Forum Replies Created
-
Posts
-
It’s the 1st time when someone tries to use “Content view restrictions” settings for the bbPress forums. Thanks for showing the issue which it raises. It seems I have to exclude bbPress’s custom post types (forum, topic, reply) from the “Content view restrictions” add-on scope.
“Content view restrictions” add-on is developed for the existing content: posts, pages, custom post types. That is for item, which is published from the back-end and authorized persons defines for it the view permissions.
Replies/answers is sent to forum topic from front-end by ordinal users, which are not authorized to set view permissions for their posts.
So “reply” custom post type item is published with default permissions – visible to all.If you restricted view for topic, it’s visibility for not authorized user depends from the selected access error action:
– topic is fully hidden from the topics list if “404” was selected,
and
– topic title is shown for all if “error message” was selected, even if user does not have permission to view this topic.Restriction applies just to this topic custom post type item content (description), and does not apply to any reply/answer sent to this topic, as ‘reply’ is another custom post type created by bbPress and every item may/should have own view permissions – which may be set directly at the reply backend editor.
Sorry for the long and possibly not too clear explanation, but finally I do not recommend to use “Content view restrictions” add-on for bbPress topics and replies. It’s not suitable for this purpose.
View restrictions for bbPress forums and topics requires a special solution.
Let me know if you are interested for custom solution which would restrict view of forum and/or topic by the user role. I may write it for testing with your help as the base for the future add-on for User Role Editor Pro.
Hi,
Let me test this. Show plugin download link if it’s free or share its .zip via DropBox or GoogleDrive. I use paid product received from client for the testing purpose only.
Hi,
URE Pro does not apply any restrictions to users with ‘administrator’ role. That’s why it helps.
Can you show screenshots what settings you made to restrict content view and what visible/hidden. If information is not for the public, you can send links directly to support [at-sign] role-editor.com
wp-admin menu item “Ninja Forms->Submissions” as all other “Ninja Forms” submenu items are protected by ‘manage_options’ user capability.
There is a custom filter ‘ninja_forms_admin_submissions_capabilities’ which allows to change default ‘manage_options’ capability to other one. But I did not test if it will be enough for access to full “Submissions” functionality of “Ninja Forms”.Hi,
Look at the “Admin menu access” add-on developed especially for this purpose. May be it will be suitable for you.
@armel,
Thanks for this report. I confirm the bug introduced with version 4.49.2. It’s related to the core version 4.48:
Update: Multisite: Sites list is not requested from database on every page load in order to increase page load speed.I will post here when the fix will be ready.
Just input your license key at to URE settings at a site with new domain. Previous one will be excluded automatically.
If it’s the same installation there is not need to do something.If it’s possible to look on your site on-line, send login credentials to support [at-sign] role-editor.com
I will look what argument causes redirection.Is role of such user restricted via “Admin menu access” add-on?
author role includes these capabilities by default:
delete_posts
delete_published_posts
edit_posts
edit_published_posts
publish_posts
read
upload_files‘read’ capability (General group) allows to user access wp-admin by default. If you have active WooCommerce, it changes this WordPress default behavior. User should have one from these capabilities for access to wp-admin:
manage_woocommerce, edit_posts, view_admin_dashboard.This may explain why user can not access wp-admin, after you revoke ‘edit_posts’ from his role.
About custom post type capabilities:
Custom post type is defined with special parameter ‘capability type’. If custom post type uses the same capability type as the WordPress built-in ‘post’ does, that is ‘post’, then this custom post type is protected by the same capabilities set: edit_posts, ‘delete_posts’, ‘publish_posts’, etc.
Any capability, like ‘edit_posts’ is granted to a role, not to a custom post type, or WordPress built-in type post. Capabilities groups to the left in a User Role Editor just shows a kind of permissions required for access to the functionality related to a group. Thus if few post types uses the same capability type you change access to all of them at once when: revoke ‘edit_post’ from a role. It does not matter which group you use to find ‘edit_posts’ and turn OFF its checkbox.If you need manage access to all custom post types separately there is a special option at “Settings->User Role Editor”: “force custom post types use their own capabilities”.
You have to aware that if you turn this option ON, you need to check roles if they have needed capabilities, e.g. ‘edit_attachments’, etc., as every post type will get its own capability type: post type ‘video’ – ‘edit_videos’, ‘project’: ‘edit_projects’, etc.OK. I looked at the WordPress source code.
I don’t see any access conditions for this sections at nav-menu. They are the usual meta boxes registered for this page.
Look at the “Screen Options” at the top of the nav-menus.php page, just in case if a “Projects” checkbox is not turned ON for this user.
