Forum Replies Created
-
Posts
-
Working on the update I changed my decision – it will be more correct to apply additional options for any role, including administrator. It will give ability for customization for any users, including admins.
This update will be available at the 1st decade of July, 2018.
Thanks again.I confirm this information.
Additional options for role does not applied to the user with ‘ure_edit_roles’ capability, as such user can change any option for any role.
I will hide additional options for ‘administrator’ role in order theme not confuse users.Thank you for notification about this user interface inconsistency in URE.
Is it possible to look at your site online with ‘administrator’ privileges? If yes, send user login credentials to support [at-sign] role-editor.com
If ‘no’, I will ask you to share site backup copy created with UpdraftPlus plugin via DropBox or similar service.
I will can take more deep view on a possible problem and provide you better support.Such strict association does not exist. Any user with ‘list_users’, ‘edit_users’ can edit any other user except users with ‘administrator’ role.
Check if you applied to this role some additional restrictions – via “Other roles access” add-on, for example. Deactivate ALL URE’s add-ons for testing or even
deactivate URE and re-test. ‘ure_manage_options’ will not work at last case.OK.
wp-admin/includes/plugin.phpmay be not loaded at the point you tried to callis_plugin_active(), if you called it beyond function, hooked to the action.Error messages from the server logs will be useful in this case.
I made another test – code works without error. You can send your own functions.php to support [at-sign] role-editor.com. I will look what may be wrong with your version.Plugins on the activation (sometimes for the 1st time only) usually add custom capabilities exactly to the ‘administrator’ role to provide for admin a full access to a plugin.
If user can install new plugin, he can get a superadmin privileges in a minute adding to the site a plugin with a special PHP code. There is no sense to set any restrictions for such user, as he can overcome them in any moment.
New plugins should be installed by the person fully responsible for the site – superadmin. Even if user will not try to become a superadmin, adding new plugin may break the site – so it is a potential large problem for the future maintenance.
“as such user is a superadmin there.” – superadmin is a “God” for this site. He can anything. There are no restrictions for him inside existing functionality. There is no sense to limit him in any manner.
Thank you for a valuable suggestion. I can not tell about date when it will be realized, but I will really consider it for the plugin functionality enhancement.
Right. I explained that URE hides ‘administrator’ role and users with ‘administrator’ role by default from any user without ‘administrator’ role at your previous topic. More – URE hides all users with administrator role from any other user with ‘administrator’ role. This protection measure does not take effect for the WordPress built-in superadmin with ID=1.
User with ‘ure_manage_options’ capability is a superadmin for User Role Editor. So admin protection does not applied for such user too.
If you wish to switch this logic off use URE’s custom filter ‘ure_supress_administrators_protection’.
add_filter('ure_supress_administrators_protection', 'switch_off_ure_administrators_protection', 10, 1); function switch_off_ure_administrators_protection($supress_protection) { $supress_protection = true; return $supress_protection; }Similar topic was discussed at this thread.
1) URE hides ‘administrator’ role from ‘Role’ and ‘Other Roles’ drop-down lists by default.
2) URE exclude users with ‘administrator’ role from the users list by default.It makes this for users with ‘edit_users’ capability, which do not have ‘administrator’ role.
Thus there is no sense to hide/block ‘administrator’ role via ‘Other roles access’ add-on. ‘administrator’ checkbox is disabled for this reason.I confirm such behavior. It’s by design. URE does not apply any restrictions to a user with ‘administrator’ role for the single site WordPress installation as such user is a superadmin there.
I agree that checkboxes available for the selection at the “Other Roles” dialog window for the ‘administrator’ role may confuse a user. I will fix this with the next update.
You can change this logic under WordPress multisite, as it’s not enough to have ‘administrator’ role in order to be superadmin there. It’s possible via custom filter ure_not_block_other_roles_for_local_admin.Pay attention, that 1st, user should have edit access to the event, in order to see it. If event was created by other user, this user should be able ‘edit_others_events’ or similar capability. In other case such event will be hidden from user, even if you allow valid category ID for him.
‘manage_network_options’ is very critical capability in order to grant it to the single site administrators.
I see at the BuddyPress source code comments that “BuddyPress can now be activated
on individual sites”. BuddyPress activated for the single site (not network activated) will use single site capabilities and will be fully available to the single site admin. I suppose that this way of BuddyPress usage will be more suitable for you.This code snippet will exclude “WP Bakery Page Builder” welcome page menu item from the left side admin menu for the current user with ‘author’ role:
add_action('admin_menu', 'hide_vc_welcome', 100); function hide_vc_welcome() { global $menu; $user = wp_get_current_user(); if (empty($user)) { return; } if (!is_array($user->roles) || !in_array('author', $user->roles)) { return; } foreach($menu as $key=>$item) { if ($item[2]=='vc-welcome') { unset($menu[$key]); break; } } }
