Older Changes

[4.54.1] [27.12.2019]

Core version: 4.52.2

  • New: Other roles access add-on: Use custom ‘ure_other_roles_access’ filter to change restrictions for user dynamically. Filter takes 2 input parameters: 1) $blocked (array) – restrictions for current user; 2) $user (WP_User) – current user.
  • Fix: Other roles access add-on:
    – It was not possible to edit user from the users list, when “Not selected” model is turned ON.
    – There was a bug in processing roles with similar role IDs, like ‘customer’, ‘wholesaler_customer’. When you blocked ‘customer’ role, script automatically blocked similar role ‘wholesaler_customer’.
  • Core version was updated to 4.52.2
  • Fix: Custom capabilities for custom post types was not created by URE automatically since version 4.52.1.
  • Fix: ‘administrator’ role protection did not show to power users roles with ‘administrator’ word inside, like ‘shop_administrator’, etc.

[4.54] [25.11.2019]

Core version: 4.52.1

  • New: Multisite: “Network Admin->Users->User Role Editor->Network Update” URE Pro uses by default the main blog as a source of add-ons settings to replicate for all network. New custom filter ‘ure_get_addons_source_blog’ allows to use as a source blog any other existing subsite. Filter accepts single parameter – main blog ID by default. User this filter to return ID of blog/subsite which you wish to use as a source of add-ons settings for all other subsites.
  • Fix: PHP Notice: Undefined variable: post_id in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/content-view-restrictions-editor.php on line 150

[4.53] [14.11.2019]

Core version: 4.52.1

  • New: Front-end menus admin access add-on: Block access to the front-end (navigation) menus under “Appearance->Menu” for selected role.
  • Core version was updated to 4.52.1
  • Update: URE requires PHP version 5.6.
  • Update: ure_cpt_editor_roles filter was added. It takes 2 parameters: array $roles with 1 element ‘administrator’ by default and $post_type with post type name string. Add other role(s) to which you wish automatically add all user capabilities for custom post type $post_type. URE updates roles this way before opening “Users->User Role Editor” page.
  • Update: New own URE Pro user capability ‘ure_nav_menus_access’ was added. It allows to manage what front-end menus will be available for selected role.

[4.52] [03.10.2019]

Core version: 4.51.3

  • New: Content View Restrictions add-on: It’s possible to add view restrictions directly to post categories or any other custom taxonomies.
  • Update: Meta boxes access add-on: It’s possible to block/hide “Page Attributes” Gutenberg sidebar component blocking “Page”->”Page Attributes” meta box.
  • Fix: Content view restrictions add-on: Redirection from not available for view front/home page works as expected (“Page not found” error message was shown earlier).
  • Fix: Admin menu access add-on: When menu link is the same as the link of the single unblocked submenu item (all the rest items of the same submenu were blocked), menu link was removed as a blocked one.
  • Fix: Export single role: Exported file may lose 1-2 last characters and get wrong extension (.pdf in addion to expected .dat). Content type header was replaced with ‘application/octet-stream’;
  • Fix: Import single role: Error processing was enhanced for the cases of incorrect JSON data input. URE shows error message now instead of page reload in silence.
  • Fix: Settings->User Role Editor->Multisite->Activate access restrictions to User Role Editor for single site administrator: after turning ON this option URE produced PHP fatal error: Uncaught Error: Call to undefined method URE_Lib_Pro::filter_existing_caps_input() in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/settings-pro.php on line 192

[4.51.2] [03.09.2019]

Core version: 4.51.3

  • Update: Admin menu access add-on: Extra menu separators (if they follow one by one) are removed automatically.
  • Fix: Edit restrictions add-on: Restricted categories was available for selection in Gutenberg.
  • Core version was updated to 4.51.3:
  • Fix: line #281 at /includes/classes/view.php called to the not existing class property.
  • Fix: Dialog button labels inside User Role Editor (‘Cancel’ buttons especially) were shown with not correct translation or not translated at all.
  • Fix: Roles have saved in alphabet order after any role update. Roles order in the database is not changed now. Sorting is made for a view purpose only.
  • Update: Roles sorting inside WordPress roles dropdown lists is switched OFF by default. In order to switch WP roles dropdown lists sorting ON, return TRUE from ‘ure_sort_wp_roles_list’ filter.

