733 extra restriction as follows:</p>
734 <p></p>
735 <h4><b>Restricting
736 Posting Categor(ies) for Contributor/Author/Editor</b></h4>
737 <ol class="step_list">
738 <li>Go
739 to the Category Restrictions admin
740 page&nbsp;<br>
741 (WP Admin &gt; Restrictions &gt; Category)</li>
742
743 <li>In the "DEFAULTS" table, check
744 the boxes for &#8220;Post
745 Contributor&#8221; and &#8220;Post Author&#8221;.&nbsp; Also &#8220;Post Editor&#8221; if you
746 want to
747 restrict WP editors.</li><li>Confirm
748 the dropdowns next to
749 Update button say &#8220;Restrict selected roles" and "for selected categories"</li>
750 <li>Click
751 Update</li>
752
753 </ol>
754 <p>Now Contributor and
755 Authors (and
756 editors, if you restricted
757 that role) will not be able to post or edit in any&nbsp;category
758 unless you assign them a Category Role for it, as explained for UserA
759 above. &nbsp;Note that the "DEFAULTS" setting applies the restriction
760 to all existing and future categories (unless one is manually
761 unrestricted). &nbsp;To restrict fewer categories, select desired
762 restrictions for each category instead.</p>
763 <br>
764 <h4><b><b>Enabling a User to Edit Specific Page(s),
765 and Nothing Else:</b></b></h4>
766 <ol class="step_list">
767 <li> Give them a WordPress role of Subscriber</li>
768 <li>Manage &gt; Pages &gt; Edit their page</li>
769 <li>Expand the "Editors" tab under "Advanced Options"</li>
770 <li>Check the non-braced checkbox to the left of your user's
771 name&nbsp;<span style="font-weight: normal;">(if subpages will be created, also check the braced checkbox {[]}, which
772 assigns the role for all current or future subpages)</span></li>
773 <li>Save the Page</li>
774 </ol>
775 <p>Note that if you also assign this user a Role Scoper General Role
776 of
777 Page Author, they will be able to create subpages off their member
778 page, but not off any other pages:</p>
779 <ol class="step_list">
780 <li> Go to WP Admin &gt; Roles &gt; General</li>
781 <li>&nbsp;Select your user name(s)</li>
782 <li>&nbsp;Select the Page Author role</li>
783 <li>&nbsp;Click Update</li>
784 </ol>
785 <p> <strong>OR</strong>, if you want all subscribers
786 to have this ability:</p>
787 <ol class="step_list">
788 <li> Go to WP Admin &gt; Roles &gt; General</li>
789 <li>Select [WP Subscriber]</li>
790 <li>Select the Page Author role</li>
791 <li>Click Update</li>
792 </ol>
793 <p></p>
794 <a name="Section3|region"></a>
795 <h1 align="center">Section
796 3:
797 Customizations and Extensions</h1>
798 <p align="center">(note:
799 this section will
800 be expanded in future revisions)</p>
801 <h3>Hidden
802 Content Teaser</h3>
803 <p>By
804 default,
805 Role Scoper hides content for which users lack a sufficient role
806 assignment.
807 You can also apply a teaser by activating that option in the Role
808 Scoper
809 options page at WP Admin &gt; Roles &gt; Roles.</p>
810 <h3>Other
811 Role Scoper Options</h3>
812 <p>Other
813 options
814 on the Roles &gt; Options page pertain
815 primarily to customizations
816 of the Role Scoper for future plugin-defined data sources. Most users
817 can
818 safely leave the default settings. The settings available there do
819 contains
820 descriptive captions.</p>
821 <h3>Template
822 Functions</h3>
823 <p>To
824 support
825 customized markup of restricted and/or currently hidden posts, Role
826 Scoper
827 provides the following template functions for use in themes:</p>
828 <p><span style="font-family: &quot;Courier New&quot;; color: blue;">&nbsp;is_restricted_rs(
829 );</span></p>
830 <p><span style="font-family: &quot;Courier New&quot;; color: blue;">&nbsp;is_teaser_rs(
831 );</span><br>
832 <br>
833 note:
834 If
835 calling these functions outside the WP loop, you should pass post ID as
836 the
837 first function argument. Otherwise just call as stated above.</p>
838 <h3>Plugin
839 API</h3>
840 <p>Other
841 plugins
842 may define their own data sources, taxonomies (WP term_taxonomy or
843 custom
844 tables), capabilities and roles. See defaults_rs.php and
845 role-scoper_main.php
846 for example hook usage. Details will be provided in later versions of
847 this
848 document.</p>
849 <p>A
850 current
851 version of this document is available online at </p>
852 <p><a href="http://agapetry.net/downloads/RoleScoper_UsageGuide.htm">http://agapetry.net/downloads/RoleScoper_UsageGuide.htm</a></p>
853 </div>
854 </body></html>
Something went wrong with that request. Please try again.