Viewing 8 posts - 16 through 23 (of 23 total)
  • Author
    Posts
  • #1720

    It looks like users of this franchise “role” can edit these pages if they enter from the front end like it shows in this screenshot: http://screencast.com/t/9AC8oHbrndP

    How do we make these pages actually un-editable rather then hidden?

    Thank you so much!

    m-

    #1721
    Vladimir
    Keymaster

    This is the updated version, which takes into account front-end and blocks editing selected pages. You need update it for your role.

    
    add_action('pre_get_posts', 'restrict_posts_list');
    
    function restrict_posts_list($query) {
    
        if ( !is_blog_admin()) { 
            return $query;
        }
        
        if (current_user_can('administrator') || !current_user_can('editor'))  {
            return $query;
        }
        
        $suppressing_filters = $query->get('suppress_filters'); // Filter suppression on?
    
        if ($suppressing_filters) {
            return query;
        }
    
        if ($query->query['post_type']=='page') {            
            $posts_restriction_type = 2; // Prohibit
            $posts_list = array(709, 763);  // comma separated list of pages IDs
            if ($posts_restriction_type==1) {   // Allow
                $query->set('post__in', $posts_list);
            } else {    // Prohibit
                $query->set('post__not_in', $posts_list);
            }
        }
    
        return $query;
    }
    // end of restrict_posts_list()
    
    function current_user_has_role($role_to_check) {
        global $current_user;
        
        $has_role = false;
        foreach($current_user->roles as $role) {
            if ($role===$role_to_check) {
                $has_role = true;
                break;
            }
        }
        
        return $has_role;
    }
    // end of current_user_has_role()
    
    function get_pages_capabilities() {
        $cap_object = new stdClass();
        $cap_object->capability_type = 'page';
        $cap_object->capabilities = array();
        $cap_object->map_meta_cap = true;
        $capabilities = (array) get_post_type_capabilities($cap_object);
        
        return $capabilities;
    }
    
    add_filter('map_meta_cap', 'block_edit_pages', 10, 4);
    
    function block_edit_pages($caps, $cap = '', $user_id = 0, $args = array()) {
    
        if (current_user_has_role('administrator') || !current_user_has_role('editor')) {
            return $caps;
        }
        
        if (substr($cap, 0, 4)=='read') {   // do not block read capabilities
            return $caps;
        }
        
        $posts_restriction_type = 2; // Prohibit
        $posts_list = array(709, 763);   // comma separated list of pages IDs
        
    
        $capabilities = get_pages_capabilities();        
        if (!isset($capabilities[$cap])) {
            return $caps;
        }
    
        if (count($args) > 0) {
            $post_id = $args[0];
        } else {
            $post_id = filter_input(INPUT_GET, 'post', FILTER_SANITIZE_NUMBER_INT);
        }
        if (empty($post_id)) {
            return $caps;
        }
    
        $post = get_post($post_id);    
        if (empty($post) || $post->post_type!=='page') {
            return $caps;
        }
    
        $do_not_allow = in_array($post_id, $posts_list);    // not edit these pages
        if ($posts_restriction_type == 1) {
            $do_not_allow = !$do_not_allow;   // not edit other pages
        }
        if ($do_not_allow) {
            $caps[] = 'do_not_allow';
        }
    
        return $caps;
    }
    // end of block_edit_pages()
    
    #1722

    Thank you I just added this code to my functions.php file and it makes my whole WP installation stop working. With just a blank screen on refresh of the back end and the front end.

    if (is_blog_admin() && !(is_super_admin() || current_user_can(‘administrator’)) && current_user_can(‘franchise’)) {
    return $query;
    }

    $suppressing_filters = $query->get(‘suppress_filters’); // Filter suppression on?

    if ($suppressing_filters) {
    return query;
    }

    if ($query->query[‘post_type’]==’page’) {
    $posts_restriction_type = 2; // Prohibit
    $posts_list = array(3,4,5,25,26,27,28,29,30,6,77,79,36,7,81,37,38,39,8,9,10,11,12,13,14,15,16,33,32,35); // comma separated list of pages IDs
    if ($posts_restriction_type==1) { // Allow
    $query->set(‘post__in’, $posts_list);
    } else { // Prohibit
    $query->set(‘post__not_in’, $posts_list);
    }
    }

    return $query;
    }
    // end of restrict_posts_list()

    function current_user_has_role($role_to_check) {
    global $current_user;

    $has_role = false;
    foreach($current_user->roles as $role) {
    if ($role===$role_to_check) {
    $has_role = true;
    break;
    }
    }

    return $has_role;
    }
    // end of current_user_has_role()

    function get_pages_capabilities() {
    $cap_object = new stdClass();
    $cap_object->capability_type = ‘page’;
    $cap_object->capabilities = array();
    $cap_object->map_meta_cap = true;
    $capabilities = (array) get_post_type_capabilities($cap_object);

    return $capabilities;
    }

    add_filter(‘map_meta_cap’, ‘block_edit_pages’, 10, 4);

    function block_edit_pages($caps, $cap = ”, $user_id = 0, $args = array()) {

    if (is_blog_admin() && !(is_super_admin() || current_user_can(‘administrator’)) && current_user_can(‘franchise’)) {
    return $caps;
    }

    if (substr($cap, 0, 4)==’read’) { // do not block read capabilities
    return $caps;
    }

    $posts_restriction_type = 2; // Prohibit
    $posts_list = array(3,4,5,25,26,27,28,29,30,6,77,79,36,7,81,37,38,39,8,9,10,11,12,13,14,15,16,33,32,35); // comma separated list of pages IDs

    $capabilities = get_pages_capabilities();
    if (!isset($capabilities[$cap])) {
    return $caps;
    }

    if (count($args) > 0) {
    $post_id = $args[0];
    } else {
    $post_id = filter_input(INPUT_GET, ‘post’, FILTER_SANITIZE_NUMBER_INT);
    }
    if (empty($post_id)) {
    return $caps;
    }

    $post = get_post($post_id);
    if (empty($post) || $post->post_type!==’page’) {
    return $caps;
    }

    $do_not_allow = in_array($post_id, $posts_list); // not edit these pages
    if ($posts_restriction_type == 1) {
    $do_not_allow = !$do_not_allow; // not edit other pages
    }
    if ($do_not_allow) {
    $caps[] = ‘do_not_allow’;
    }

    return $caps;
    }
    // end of block_edit_pages()

    #1723
    Vladimir
    Keymaster

    Code you showed is incomplete and invalid. It lost the begin of restrict_posts_list() function. Please re-check, what you added to the functions.php

    #1724
    Vladimir
    Keymaster

    I offer you to remove related code from the functions.php file. Take file from this zip
    https://storage.googleapis.com/role-editor/downloads/block-pages-for-role.zip
    replace ‘editor’ with ‘franchise’, input your own pages ID list and place this .php file to
    wp-content/mu-plugins folder. Test that it works.
    Then apply your own enhancements if needed.

    #1725

    Thank you! Do I have to add a “include(‘block-pages-for-role.php’);” to the functions.php file? to make it work?

    #1726

    It looks to work with include(‘mu-plugins/block-pages-for-role.php’); added to the functions.pho file.

    Thank you!

    #1727
    Vladimir
    Keymaster

    Thanks for the feedback.

    Just in case it will be helpful, as a ‘must use’ plugin it should work without any “include” in functions.php and thus, for any theme, just from wp-content/mu-plugins folder:
    https://codex.wordpress.org/Must_Use_Plugins

Viewing 8 posts - 16 through 23 (of 23 total)
  • You must be logged in to reply to this topic.