[Vladimir]

Hi James,

Gravity Forms adds menu for add-on if current user has access to this add-on. Permission is checked this way:

if ( $this->current_user_can_any( $this->_capabilities_plugin_page ) ) {
	//creates the subnav left menu
	add_filter( 'gform_addon_navigation', array( $this, 'create_plugin_page_menu' ) );
}

current_user_can_any() function works this way:

public static function current_user_can_any( $caps ) {

	if ( ! is_array( $caps ) ) {
		$has_cap = current_user_can( $caps ) || current_user_can( 'gform_full_access' );

		return $has_cap;
	}

	foreach ( $caps as $cap ) {
		if ( current_user_can( $cap ) ) {
			return true;
		}
	}

	$has_full_access = current_user_can( 'gform_full_access' );

	return $has_full_access;
}

Thus, _capabilities_plugin_page property is a key for access to the plugin. If user does not can _capabilities_plugin_page, code checks if user has older style full access to the GF plugin – ‘gform_full_access’.

_capabilities_plugin_page property of the base class for any add-on GFAddOn is empty by default:

	/**
	 * @var string|array A string or an array of capabilities or roles that have access to the plugin page
	 */
	protected $_capabilities_plugin_page = array();

“Pardot Connector” (PC) plugin does not define this property too. Thus the only way to get access to PC plugin when role editor plugin is active and GF uses detailed capabilities list instead of the single gform_full_access is to grant to a role gform_full_access.

Workaround (fix): add $_capabilities_plugin_page property to PC plugin, like this (look at the last line in the code fragment below):

class PardotGravityFormsConnectorAddOn extends GFFeedAddOn {

	protected $_version = PARDOT_GRAVITYFORMS_CONNECTOR_VERSION;
	protected $_min_gravityforms_version = '1.9';
	protected $_slug = 'pardot-gravityforms-connector';
	protected $_path = 'pardot-gravityforms-connector/pardot-gravityforms-connector.php';
	protected $_full_path = __FILE__;
	protected $_title = 'Pardot Gravity Forms Connector';
	protected $_short_title = 'Pardot Connector';
        protected $_capabilities_plugin_page = 'gravityforms_edit_settings';

This way ‘administrator’ role will get access to PC plugin without ‘gform_full_access’ capability.

[Vladimir]

According to mentioned ‘delete_other_topics’ capability I suppose that you use bbPress plugin for work with forum. Please confirm?

[Vladimir]

Use “Meta boxes access” add-on to block unneeded meta boxes for selected role.

[Vladimir]

Needs to assign a role access to woocommerce customers (not wp users) in admin

[Vladimir]

Look at my answer on your previous topic.

[Vladimir]

Every admin menu item is protected by user capability. ‘Posts’ uses ‘edit_posts’, ‘Settings’ uses ‘manage_options’, etc.
If you don’t know what capability is required for access to some admin menu item, like mentioned ‘Customers’ use “Admin menu access” add-on in order to find that capability.
You may activate this add-on and open its dialog at the “User Role Editor” for the ‘administrator’ role, which has access to all admin menu items. Then scroll menu items list, and look at the “Capability” column.

[Vladimir]

James,

I got it, thanks.
Quick workaround add new capability ‘gform_full_access’ and grant it to ‘administrator’ role.
I will investigate later (1-2 days) what another capability is required by GF for Pardot add-on in case role does not have ‘gform_full_access’ capability.

[Vladimir]

Can you share “Pardot Connector” plugin with me to check what prevents access?
Use DropBox similar service, share with support [at-sign] role-editor.com

[Vladimir]

Hi James,

Check if you have full access to Gravity Forms itself after activate User Role Editor. It may be related too.
GF plugin itself changes its work with permissions if detects plugin which allows to edit user roles. It requires capabilities from more detailed list in this case. GF add-on may follow it.

Go to Users->User Role Editor, select ‘Administrator’ role and look if there are any not granted capabilities from “Gravity Forms” group.

[Vladimir]

I did not tested updates with WP CLI.

URL to take the latest URE Pro .zip from updates server is:
https://update.role-editor.com/?action=download&slug=user-role-editor-pro&license_key=add-your-license-key-here

[Vladimir]

Hi,

To be sure that URE Pro is not involved here, deactivate it temporally and re-test. Let me know a result.

I think, it’s better to ask question to polldaddy plugin support, as ‘User Code Invalid, 920’ is apparently their server API response.

[Vladimir]

Try to deactivate all plugins except URE Pro and test again. Will issue go away? If ‘Yes’, activate plugins back one by one to isolate a problem.

[Vladimir]

Hi Garmine,

Look if role does not have this capability ‘gform_full_access’. If it was granted accidentally, revoke it.

[Vladimir]

Thanks for the help with testing.

[Vladimir]

Mentioned guide is about restriction of access of user with selected role to other roles during new user creation or user editing.

URE Pro does not realize any filters for which roles can be granted as primary or which roles can be granted as others only.

More, WordPress does not realize any special attribute to differ primary and other roles granted to user. There are just a list of roles, PHP array. 1st role in that list is counted as primary role. If you revoke that role from a user, role which was 2nd in the roles list for this user, will become 1st, or by other words – primary. WordPress checks user permissions by simple sum of all capabilities from all roles assigned to a user.

[Author]

Posts