Forum Replies Created
-
Posts
-
Hi edering,
I re-started work on this feature recently. Progress is about 2/3. I plan to include it into the next update (possibly November).
This function itself is not needed without filter line. So you may remove a whole part of the code: function with the filter line together.
Hi,
Look at the Other roles access add-on. You may block access to the other roles for the selected role.
Yes,
$restrict_it = false;When filter returns FALSE, URE does not apply any restrictions for this post type.
Why do not comment/remove exclude_posts_from_edit_news_restrictions() from the filter?
User will still can add new news, but only to this single category ‘McCaskey’ and see at the news list news only with this category.I found a reason of the problem, when edit restriction was not applied to the ‘page’ post type. It’s my own code I recommended to you to insert into functions.php. As you used it 2 time as filter. 2nd time it was executed with not ‘page’ post type as an input parameter, but with value replace by TRUE after the 1st execution. Replace your code in functions.php with this updated version:
// URE to allow Scholarship Role access to Scholarship plugin while restricting Pages for user add_filter('ure_restrict_edit_post_type', 'exclude_posts_from_edit_restrictions', 10, 1); function exclude_posts_from_edit_restrictions($post_type) { $restrict_it = $post_type; $user = wp_get_current_user(); if ( empty( $user) || !is_array( $user->roles ) ) { return $restrict_it; } if ( in_array( 'scholarships', $user->roles ) ) { // Role ID if ($post_type=='scholarship') { // CPT ID $restrict_it = false; } } return $restrict_it; } // end URE to allow Scholarship Role access // URE to allow News Role access to News plugin while restricting Pages for user add_filter('ure_restrict_edit_post_type', 'exclude_posts_from_edit_news_restrictions', 10, 1); function exclude_posts_from_edit_news_restrictions($post_type) { $restrict_it = $post_type; $user = wp_get_current_user(); if ( empty( $user) || !is_array( $user->roles ) ) { return $restrict_it; } if ( in_array( 'news', $user->roles ) ) { // Role ID if ($post_type==='news') { // CPT ID $restrict_it = false; } } return $restrict_it; }1) It does not changes post type argument for the next calls of this filter;
2) It does not user heavy weight current_user_can() function, which is not recommended to use when you need check role, not capability.Thank you.
There is a possible bug at URE Pro code which I should investigate and fix. At some conditions URE sends TRUE toure_restrict_edit_post_typeinstead of real post_type value. PHP evaluates ($post_type==’news’) expression as TRUE and switches off edit restrictions for pages too. This is a reason why user sees all pages instead of 1 allowed and its child page.Quick fix is to use exact type comparison operand ‘===’, like this:
‘
if ($post_type===’news’) { // CPT ID
‘You turned OFF edit restrictions for ‘news’ custom post type. This is a reason why user is not restricted edit this CPT by category you set at this user profile. As you comment/remove exclude_posts_from_edit_news_restrictions, user will still can add new news, but only to this single category and see at the news list news only with this category.
User with ‘edit restrictions’ should see at the post editor only “allowed” categories. If you allow 1 category, only that single category should be shown at the categories list. If it does not work as I described, I’m ready to check your settings online. I will need admin privileges for that. If this is possible, send credentials to support [at-sign] role-editor.com
Is it possible to look at your site with admin privileges?
If Yes, send credentials to support [at-sign] role-editor.comOther possible conflict with Authorizer – it uses ->set_role() in assumption that user always has the single role. It may be a problem when user has multiple roles and there are no approved role between them.
I did not hear about conflict between UM and URE yet. May be it’s the 1st time.
But…
Did user whose role is changed logged in earlier? May be he was included already into approved users’s list with older role and now Authorizer replaces his new role with older (approved) one? Can you test absolutely new user with new role who did not login with Authorizer yet?Is it possible to exclude user with changed role from Authorizer approved users list? May be you have to do this, in order such user get new role at the approved users list after the next login, but not the older one?
URE creates/edits user roles via WP API or directly in WP database.
Every role has 2 attributes: id and name in terms of URE’s user interface or in terms of WP API name (id) and display_name (name).
Look at the wp-includes/class-wp-roles.php:public function add_role( $role, $display_name, $capabilities = array() ) { if ( empty( $role ) || isset( $this->roles[ $role ] ) ) { return; } $this->roles[ $role ] = array( 'name' => $display_name, 'capabilities' => $capabilities, ); if ( $this->use_db ) { update_option( $this->role_key, $this->roles ); } $this->role_objects[ $role ] = new WP_Role( $role, $capabilities ); $this->role_names[ $role ] = $display_name; return $this->role_objects[ $role ]; }WP_User object which you can get from wp_get_current_user() contains roles property, which contains the list (array) of roles (ID) granted to user.
Look at the code from Authorizer:
// Ensure user has the same role as their entry in the approved list. if ( $user_info && ! in_array( $user_info['role'], $user->roles, true ) ) { $user->set_role( $user_info['role'] ); }Thus, if role granted to user is not found at Authorizer’s approved users list, plugin automatically changes it to some pre-approved role. I suppose you need to check some settings in Authorizer plugin.
