Forum Replies Created
-
Posts
-
Deactivate “User Role Editor Pro” temporally and check if not logged in visitor sees the same list of jobs.
Did you setup any “Content view restrictions” for the jobs?
Hi,
“PressApps” menu is available to the role, but it’s not shown by “Admin menu” window, right?
It seems this plugin addes ‘pa_non_existent_capability’ programmatically, on the fly and uses some tricks with it (possibly filters), instead of adding it to the role directly.You may send a copy of ‘PressApps Knowledge Base’ plugin to support email. I will investigate how to make its menu available for “Admin menu access’ module.
I see just menu definition code at the provided file. Did you define your custom post types somewhere else?
Hi Greg,
Open ‘Shop Manager’ role at Users->User Role Editor.
Revoke ‘activate_plugins’, add ‘manage_options’ capability. Click ‘Update’ to save your changes.
Test your changes. You will see that user got access to the ‘WitFTP’ menu item. But he got access to the ‘Settings’ and possibly other menus also.
That’s why I recommended you to activate ‘Admin menu access’ add-on and block with it menu items unneeded for the ‘Shop Manager’ role.Let me know the result and if you need further help, including live site.
Greg,
BackupBuddy uses ‘activate_plugins’ capability to protect all its menu items. So when you revoke ‘activate_plugins’ from ‘Shop Manager’ role it will not see ‘BackupBuddy’ menu.
You may add ‘manage_options’ capability to ‘Shop Manager’ role. It will see ‘WitFTP’ menu then. But it will see ‘Settings’ and some other menu items protected by the same ‘manage_options’ capability. You may block them for ‘Shop Manager’ role using ‘Admin menu access’ module:
Hi Greg,
Permission to activate plugin does not give to a user a permission to use it.
If ‘activate/deactivate’ plugin is not critical function for your shop manager (you may activate those plugins once as administrator) you may do not give him ‘activate_plugins’ capability at all.WitFTP protectes its menu item by ‘manage_options’ user capability.
You may use ‘Admin menu access’ add-on
https://www.role-editor.com/block-admin-menu-items
in order to block extra menu items which will become available to editor tole after you add to it the ‘manage_options’ capability.It seems that shop manager has enough permissions to access BackupBuddy. I don’t have it on hands to check what capabilities it requires. I may check that if you send plugin copy to support email. I use such plugins for testing purpose and locally only.
WordPress uses just ‘edit_{post_type_name}’ by default. ‘create_{post_type_name}’ is added as additional restriction when you activate “edit restrictions” add-on at User Role Editor Pro settings. So restricted user without ‘create_’ capability can not add new posts.
That’s good that you found a workaround.
I did not make any tests myself yet. So, just my assumptions:
Did you define custom post type with 1st uppercase letter, like ‘News’ instead of ‘news’?
Some mess may take place with capability ID: ‘create_newss’ vs ‘create_Newss’. Last one could be not converted or converted to the lowercase somewhere.I suppose that the 1st thing you need to re-check is the custom post type capabilities:
How did you define ‘news’ custom post type capabilities?Generally if you define ‘video’ custom post type for example, capabilities will be ‘create_videos’, ‘edit_videos’.
What will be for ‘news’ custom post type. Are there ‘create_newss’, ‘edit_newss’?
Then ‘create_news’ in a role will not work as ‘create_newss’ will be required.2nd, did you set any restrictions with “Admin Menu Access” add-on for this role?
No problem.
The only custom filter which is currently included to URE’s code related to the edit restrictions items at user level is ‘ure_post_edit_access_authors_list’.
$value = apply_filters('ure_post_edit_access_authors_list', $value);I will add more custom filters with a next version possibly.
You may use a general WordPress ‘get_user_metadata’ filter from get_meta_data() function:
$check = apply_filters( "get_{$meta_type}_metadata", null, $object_id, $meta_key, $single );Here:
$object_id : $current_user->ID,
$meta_key : $wpdb->prefix .’ure_categories_list’In both cases you should check if you set the category for this user or not yourself inside those filters.
“Admin Menu Editor” plays on the same field as the User Role Editor Pro “Admin menu access” add-on. They try to modify the same menu data structure simultaneously. So the conflict is very expected. In case you need extended menu modification functionality offered by Admin Menu Editor look at the Admin Menu Editor Pro and do not use “Admin menu access” add-on from URE. Admin Menu Editor Pro allows to assign to menu items custom user capabilities so there will be no need to block them, just add/revoke those capabilities to/from the roles.
Hi,
Does user can edit ‘Zees’ page if you assign him a ‘Zees’ role as a primary one?
I mean that if ‘Zees’ page was created by other user, current user should have ‘edit_others_pages’ capability in order he can edit it.
