Forum Replies Created
-
Posts
-
Hi,
Currently User Role Editor Pro “Other Roles Access” add-on does not apply any restrictions for the users with ‘administrator’ role. My apologies for confusion as URE allows to edit the other role access restrictions for ‘Administrator’ role at the same time.
I will add a custom filter for this with a next update. So you may change this logic – apply other roles restrictions to the local administrators under multisite or not.
A quick workaround for current 4.28.2 version: open wp-content/plugins/user-role-editor-pro/pro/classes/other-roles-access.php file and comment lines 125, 126, 127, so you should get this code:
protected function blocking_needed() { global $current_user; // do not block data for superadmin $multisite = $this->lib->get('multisite'); if ($multisite && is_super_admin()) { return false; } // do not block data for local administrator //if ($this->lib->user_has_capability($current_user, 'administrator')) { // return false; //} // user can update access to other roles if ($this->lib->user_has_capability($current_user, self::other_roles_access_cap)) { return false; } ...Kevin,
As a quick fix you may replace the file
wp-content/plugins/user-role-editor-pro/pro/includes/classes/admin-menu-url-allowed-args.php
with the file from the zip attached to the message I emailed you directly.Let me know the result when you find a time to test it.
Hi Kevin,
Thanks for the additional information. I reproduced this issue. It’s the bug.
As we apparently allow just ‘edit-comments.php’ URL under ‘block on not selected’ model URE blocks by default any URLS which differs from ‘edit-comments.php’.I should add ‘comment_status’ to the list of allowed parameters for ‘edit-comments.php’. I will do it with the next update to User Role Editor Pro.
I will let you know when development version with this update will be available for testing. I will try to prepare it until October 10th, 2016.Hi Kevin,
Such problem may appear when you use “Admin Menu Access” add-on to block some menu items. URE thinks that URL with unknown parameters like ‘comment_status’ are prohibited. There is a workaround for this.
Show me the screenshots what settings you made with “Admin Menu” for the role which is redirected to dashboard when you try to use filtering tabs at the Comments page. I will try to reproduce your situation and recommend a solution.
Try this variant. I removed the “Account Details” from the left menu items too, as it’s the only available my account endpoint and it’s not sense to place the link on the same page.
add_filter('woocommerce_account_menu_items', 'filter_wc_my_account_menu'); add_action('template_redirect', 'redirect_for_blocked_wc_pages'); function filter_wc_my_account_menu($items) { if (!current_user_can('subscriber')) { return $items; } if (isset($items['dashboard'])) { unset($items['dashboard']); } if (isset($items['orders'])) { unset($items['orders']); } if (isset($items['downloads'])) { unset($items['downloads']); } if (isset($items['edit-address'])) { unset($items['edit-address']); } if (isset($items['edit-account'])) { unset($items['edit-account']); } if (isset($items['payment-methods'])) { unset($items['payment-methods']); } return $items; } function redirect_from_blocked_url() { $my_account_url = wc_get_endpoint_url('edit-account'); wp_redirect($my_account_url); die; } function check_end_point_url($end_point, $current_url) { $blocked_url = wc_get_endpoint_url($end_point); if ($current_url==$blocked_url) { redirect_from_blocked_url(); } } function redirect_for_blocked_wc_pages() { global $wp, $wp_query; if (!current_user_can('subscriber')) { return; } if (is_account_page() && !is_wc_endpoint_url()) { // block Woo My Account Dashboard; redirect_from_blocked_url(); } $current_url = trailingslashit(home_url($wp->request)); $blocked_end_points = array('dashboard', 'orders', 'downloads', 'edit-address', 'payment-methods'); foreach($blocked_end_points as $bep) { check_end_point_url($bep, $current_url); } }Right. Send that URL to support [at-sign] role-editor.com. I need to see a full structure to take a solution how to resolve this issue.
Yes, it’s exactly that what I asks to show. Thanks.
I still can not reproduce the issue though.
Could you check and show me the link from your site for the ‘Log Out’ menu item at top right corner. I suppose the only case when it could be removed by URE Pro – when it was modified somehow from the default value: wp-login.php?action=logout&_wpnonce=…Hi,
All these WooCommerce Settings page tabs a linked to the URL like
admin.php?page=wc-settings&tab=
I do not see page=woocommerce anywhere. WordPress can not find such resource registered and shows the error message ‘can not load …’.Try to find why you have the wrong links at these tabs.
Hi,
Try to install this code as a “must use” plugin. Replace ‘subscriber’ role inside to you own role ID, e.g. ‘candidate’:
add_filter('woocommerce_account_menu_items', 'filter_wc_my_account_menu'); add_action('template_redirect', 'redirect_for_blocked_wc_pages'); function filter_wc_my_account_menu($items) { if (!current_user_can('subscriber')) { return $items; } if (isset($items['dashboard'])) { unset($items['dashboard']); } if (isset($items['orders'])) { unset($items['orders']); } if (isset($items['downloads'])) { unset($items['downloads']); } if (isset($items['edit-address'])) { unset($items['edit-address']); } if (isset($items['payment-methods'])) { unset($items['payment-methods']); } return $items; } function check_end_point_url($end_point, $current_url) { $blocked_url = wc_get_endpoint_url($end_point); if ($current_url==$blocked_url) { $my_account_url = wc_get_endpoint_url('woo-account-page'); wp_redirect($my_account_url); die; } } function redirect_for_blocked_wc_pages() { global $wp; if (!current_user_can('subscriber')) { return; } $current_url = trailingslashit(home_url($wp->request)); $blocked_end_points = array('dashboard', 'orders', 'downloads', 'edit-address', 'payment-methods'); foreach($blocked_end_points as $bep) { check_end_point_url($bep, $current_url); } }
