[Vladimir]

Please confirm that you turned ON the ‘Enable “unfiltered_html” capability’ checkbox at the “Network admin->Settings->User Role Editor->Multisite” tab.

[Vladimir]

bbPress checks capability to create topic own way, not as WordPress itself does for any post type:

if ( current_user_can( $post_type_object->cap->create_posts ) ) {

That’s why URE Pro currently does not change bbPress logic to use ‘create_topics’ as expected, even with correspondent option is turned ON at URE’s settings. I will include the fix to the next update.

Thank you for pointing me this. You may use the solution offered above as a temporal workaround until I will publish the version of URE Pro which will support this correctly.

[Vladimir]

bbPress checks if user can create topic ising the function from the bbpress/includes/users/template.php, #2253

function bbp_current_user_can_access_create_topic_form() {

	// Users need to earn access
	$retval = false;

	// Always allow keymasters
	if ( bbp_is_user_keymaster() ) {
		$retval = true;

	// Looking at a single forum & forum is open
	} elseif ( ( bbp_is_single_forum() || is_page() || is_single() ) && bbp_is_forum_open() ) {
		$retval = bbp_current_user_can_publish_topics();

	// User can edit this topic
	} else {
		$retval = current_user_can( 'edit_topic', bbp_get_topic_id() );
	}

	// Filter & return
	return (bool) apply_filters( 'bbp_current_user_can_access_create_topic_form', (bool) $retval );
}

It shows that some time bbPress checks publish_topics, some times ‘edit_topics. But the good news that bbPress offers custom filter bbp_current_user_can_access_create_topic_form where you can check you own capability, like ‘create_topics’ and participant role will can not create topics until you will not grant ‘create_topics’ to it. Like below:

add_filter( 'bbp_current_user_can_access_create_topic_form', 'bbp_current_user_can_create_topic', 10, 1 );
function bbp_current_user_can_create_topic( $ret_val ) {
    $ret_val = current_user_can( 'create_topics' );
    
    return $ret_val;
}

You may add this code to the active theme’s functions.php file of or setup it as a Must Use plugin.

[Vladimir]

Hi,

I confirm the issue. While I added visual changes to the permissions dialog I did not added support for them to the access restriction code. So update was not finished. That’s my fault. Just discovered that yesterday. I will make the fix available in a week.

[Vladimir]

No, you can not manage access to the different tabs inside the page using URE.
It’s just about to allow the URL edit.php with ‘tab’ parameter inside (with any value).

To permit role ‘orders’ to edit gift cards add ‘edit_product’ capability (from ‘Products’) group to this role. I can not explain the logic. Debugger just showed that YGC plugin defines it own custom post type this way.

[Vladimir]

Make the search as admin and look at the URL parameters, try to add them into the list of allowed parameters for this custom post type menu item link:

Admin menu URL parameters white list

[Vladimir]

Hi Erik,

I resolved the issue with this redirection. It’s not obvious though. YITH defines “Gift Cards” menu item as /wp-admin/admin.php?page=yith_woocommerce_gift_cards_panel, but redirects it to the really used /wp-admin/edit.php?post_type=gift_card&yith-plugin-fw-panel-skip-redirect=1
So I had to register the yith-plugin-fw-panel-skip-redirect and tab URL parameters for `edit.php’ as allowed for ‘edit.php’ link:

[Vladimir]

Can I look at your site with admin privileges? If Yes, send URL, user/password to support [at-sign] role-editor.com

[Vladimir]

Hi,

Just to check, will issue go away if you unblock access to the built-in ‘Posts’ menu item?

[Vladimir]

Did you block some menu items for this role using “Admin menu”? If Yes and use ‘not selected’ blocking model, try to switch to ‘selected’ as a workaround or read carefully last part of the documentation article “Technical details” in relation to “Block not selected” variant.

[Vladimir]

Hi,

Is it possible to look at your site with administrator privileges? If ‘Yes’, send user/password and site URL to support [at-sign] role-editor.com

[Vladimir]

You can activate “Admin menu access” add-on:
https://www.role-editor.com/block-admin-menu-items
select ‘Administrator’ role at Users->User Role Editor and look, what capability is used by plugin to protect its menu item(s).

[Vladimir]

Can you save such changes as a user with custom role in case you switch Off “Admin menu access” checkbox in the URE Settings temporally?

If ‘Not’ problem may be not related to URE, but to JavaScript/AJAX error. Look for any error messages in the browser JavaScript console.

[Vladimir]

It’s possible to allow to a user with one role to edit only users of the selected role(s). Look at the “Other roles access” add-on. I think you can use it as a workaround for your task.

For example, use different roles: Role A, role B. Grant to role A list_users, edit_users and allow it access to the users with role B only…

[Vladimir]

If you use “Not Selected” model, pay attention of the final part “Technical Details” of the article:

Block WordPress Admin Menu Items

[Author]

Posts