Change WordPress user roles and capabilities › Forums › Restrict or Permit access inside WordPress – how to › Restrict editing pages by user role?
- This topic has 22 replies, 6 voices, and was last updated 9 years ago by Vladimir.
-
AuthorPosts
-
29/09/2015 at 23:33 #1720[email protected]Participant
It looks like users of this franchise “role” can edit these pages if they enter from the front end like it shows in this screenshot: http://screencast.com/t/9AC8oHbrndP
How do we make these pages actually un-editable rather then hidden?
Thank you so much!
m-
30/09/2015 at 03:32 #1721VladimirKeymasterThis is the updated version, which takes into account front-end and blocks editing selected pages. You need update it for your role.
add_action('pre_get_posts', 'restrict_posts_list'); function restrict_posts_list($query) { if ( !is_blog_admin()) { return $query; } if (current_user_can('administrator') || !current_user_can('editor')) { return $query; } $suppressing_filters = $query->get('suppress_filters'); // Filter suppression on? if ($suppressing_filters) { return query; } if ($query->query['post_type']=='page') { $posts_restriction_type = 2; // Prohibit $posts_list = array(709, 763); // comma separated list of pages IDs if ($posts_restriction_type==1) { // Allow $query->set('post__in', $posts_list); } else { // Prohibit $query->set('post__not_in', $posts_list); } } return $query; } // end of restrict_posts_list() function current_user_has_role($role_to_check) { global $current_user; $has_role = false; foreach($current_user->roles as $role) { if ($role===$role_to_check) { $has_role = true; break; } } return $has_role; } // end of current_user_has_role() function get_pages_capabilities() { $cap_object = new stdClass(); $cap_object->capability_type = 'page'; $cap_object->capabilities = array(); $cap_object->map_meta_cap = true; $capabilities = (array) get_post_type_capabilities($cap_object); return $capabilities; } add_filter('map_meta_cap', 'block_edit_pages', 10, 4); function block_edit_pages($caps, $cap = '', $user_id = 0, $args = array()) { if (current_user_has_role('administrator') || !current_user_has_role('editor')) { return $caps; } if (substr($cap, 0, 4)=='read') { // do not block read capabilities return $caps; } $posts_restriction_type = 2; // Prohibit $posts_list = array(709, 763); // comma separated list of pages IDs $capabilities = get_pages_capabilities(); if (!isset($capabilities[$cap])) { return $caps; } if (count($args) > 0) { $post_id = $args[0]; } else { $post_id = filter_input(INPUT_GET, 'post', FILTER_SANITIZE_NUMBER_INT); } if (empty($post_id)) { return $caps; } $post = get_post($post_id); if (empty($post) || $post->post_type!=='page') { return $caps; } $do_not_allow = in_array($post_id, $posts_list); // not edit these pages if ($posts_restriction_type == 1) { $do_not_allow = !$do_not_allow; // not edit other pages } if ($do_not_allow) { $caps[] = 'do_not_allow'; } return $caps; } // end of block_edit_pages()
30/09/2015 at 04:34 #1722[email protected]ParticipantThank you I just added this code to my functions.php file and it makes my whole WP installation stop working. With just a blank screen on refresh of the back end and the front end.
if (is_blog_admin() && !(is_super_admin() || current_user_can(‘administrator’)) && current_user_can(‘franchise’)) {
return $query;
}$suppressing_filters = $query->get(‘suppress_filters’); // Filter suppression on?
if ($suppressing_filters) {
return query;
}if ($query->query[‘post_type’]==’page’) {
$posts_restriction_type = 2; // Prohibit
$posts_list = array(3,4,5,25,26,27,28,29,30,6,77,79,36,7,81,37,38,39,8,9,10,11,12,13,14,15,16,33,32,35); // comma separated list of pages IDs
if ($posts_restriction_type==1) { // Allow
$query->set(‘post__in’, $posts_list);
} else { // Prohibit
$query->set(‘post__not_in’, $posts_list);
}
}return $query;
}
// end of restrict_posts_list()function current_user_has_role($role_to_check) {
global $current_user;$has_role = false;
foreach($current_user->roles as $role) {
if ($role===$role_to_check) {
$has_role = true;
break;
}
}return $has_role;
}
// end of current_user_has_role()function get_pages_capabilities() {
$cap_object = new stdClass();
$cap_object->capability_type = ‘page’;
$cap_object->capabilities = array();
$cap_object->map_meta_cap = true;
$capabilities = (array) get_post_type_capabilities($cap_object);return $capabilities;
}add_filter(‘map_meta_cap’, ‘block_edit_pages’, 10, 4);
function block_edit_pages($caps, $cap = ”, $user_id = 0, $args = array()) {
if (is_blog_admin() && !(is_super_admin() || current_user_can(‘administrator’)) && current_user_can(‘franchise’)) {
return $caps;
}if (substr($cap, 0, 4)==’read’) { // do not block read capabilities
return $caps;
}$posts_restriction_type = 2; // Prohibit
$posts_list = array(3,4,5,25,26,27,28,29,30,6,77,79,36,7,81,37,38,39,8,9,10,11,12,13,14,15,16,33,32,35); // comma separated list of pages IDs$capabilities = get_pages_capabilities();
if (!isset($capabilities[$cap])) {
return $caps;
}if (count($args) > 0) {
$post_id = $args[0];
} else {
$post_id = filter_input(INPUT_GET, ‘post’, FILTER_SANITIZE_NUMBER_INT);
}
if (empty($post_id)) {
return $caps;
}$post = get_post($post_id);
if (empty($post) || $post->post_type!==’page’) {
return $caps;
}$do_not_allow = in_array($post_id, $posts_list); // not edit these pages
if ($posts_restriction_type == 1) {
$do_not_allow = !$do_not_allow; // not edit other pages
}
if ($do_not_allow) {
$caps[] = ‘do_not_allow’;
}return $caps;
}
// end of block_edit_pages()30/09/2015 at 04:45 #1723VladimirKeymasterCode you showed is incomplete and invalid. It lost the begin of restrict_posts_list() function. Please re-check, what you added to the functions.php
30/09/2015 at 04:51 #1724VladimirKeymasterI offer you to remove related code from the functions.php file. Take file from this zip
https://storage.googleapis.com/role-editor/downloads/block-pages-for-role.zip
replace ‘editor’ with ‘franchise’, input your own pages ID list and place this .php file to
wp-content/mu-plugins folder. Test that it works.
Then apply your own enhancements if needed.30/09/2015 at 05:25 #1725[email protected]ParticipantThank you! Do I have to add a “include(‘block-pages-for-role.php’);” to the functions.php file? to make it work?
30/09/2015 at 05:39 #1726[email protected]ParticipantIt looks to work with include(‘mu-plugins/block-pages-for-role.php’); added to the functions.pho file.
Thank you!
30/09/2015 at 05:48 #1727VladimirKeymasterThanks for the feedback.
Just in case it will be helpful, as a ‘must use’ plugin it should work without any “include” in functions.php and thus, for any theme, just from wp-content/mu-plugins folder:
https://codex.wordpress.org/Must_Use_Plugins -
AuthorPosts
- You must be logged in to reply to this topic.