- This topic has 22 replies, 3 voices, and was last updated 6 years, 10 months ago by
.
-
Posts
-
Hello,
We would like to give a custom role, the ability to assign and remove roles(limited by Other Roles access) for All users. However, we would not like to use the user-edit.php page the way it is right now, with the ability to edit many other things other than just the “Additional Capabilities” > other Roles.
1) Is it possible, using capabilities and Admin Menu restrictions, to limit the content of the user-edit.php (and users.php) pages, so that this new role only sees the users and ability to assign roles? No ability to edit capabilities/profile color/names etc.. that is available with “edit_users” capability.
2) Is it possible, to use a ure hook, to implement a page in a custom plugin, to list users and then a drop down, which on submission will update roles?
How would you solve this requirement?
Thanks,
Shweta3) Use a trimmed down “users.php” where, the only capability they have is to Grant Roles(URE) for users?
Hi,
It’s possible to hide ‘Edit’ link under every user row at users.php and block access to user profile editing adding this code to functions.php of active theme:add_filter('user_row_actions', 'custom_user_row_actions', 10, 2); function custom_user_row_actions($actions, $user) { if (current_user_can('user-manager')) { unset($actions['edit']); } return $actions; } add_action('admin_head', 'custom_block_user_profile', 101); function custom_block_user_profile() { $url = strtolower($_SERVER['REQUEST_URI']); if (strpos($url, 'user-edit.php')===false) { return; } if (!current_user_can('user-manager')) { return; } $url = admin_url() .'/users.php'; if (headers_sent()) { ?> <script> document.location.href = '<?php echo $url; ?>'; </script> <?php die; } else { wp_redirect($url); } }So it seems that task was resolved as users.php has a “Grant Roles” button. But I discovered a problem here with your help. Thanks. User without ‘ure_manage_options’ capability can not use “Grant Roles” button. He will get “Not enough permissions” error message on a try to change user’s roles. It’s really wrong.
So I have to update base version of ‘User Role Editor’ to fix this issue. Let’s wait a next update – about a week.
Non-admin user still can use WordPress’s “Change role to”. So if there is no urgent need to grant users multiple role you can use this recipe as it is. In order to grant multiple roles – wait a next update of URE and URE Pro.
Vladimir,
Thank you so much for your quick response, and suggestion to update the code for this. I will try out this recipe and see how it works. We do require non-admin user, to be able to grant multiple roles.
Thanks,
ShwetaVladimir,
another thing – With Grant Roles, it seems the list is not limited by the “Other Roles access”, and when user is granted those roles, it overwrites their primary role for the site too.
Is it possible, to Not allow this ‘user-manager’ to update the primary role, instead just update the “Other Roles” using Grant Roles button on All Users page?
Hi Shweta,
Yes, correct. ‘Grant Roles’ replaces all roles granted to user including a primary role.
I will look how to achieve this: using custom filter for example or something else.Hi Shweta,
I work on the update. “Grant Roles” window will have 2 parts: Primary role and Other roles.
Custom filter will allow to hide “Primary role” section.I suppose to publish the update next week.
Vladimir,
Any ETA on the update? We have a critical implementation for a site, pending your update.
Thanks for working on this.
-Shweta
Hi Shweta,
It’s almost ready, but needs some additional testing before publishing. Can you test the updated version 1st at a stage environment?
Beta 2 of version 4.34.2 is available after login from download page.
Related changes:
- Update: Core version: “Users->Grant Roles” button worked only for superadmin or user with ‘ure_manage_options’ capability. User with ‘edit_users’ can use this feature now.
- New: Core version: Boolean filter ‘ure_users_select_primary_role’ can hide ‘Primary role’ selection controls from the user profile edit page. Boolean filter ‘ure_users_show_wp_change_role’ can hide “Change Role” bulk action selection control from the Users page. So it’s possible to configure permissions for user who can change just other roles of a user without changing his primary role.
Custom filter samples:
add_filter('ure_users_select_primary_role', 'ure_users_select_primary_role'); function ure_users_select_primary_role($show) { $show = false; return $show; } add_filter('ure_users_show_wp_change_role', 'ure_show_wp_change_role'); function ure_show_wp_change_role($show) { $show = false; return $show; }Hi,
Just a quick related question:
Update: Core version: “Users->Grant Roles” button worked only for superadmin or user with ‘ure_manage_options’ capability. User with ‘edit_users’ can use this feature now.
I noticed this issue, good to see it will be resolved! However, would it be possible to hide the “Grant Roles” button if the user has no rights to use it, to keep things clean and simple?
I have a custom role with none of the capabilities mentioned above, but still they see the button … As far as I can tell from the 4.34.1 code there is no limitation on show_grant_roles_html().
Greetings,
Frederik
- You must be logged in to reply to this topic.
