Change WordPress user roles and capabilities Forums Bug Reports Being redirected to the Media Library when selecting a file in Theme/Editor

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #5263

    Hi,
    I have configured some user role settings for the Editor role including giving it access to the theme editor so that users with this capability can edit the various php files of a theme.
    However, when a user with Editor capability goes to Appearance/Editor and selects say header.php, instead of displaying that file for editing, it takes them to the Medial Library.
    The default file shown (style.css) can be edited but if any of the other files are selected, we are taken to the Media Library!
    Users with Admin capability can edit files without problem.
    Any help gratefully received!
    Regards,
    Nick Burton

    #5264
    Vladimir
    Keymaster

    Hi Nick,

    Issue with redirection may be related to these details of admin menu access module realization.

    Do you know that any user with access to .php file editing can get full access to the site in a seconds? Just couple lines of PHP code may give full access. Thus, there is no sense to limit access for user with .php editing permissions in any way. You should trust such users. It’s a good practice to block file editing at production sites. Even trusted user may lead to site crash due to unintended mistake or even typo during file editing.

    #5271

    Hi Vladimir,

    Thank you – your advice has worked!

    We couldn’t give the customer full access to the site admin directly as that would allow them to see potentially sensitive info such as our Google API and other licencing info. I appreciate that they could still get full access by manipulating the .php files available in the theme editor but that is more manageable for us than just giving them access to everything!

    Thanks again and regards,

    Nick

Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.