[4.51.1] [15.06.2019]

Core version: 4.51.1

  • Fix: Post/Pages/Custom post types (CPT) edit restrictions add-on:
    – When CPT excluded from restrictions via ‘ure_restrict_edit_post_type’ filter, its categories list is not restricted for selection too.
  • Update: Meta boxes access add-on: It’s possible to automatically block Gutenberg components (right sidebar) – just block corresponding meta boxes: Categories, Tags, Featured Image, Excerpt, Discussion, Slug (Permalink).
  • Core version was updated to 4.51.1:
  • Fix: Superadmin could not revoke capabilities from ‘administrator’ role under WordPress multisite.

[4.51] [22.05.2019]

Core version: 4.51

  • New: Posts edit access add-on:
    – Custom filter ‘ure_edit_posts_access_add_orders_by_customer’ was added. It returns FALSE by default. If switch it to TRUE and turn ON “Own data only” option for role or user, add-on will make available for current user WooCommerce orders for which he is a customer. It may be useful for scenario, when order customer is allowed to edit his own orders. It will prevent current user from seeing orders from other customers.
    – Custom filter ‘ure_edit_access_posts_list’ was added. It allows programmatically set/change the list of posts ID which will be used to allow/prohibit editing for current user.
  • Fix: Content view restrictions add-on:
    – PHP notice was fixed: Undefined index: ure_prohibit_allow_flag in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/content-view-restrictions-posts-list.php on lines 398, 406.
    – If restriction is not set for a post or page, use default values from URE settings or hard-coded value if other is not available.
  • Core version was updated to 4.51:
  • New: Bulk actions were added to the Users page: “Add Role”, “Revoke Role”. Select role from the related drop-down menu and add/revoke it to/from the list of pre-selected users.
  • Update: Bulk grant roles feature (“Grant roles” button at the “Users” page) and Bulk grant role to users without role (“Without role” button at the “Users” page) are protected by ‘promote_users’ capability instead of ‘edit_users’, exactly the same way as WordPress itself does for its “Change role to”.
  • Update: ‘load-users.php’ action is used instead of ‘admin_init’ to load support code for “Without role” and “Grant roles” button at the “Users” page.
  • Update: URE ignores now a capability without ID in case it was added to the database somehow (other plugin bug, etc.). Such incorrect empty capability is removed from the capabilities list as a result after any role update.

[4.50.5] [01.04.2019]

Core version: 4.50.2

  • Fix: Posts/pages edit restrictions add-on: PHP “Notice: Undefined index: HTTP_REFERER in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/posts-edit-access.php on line 514” was fixed.

[4.50.4] [01.04.2019]

Core version: 4.50.2

  • Fix: Content view restrictions add-on: Option “Redirection to URL” does not work correctly for page containing GravityView shortcode, like “[gravityview id=’43’]”. Redirection code is hooked to the ‘template_redirect’ action with priority 9 now in order to be executed earlier than related code from Gravity View.
  • Fix: Admin menu access add-on: Endless redirection loop could took place in rare cases. If current URL is blocked URE selected automatically the 1st available admin menu item and redirects to it. Automatically selected menu item is checked against blocked URLs list to exclude such issue.
  • Fix: WordPress multisite: add-ons data from the main site was not copied to a new subsite in case new subsite was created from front-end.
  • Core version was updated to 4.50.2:
  • Fix: WordPress multisite: PHP Notice “wpmu_new_blog is deprecated since version 5.1.0! Use wp_insert_site instead.” was removed. URE uses ‘wp_initialize_site’ action now instead of deprecated ‘wpmu_new_blog’. This fix provides correct roles replication from the main blog/site to a new created blog/site.

[4.50.3] [16.03.2019]

Core version: 4.50.1

  • Fix: Admin menu access add-on:
    – “return=<...>” argument was not removed properly from “customize.php” URLs linked to “Appearance->Customize” and “Appearance->Header” submenu items.
    Attention! Reopen your “Admin menu” settings fro the restricted roles and check if these submenu items are still blocked after installing this update.
    – “Forms->System Status” menu item of “Gravity Forms” plugin was not supported properly. PHP Notice: “Undefined index: gf_system_status in wp-contentpluginsuser-role-editor-proproincludesclassesadmin-menu-view.php on line 108” was generated and broke the JSON response.
  • Fix: Network Admin->Users->Capabilities->Network Update: Fatal error: Warning: call_user_func_array() expects parameter 1 to be a valid callback, class ‘URE_Editor_Pro’ not found
  • Fix: Network Admin->Users->Capabilities->Network Update: Fatal error: Uncaught Error: Using $this when not in object context in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/editor-ext.php on line 103
  • Core version was updated to 4.50.1:
  • Fix: WP Multisite: Users->Capabilities->Update: “Fatal error: Uncaught Error: Call to undefined method URE_Editor::check_blog_user() in /wp-content/plugins/user-role-editor-pro/includes/classes/editor.php on line 576” was fixed.
  • Fix: WooCommerce group was not shown under Custom capabilities section.

