[Vladimir]

The problem is related to the “Advanced custom fields Pro” plugin included into your theme. It’s marked as compatible with WordPress 5.2. But WordPress 5.4 includes long waited related update – it calls itself the ‘wp_nav_menu_item_custom_fields’ action, which allows to add custom UI elements to the front-end menu administration page. Outdated version of “Advanced custom fields Pro” calls ‘wp_nav_menu_item_custom_fields’ itself. That was a reason of duplicate output from URE Pro. I added checking if output for menu item was done to exclude similar issues in future.
I uploaded the updated version of code to your site. Thanks for your help with investigating this problem.

[Vladimir]

Thanks. I confirm the problem and investigate the issue with your installation.

[Vladimir]

OK. Thanks for the feedback.

[Vladimir]

If it’s possible to look at your site with admin credentials send URL and username/pwd to support [at-sign] role-editor.com

[Vladimir]

Hi,

It’s a known bug. You can try the beta version 4.56.b1, which includes the fix. You may take it from the “Download” page.

[Vladimir]

Dashboard widgets are realized as meta boxes really. Try meta boxes access add-on to hide it for selected role.

[Vladimir]

Thank you for the valuable suggestion. I applied it. It will be available with the next update.

[Vladimir]

Hi,

You can not make this via URE Pro user interface. Try this custom code. It hides all medial library items uploaded by user with ID=1 from users with roles event-admin or event-superadmin:

add_action('pre_get_posts', 'hide_attachments_for_role', 99);

function hide_attachments_for_role( $query ) {

    global $pagenow, $wpdb;
        
    if ( $pagenow !== 'upload.php' ) {
        return;
    }

    if ($query->query['post_type']!=='attachment') {
        return;
    }
    
    $user = wp_get_current_user();
    if ( $user->ID==1 ) {   
        return; // do not restrict super admin
    }
    
    if ( ! (in_array( 'event-admin', $user->roles ) || !in_array( 'event-superadmin', $user->roles ) ) ) {
        // do not hide media items uploaded by admin from roles others than above
        return;
    }
    
    $sub_query = "SELECT ID FROM {$wpdb->posts} 
                    WHERE post_type='attachment' AND post_author=1";
    $admin_list = $wpdb->get_col($sub_query);
    
    if ( empty( $query->query['post__in'] ) ) {
        if ( empty( $query->query['post__not_in'] ) ) {
            $query->set( 'post__not_in', $admin_list );
        } else {
            $list1 = array_merge( $query['post__not_in'], $admin_list );
            $query->set( 'post__not_in', $list1 );
        }
    } else {
        $list1 = array();
        foreach ( $query->query['post__in'] as $id ) {
            if ( !in_array($id, $admin_list)) {
                $list1[] = $id; // leave just allowed items
            }
        }
        if (empty( $list1 ) ) {
            $list1[] = -1;
        }
        $query->set( 'post__in', $list1 );
    }
}
// end of hide_attachments_for_role()

[Vladimir]

Hi,

“Settings->UpdraftPlus Backups” menu item is protected by ‘manage_options’ capability.
You may grant ‘manage_options’ capability to a role and block other items of the Settings menu via Admin menu access add-on.

[Vladimir]

I will add it to the upcoming version 4.56, end of April or begin of May, approximately.

[Vladimir]

Hi,

It does not depend from the presence of User Role Editor Pro. WordPress itself decide where to show UI to change default role for a new user.

For WordPress multisite:
Go to “Network ADmin -> My Sites” –> “Network Admin” –> “Sites” –> “All Sites” and select “Edit” on the site that you want to set the default role for, then click “Settings”. Scroll down and you should see “Default Role”. Set the role to ‘subscriber’(whatever you want) and save.

[Vladimir]

These articles explain how WordPress stores user roles:
Single site
Multisite

Grant all existing capabilities to ‘administrator’ role after you will restore it.

[Vladimir]

Yes, it’s by design. When you select role at the “Make copy of” field of the “Add role” dialog URE processes only the list of user capabilities of the selected role, nothing else.

[Vladimir]

Current version does not allow to realize this.

I will add to the next update the additional parameter “Blocking Model”, e.g.
Block: () Selected () Not Selected.
When “Not selected” choice will be made, URE will block all widgets/sidebars, which checkboxes are not turned ON, including any new items.

[Vladimir]

@ElizabethM: Thanks for your help.

Learndash (LD) plugin source code checking showed that LD uses 10 additional capabilities to manage access for quizies:
wpProQuiz_show
wpProQuiz_add_quiz
wpProQuiz_edit_quiz
wpProQuiz_delete_quiz
wpProQuiz_show_statistics
wpProQuiz_reset_statistics
wpProQuiz_import
wpProQuiz_export
wpProQuiz_change_settings
wpProQuiz_toplist_edit

You can find them under the ‘Custom capabilities’ group. LD grants these capabilities automatically to the ‘administrator’ role only. Did you try to grant them to your custom role in order to resolve the permissions problem?

Of course role should can all capabilities required by at least the LD courses custom post type:
delete_courses
delete_others_courses
delete_private_courses
delete_published_courses
edit_courses
edit_others_courses
edit_private_courses
edit_published_courses
publish_courses
read_private_courses

Let me know if you need the additional help.

[Author]

Posts