Change WordPress user roles and capabilities › Forums › Restrict or Permit access inside WordPress – how to › New role – admin access
- This topic has 5 replies, 2 voices, and was last updated 7 years, 10 months ago by Vladimir.
-
AuthorPosts
-
05/02/2017 at 09:25 #3330arjualebParticipant
Hi,
I created a new role for my accountant. I granted read/edit rights for shop orders.
However with this role the user doesnt get into the backend (always redirected to my account page)Can you please tell me what setting I am missing to set correctly?
05/02/2017 at 09:43 #3331VladimirKeymasterHi,
I suppose you use WooCommerce.
Add ‘view_admin_dashboard’ capability to to this role to resolve a redirection to front-end problem. Read this article for more details about it.05/02/2017 at 15:12 #3332arjualebParticipantYes, I’m using WooCommerce.
I added ‘view_admin_dashboard’ capability to to this role, but it will still redirect me to the frontend.
I currently have this enabled for the role:
Edit others shop orders
Edit shop orders
Read
Read private shop orders
Read shop order
View admin dashboard05/02/2017 at 15:47 #3333VladimirKeymasterStrange. Try to exclude redirection to front-end with this filter (add code to the functions.php file of your active theme):
add_filter('woocommerce_prevent_admin_access', '_wc_prevent_admin_access', 10, 1); function _wc_prevent_admin_access($prevent_admin_access) { return false; }
Will it work?
06/02/2017 at 01:26 #3334arjualebParticipantWorks now.
As we can se in class-wc-admin.php there we have the condition:
if ( ‘yes’ === get_option( ‘woocommerce_lock_down_admin’, ‘yes’ ) && ! is_ajax() && basename( $_SERVER[“SCRIPT_FILENAME”] ) !== ‘admin-post.php’ && ! current_user_can( ‘edit_posts’ ) && ! current_user_can( ‘manage_woocommerce’ ) ) {
$prevent_access = true;
}where woocommerce_lock_down_admin is deprecated and defaults to yes in all cases. So what would actually be necessary to allow a user to edit posts or manage woocommerce so the backend works.
Perhaps you include your filter in the next version of the role editor plugin os it works for all people without custom code.06/02/2017 at 02:00 #3335VladimirKeymasterIt seems that you use an older version of Woocommerce. If we look at the latest one, this code looks like:
public function prevent_admin_access() { $prevent_access = false; if ( 'yes' === get_option( 'woocommerce_lock_down_admin', 'yes' ) && ! is_ajax() && basename( $_SERVER["SCRIPT_FILENAME"] ) !== 'admin-post.php' ) { $has_cap = false; $access_caps = array( 'edit_posts', 'manage_woocommerce', 'view_admin_dashboard' ); foreach ( $access_caps as $access_cap ) { if ( current_user_can( $access_cap ) ) { $has_cap = true; break; } } if ( ! $has_cap ) { $prevent_access = true; } } if ( apply_filters( 'woocommerce_prevent_admin_access', $prevent_access ) ) { wp_safe_redirect( wc_get_page_permalink( 'myaccount' ) ); exit; } }
You can see that ‘view_admin_dashboard’ was added. This could be the reason why this capability did not work for you. Custom code to add WooCommerce’s ‘woocommerce_prevent_admin_access’ filter is not needed with it. So, in hope that the most of clients use the latest version of WooCommerce, there is no need to add such code to the User Role Editor.
-
AuthorPosts
- You must be logged in to reply to this topic.