[4.50.2] [05.03.2019]

Core version: 4.50

  • Fix: Meta boxes access add-on: PHP fatal error was fixed: Uncaught Error: Call to undefined method URE_Lib_Pro::set_notification() in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/meta-boxes-access.php:104
  • Fix: Posts view access add-on: PHP fatal error was fixed: Uncaught Error: Call to undefined method URE_Lib_Pro::set_notification() in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/posts-view-access.php:99

[4.50.1] [04.03.2019]

Core version: 4.50

  • Fix: Role import: Input data control was added to exclude PHP warnings, like “PHP Warning: array_walk_recursive() expects parameter 1 to be array, null given”. Error message was replaced with “Role file is broken or has invalid format”.
  • Fix: Front-end menu access add-on: Bug prevented this add-on normal loading.
  • Fix: Other roles access add-on: PHP fatal error was fixed: Uncaught Error: Call to undefined method URE_Lib_Pro::set_notification() in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/other-roles-access.php:109

[4.50] [04.03.2019]

Core version: 4.50

  • New: It’s possible to export all user roles from current site to CSV file. Go to “Settings->User Role Editor->Tools” and click “Export” button at “Export user roles to CSV file” section.
  • New: Multisite: Plugins list access for activation/deactivation restrictions is possible to replicate from the main site to the whole network.
  • Fix: Content view restrictions add-on: There was a conflict with bbPress ‘posts_request’ filter ‘bbp_has_replies_where’, which returned wrong result in case content view restrictions add-on was active. Description was not shown for the not restricted topics.
  • Core version was updated to 4.50
  • Update: General code restructure and optimization.
  • Update: URE_Base_Lib::get_blog_ids() returns null, if it’s called under WordPress single site (not multisite).
  • Update: URE_Editor::prepare_capabilities_to_save() : “Invalid argument supplied for foreach()” warning was excluded in case there was no valid data structures initialization.
  • Update: ‘administrator’ role protection was enhanced. URE always does not allow to revoke capability from ‘administrator’ role. That was possible earlier after the ‘administrator’ role update.
  • Update: 2 new actions ‘ure_settings_tools_show’ and ‘ure_settings_tools_exec’ allows to extends the list of sections available at the Settings->User Role Editor->Tools tab.

[4.49.3] 15.01.2019

Core version: 4.49

  • Fix: Multisite blogs ID list was built incorrectly due to bug in the code.Affected modules: add-ons network data replication, role data import./li>
  • Core version was updated to 4.49:
  • Update: Selected role ID was added to “Delete role” confirmation dialog.
  • Update: Method URE_Base_Lib::get_short_list_str() was enhanced.
  • Update: Method URE_Base_Lib::get_blog_ids() was made public.
  • Update: Method URE_Lib::get_usermeta_table_name() was excluded.
  • Fix: PHP warning “Undefined index:’unexisted role ID'” was fixed at URE_Lib::roles_text() (wp-content/plugins/user-role-editor/includes/classes/lib.php:360).
  • Fix: Bug was fixed with incorrect usage of transient for option “Show deprecated capabilities”.

[4.49.2] 04.01.2019

Core version: 4.48

  • Update: Content view restrictions add-on: redirection to URL: page path processing code was enhanced (URE_Content_View_Restrictions::get_page_path_from_url()).
  • Update: Admin menu access add-on: internal support was added for ‘tab’ URL argument used by “WP Mail Smtp” plugin. It excludes automatic redirection when user with restricted admin menu access tries to switch between tabs at the “WP Mail Smtp” plugin setting page.
  • Update: Posts/pages edit restrictions add-on: internal caching (based on WordPress transients) was rewritten in order to save/load data partially, for a single user only at the time, not for all at once.
  • Fix: Admin menu access add-on: PHP Warning: A non-numeric value encountered in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/admin-menu-view.php on line 299
  • Fix: Posts/pages edit restrictions add-on: custom fields list selection drop-down list was empty at a new created post for a restricted user. Internal cache which did not include a new created post record as allowed one is cleared now on the ‘wp_post_insert’ action.
  • Fix: Front-end menu access add-on: Compatibility was enhanced with other themes/plugins which use hook ‘wp_nav_menu_item_custom_fields’.
  • Core version was updated to 4.48:
  • Update: Multisite: Sites list is not requested from database on every page load in order to increase page load speed.
  • Update: URE plugin version update routine is called now at the wp-admin backend only.
  • Update: Direct access to URE_Lib::bbpress property was excluded as a preparation to future code enhancements.