[Vladimir]

Admin menu access add-on included to URE Pro blocks URLs linked to the blocked menu items, not simply hides them.

It’s not possible to achieve via granting/revoking user capabilities, what free version allows.
Finally all changes/extensions which Pro version brings to WordPress are realized with usage of some filters and actions.

You may use the code described here as a starting point.

[Vladimir]

I see only one way, how you can use URE Pro to resolve this task – try the “Admin menu access” add-on.

W3 Total Cache plugin protects all its admin menu items with ‘manage_options’ user capability. So you can grant ‘manage_options’ to a role and block all unneeded menu items selecting related checkboxes. I recommend to start from the “Block Selected” model, as ‘Block not selected’ will require more complex tuning.

For W3TC leave unselected(unchecked) only ‘Perfomance’ and ‘Dashboard’ menu items. This will leave to a role access to the dashboard page where different clear cache buttons will be available. URE Pro will block access to all other (selected) menu items and linked URLs.

[Vladimir]

Good point! Thanks for the suggestion. I will include it to the development plan for the next month.

[Vladimir]

Thanks for letting me know. Your post was automatically got status ‘Pending’ due to 3 links inside and I missed it. I published it now.

I need access to the membership plugin to look how to hide its “Select member type” drop-down menu. Is your membership plugin available at the wordpress.org/plugins? Send to support[at-sign]role-edito.com a direct link to it (at wordpress.org or to your own copy via DropBox or similar sevice).

[Vladimir]

Hi,

Replace line 628 with this version:

if ( !empty( $muPluginDir ) ) {
     $cachedResult = ( strpos( $pluginPath, $muPluginDir ) === 0 );                            
}

I will include this change into the next update of URE Pro.

[Vladimir]

Hi,

>>Can USER A login to SITE B?
Yes. WordPress multisite has the single users database table. User logins to the network, not to the site of the network. Then WordPress looks, what role(s) user have at the site, which he opens. Every site has own permissions. So user A will not have any permissions at the site B and may get probably ‘You do not have enough permissions’ error message when try to open wp-admin at the site B.

[Vladimir]

Roles & Capabilities list and user permissions are fully independent between subsites. So problem with access is related to the main site only in the part of the replication roles from the main site. You should get exact copy of permissions you grant to a roles at the main site after replication.

Try to grant ‘edit_posts’ in addition. Just in case it will help.

If you turned ‘ON’ the “Activate “Create” capability for posts/pages/custom post types” option at URE’s Settings then you have to grant ‘create_prosforas’ to a role in order it can add new ‘prosfora’.

Another assumption,
do you have ‘Activate user access management to editing selected posts, pages, custom post types’ option turned ON at URE’s Settings? If Yes, there a conflict is possible, in case, if ‘posfora’ CPT is defined with own custom user capabilities and developer check some of those capabilities directly in the code, e.g. current_user_can(‘cst_edit_prosforas’).
In this case URE can not help with redefining CPT capabilities. It works correctly only in case code takes capability to check directly from CPT definition, like
$cpt->caps['edit_posts'] (just for example) not ‘cst_edit_prosforas’.

[Vladimir]

URE shows “Delete Capability” button only if there are capabilities available for deletion – not assigned to any role, except ‘administrator’ one.
So, review your roles, revoke unneeded capabilities from them. “Delete Capabilities” button will become available again.

[Vladimir]

Yes, I confirm the result of your experiment.

How to sync user roles between all the sites of a mulitisite WordPress

[Vladimir]

Hi,

WordPress multisite grants access to users on the per site basis. Every subsite has its own user roles list and stores separately which roles are granted to which user.
Thus, user A will not have ‘Business Manager’ role access at the subsite B until you directly grant him “Business Manager” role at the subsite B.

[Vladimir]

Yes,
just replace array elements with your own data. If you have pages with ID: 3, 15, 7, then code line will be:

$args[‘include’] = array(3, 15, 7);

Yes, input parent page(s) ID to the correspondent input field at user profile or for a role. URE Pro will extract and add to restrictions all linked child pages ID automatically.

[Vladimir]

Hi,

Content view restrictions are about the front-end. In order to restrict the list of posts visible to a user at the back-end Posts lists, use edit restrictions “Own data only” option.

[Vladimir]

Hi,

The key permission for the comments moderation is “if user can edit a post, to which a comment was sent”: edit_posts, edit_published_posts, edit_others_posts.
‘moderate_comments’ is not about that. More information is here.

I don’t have a solution, how to prevent editors or even authors from comments moderation.

[Vladimir]

Hi,

Excellent!

[Vladimir]

Hi,

There is no special capability for this purpose. It’s normal for WordPress – allow to post author to edit his pending post while it’s not published by reviewer.

[Author]

Posts