[Vladimir]

OK.

In general ‘delete_others_topics’ should allow to delete topic created by other user. User without this capability should be able to delete own topics only.

Do you use a role provided by bbPress, like participant? Or do you grant bbPress capabilities to a custom role?

Check full list of capabilities available to your user. Go to Users and click ‘Capabilities’ link under the user row. Click ‘Granted Only’ checkbox, make screenshot and send a link to it here or screenshot itself to support [at-sign] role-editor.com.

[Vladimir]

‘Newsletter’ plugin was written in special way: it defines admin menu items with virtual capability ‘exist’ which available to any user.

‘Newsletter’ applies/checks permissions before it defines admin menu items. It’s not friendly to the WordPress user capabilities system. It uses directly WordPress built-in roles: administrator or editor (if it’s allowed at the plugin settings page – “Enable access to blog editors”. Parts of menu is available for the ‘administrator’ role only:

function is_allowed() {
        return current_user_can('administrator') || $this->options['editor'] == 1 && current_user_can('editor');
    }

    function admin_menu() {
        if (!$this->is_allowed()) return;
       
        add_menu_page('Newsletter', 'Newsletter', 'exist', 'newsletter_main_index', '', plugins_url('newsletter') . '/images/menu-icon.png', '30.333');

        $this->add_menu_page('index', __('Dashboard', 'newsletter'));
        $this->add_admin_page('info', __('Company info', 'newsletter'));
       
        if (current_user_can('administrator')) {
            $this->add_menu_page('welcome', __('Welcome', 'newsletter'));
            $this->add_menu_page('main', __('Settings and More', 'newsletter'));
            $this->add_admin_page('smtp', 'SMTP');
            $this->add_admin_page('status', __('Status', 'newsletter'));
        }
    }

So User Role Editor will not help you with access to this plugin for a custom role. It would be possible only after direct editing of the code above and other.

[Vladimir]

resume_plugins and `resume_themes’ capabilities are not created by wordpress as all other WP built-in user capabilities. This capabilities are added by WordPress to the user automatically in case user has correspondent WP default capability:

/**
 * Filters the user capabilities to grant the 'resume_plugins' and 'resume_themes' capabilities as necessary.
 *
 * @since 5.2.0
 *
 * @param bool[] $allcaps An array of all the user's capabilities.
 * @return bool[] Filtered array of the user's capabilities.
 */
function wp_maybe_grant_resume_extensions_caps( $allcaps ) {
	// Even in a multisite, regular administrators should be able to resume plugins.
	if ( ! empty( $allcaps['activate_plugins'] ) ) {
		$allcaps['resume_plugins'] = true;
	}

	// Even in a multisite, regular administrators should be able to resume themes.
	if ( ! empty( $allcaps['switch_themes'] ) ) {
		$allcaps['resume_themes'] = true;
	}

	return $allcaps;
}

As you can see from the code above, user with ‘activate_plugins’ automatically can ‘resume_plugins’ and user with ‘switch_themes’ automatically can ‘resume_themes’.

[Vladimir]

Hi James,

Gravity Forms adds menu for add-on if current user has access to this add-on. Permission is checked this way:

if ( $this->current_user_can_any( $this->_capabilities_plugin_page ) ) {
	//creates the subnav left menu
	add_filter( 'gform_addon_navigation', array( $this, 'create_plugin_page_menu' ) );
}

current_user_can_any() function works this way:

public static function current_user_can_any( $caps ) {

	if ( ! is_array( $caps ) ) {
		$has_cap = current_user_can( $caps ) || current_user_can( 'gform_full_access' );

		return $has_cap;
	}

	foreach ( $caps as $cap ) {
		if ( current_user_can( $cap ) ) {
			return true;
		}
	}

	$has_full_access = current_user_can( 'gform_full_access' );

	return $has_full_access;
}

Thus, _capabilities_plugin_page property is a key for access to the plugin. If user does not can _capabilities_plugin_page, code checks if user has older style full access to the GF plugin – ‘gform_full_access’.

_capabilities_plugin_page property of the base class for any add-on GFAddOn is empty by default:

	/**
	 * @var string|array A string or an array of capabilities or roles that have access to the plugin page
	 */
	protected $_capabilities_plugin_page = array();

“Pardot Connector” (PC) plugin does not define this property too. Thus the only way to get access to PC plugin when role editor plugin is active and GF uses detailed capabilities list instead of the single gform_full_access is to grant to a role gform_full_access.

Workaround (fix): add $_capabilities_plugin_page property to PC plugin, like this (look at the last line in the code fragment below):

class PardotGravityFormsConnectorAddOn extends GFFeedAddOn {

	protected $_version = PARDOT_GRAVITYFORMS_CONNECTOR_VERSION;
	protected $_min_gravityforms_version = '1.9';
	protected $_slug = 'pardot-gravityforms-connector';
	protected $_path = 'pardot-gravityforms-connector/pardot-gravityforms-connector.php';
	protected $_full_path = __FILE__;
	protected $_title = 'Pardot Gravity Forms Connector';
	protected $_short_title = 'Pardot Connector';
        protected $_capabilities_plugin_page = 'gravityforms_edit_settings';

This way ‘administrator’ role will get access to PC plugin without ‘gform_full_access’ capability.

[Vladimir]

According to mentioned ‘delete_other_topics’ capability I suppose that you use bbPress plugin for work with forum. Please confirm?

[Vladimir]

Use “Meta boxes access” add-on to block unneeded meta boxes for selected role.

[Vladimir]

Needs to assign a role access to woocommerce customers (not wp users) in admin

[Vladimir]

Look at my answer on your previous topic.

[Vladimir]

Every admin menu item is protected by user capability. ‘Posts’ uses ‘edit_posts’, ‘Settings’ uses ‘manage_options’, etc.
If you don’t know what capability is required for access to some admin menu item, like mentioned ‘Customers’ use “Admin menu access” add-on in order to find that capability.
You may activate this add-on and open its dialog at the “User Role Editor” for the ‘administrator’ role, which has access to all admin menu items. Then scroll menu items list, and look at the “Capability” column.

[Vladimir]

James,

I got it, thanks.
Quick workaround add new capability ‘gform_full_access’ and grant it to ‘administrator’ role.
I will investigate later (1-2 days) what another capability is required by GF for Pardot add-on in case role does not have ‘gform_full_access’ capability.

[Vladimir]

Can you share “Pardot Connector” plugin with me to check what prevents access?
Use DropBox similar service, share with support [at-sign] role-editor.com

[Vladimir]

Hi James,

Check if you have full access to Gravity Forms itself after activate User Role Editor. It may be related too.
GF plugin itself changes its work with permissions if detects plugin which allows to edit user roles. It requires capabilities from more detailed list in this case. GF add-on may follow it.

Go to Users->User Role Editor, select ‘Administrator’ role and look if there are any not granted capabilities from “Gravity Forms” group.

[Vladimir]

I did not tested updates with WP CLI.

URL to take the latest URE Pro .zip from updates server is:
https://update.role-editor.com/?action=download&slug=user-role-editor-pro&license_key=add-your-license-key-here

[Vladimir]

Hi,

To be sure that URE Pro is not involved here, deactivate it temporally and re-test. Let me know a result.

I think, it’s better to ask question to polldaddy plugin support, as ‘User Code Invalid, 920’ is apparently their server API response.

[Vladimir]

Try to deactivate all plugins except URE Pro and test again. Will issue go away? If ‘Yes’, activate plugins back one by one to isolate a problem.

[Author]

Posts