[Vladimir]

Hi Armel,

I did not receive a message with the updated login link. Please re-check.

[Vladimir]

Provided single site admin permissions is not enough to view all settings and try to reproduce the issue. Superadmin access is required.

Btw., I do not see it at your older video, – what role was granted to the user armel at the ‘lite’ subsite when you recorded that video?

I got a thought about possible confusion of pmpro level ‘lite’ and user role ‘lite’, for which you added admin menu access restrictions. Definitely pmrpo level is not a user role and vise versa.

2nd, after more careful look at the same video, I see that you did not really fulfill “Network Update”. When you clicked “Update” from admin menu ajax data exchange with server took some time and your next click on the “Network update” button did not take effect as URE Pro just waited/received ajax response from a server and showed notice at the top about “admin menu access data update” for the current role. It was made for the main site only. When you will click “Network update” you see 1st the dialog where you can select what add-ons data to replicate for all subsites. Look at this screenshot.

[Vladimir]

Yes, send admin login credentials to support [at-sign] role-editor.com
Let me know also what user do you test.

[Vladimir]

URE does not hide this admin bar menu item by default.
Add this code to your active theme functions.php file or setup it as a must-use plugin to change default behavior:

add_filter('ure_do_not_remove_from_admin_bar', 'ure_do_not_remove_from_admin_bar', 10, 1);

function ure_do_not_remove_from_admin_bar( $exclusions ) {
    
    foreach( $exclusions as $key=>$item ) {
    
        if ( $item==='edit-profile' ) {
            unset( $exclusions[$key] ) ;
            break;
        }
    }

    return $exclusions;
}

[Vladimir]

Check full list of user capabilities granted to this user. I mean some capabilities may be granted directly to a user, without using role. Go to “Users” page, select user row and click “Capabilities” link under it. Look for capabilities granted to this user.

[Vladimir]

I resolved a coockie issue with access to local copy of your site.

I can not repeat the problem with admin menu access. Testing showed that admin menu access works as expected, look this video.

Local copy differences: “iThemes Security” plugin is not active. I can not activate it for a while as I did not use SSL at local development environment yet. I hope to resolve this configuration issue and proceed if you give me more time.

It would be good if you send me (via email) a fresh temporal login link for superadmin user. I wish to compare some settings with your live site.

[Vladimir]

Hi Armel,

Thanks for this information. I will continue my investigations.

[Vladimir]

I did not have a solution yet.

Just FYI: I met a problem with local setup of your site copy. It’s the 1st time when even after removing from a copy all mu- and casual plugins, activating WP default theme and comparing all WP files with wordpress.org’s WP 5.0.3 installation package I still can not login to the local site copy – it reports about troubles with cookies. The 10+ other sites allows to login from the same browser but this copy does not… So I still finding what may be wrong.

Btw., can you try to deactivate temporary “iThemes Security (Better WP Security)” plugin? I have assumption that it may be a reason of a conflict with URE Pro admin menu access add-on. Let me know the result.

[Vladimir]

Not yet. I will try to find a solution tomorrow.

[Vladimir]

Thank you.
I will not touch any settings at the live site. I will contact you with the results of my investigation.

[Vladimir]

I see. Is it possible for you to share with me a copy of database and files (themes and plugins folders only)?
I would try to setup and analyse the issue at my local development environment.

If Yes, share files with support [at-sign] role-editor.com via DropBox or similar or provide access to FTP and MyPhpAdmin in order I can make needed copies myself.

[Vladimir]

1st, it’s not enough to block just top level menu item if you wish to block full menu. You have to mark as blocked all unneeded submenu items too.
2nd, be sure that you test admin menu access at the same subsite where you made restrictions for the role. “Apply to all subsites” option from the main site works for the roles only. It does not replicate add-ons data. You have to use “Update Network” button from the “Network admin->Users->User Role Editor” page for this purpose.

Do you have active some other plugin related to admin menu management? Like “Admin menu editor” or similar? It’s possible to get conflict in this case.

[Vladimir]

I recorded short video in parallel with you. I shows that ‘Admin menu access’ add-on blocks menu item for ‘tawk.to’ plugin included into the list you shared.

I will look your video now.

[Vladimir]

I tested your site and got to a conclusion that the reason of the described issue with access to restricted pages of logged-in users as they are not logged-in is the caching plugin, which shows to a logged-in user the cached copy of a page which was built for not logged-in visitor and thus, contains access error message.

[Vladimir]

Thanks.
Is this happened if you deactivate URE Pro. I mean not access to front-end menu and page, but logged-in user state. Will it stay logged-in after 7 minutes without URE Pro restrictions?

[Author]

Posts