Forum Replies Created
-
Posts
-
I get the ordinal 404 page (like 404.php from 2017) from the active theme with the same setting for post: for not logged-in user or for logged-in user with role not allowed for this post tries access page’s URL directly.
Did you try a WordPress default 2017 theme?
User Role Editor Pro includes a ‘Content View Restrictions‘ add-on which (since activated) allows to manage what roles can see what posts as at the post level, as at the role level.
Hi Giacomo,
Thanks for the good feedback.
You found a real bug. Thanks a lot. I confirm the case when these settings for post:
“Prohibit View – All visitors – Show access error message” returns 404 error instead of showing a globally set error message. I will re-test all options and publish the update in the 1st week of April.I always get a 404 page from the active theme for ‘Return 404 HTTP error’ option although.
Show a screenshot of the settings you made for your post which produces unexpected result. I will test them with a double attention.
Grant ‘manage_options’ to this role and restrict admin menu available to it via “Admin menu access” additional module.
You should grant ‘activate_plugins’ to role or user only in case you really wish that a user activate plugins. If you need to grant access to the menu created by some plugin, you have to grant other capabilities almost in 100% of cases.
I need a plugin copy to check what permissions it requires. You can send a .zip directly to support [at-sign] role-editor.com in case it’s a commercial product.
There is no public API or PHP function currently.
If you wish to build it yourself you can start from URE_Lib::wp_api_network_roles_update(), located at includes/classes/ure-lib.php.There is a difference:
– ‘Apply to All Sites’ replicates to subsites a currently selected role only.
– ‘Update Network’ replicates all existing roles from the main site to the subsites. Any subsite role which is not available at the main site is dropped. So this function is to synchronize all network permission.WPML menu is protected by these user capabilities:
– WPML wpml_manage_languages
– Languages wpml_manage_languages
– Theme and plugins localization wpml_manage_theme_and_plugin_localization
– Translation options wpml_manage_translation_options
– Support wpml_manage_support
– WP Menus Sync wpml_manage_wp_menus_sync
– Taxonomy Translation wpml_manage_taxonomy_translationRemove from user (role) a related user capability to remove menu item from a menu available to him.
I think that a ‘pencil’ (edit language translation) is greyed out as a user can not edit this post or related translation as it was created by other user. Test under user with ‘edit_others_posts’ capability.
Hi Amit,
I restored a site from your backup. You have 1 form with ID 4. You restricted a user businessowner01 to see the only form with ID=4. Other user businessowner02 does not have any restrictions. That’s why he sees form with ID=4. If you add a new form with ID=5, and set a similar restriction for the user businessowner02 in order he will see just the form with ID=5. He will not see any other form then. While a restriction field is empty for a user, this user sees all existing forms.
Be aware that using the different role management plugins simultaneously can lead to the problem as they play on the same field and may conflict in some cases. I see that you have a ‘Members’ plugin in a active state.
Hi,
1) network activate URE;
2) turn ON ‘Allow non super administrators to create, edit, and delete users’ option at ‘Network admin->Settings->User Role Editor->Multisite’ tab;
3) create new role, e.g. user_manager, at the main site via ‘Network Admin->Users->User Role Editor’;
4) add to it these capabilities: read, list_users, create_users, edit_users, delete users, promote_users, remove_users.
5) click ‘Update Network’ button to replicate this role to all subsites of your network.
6) assign this role to a user via ‘Network Admin->Users’: click ‘Capabilities’ under selected user row.
7) add this user with permissions granted together to all subsites of a network – click ‘Update Network’.You need to repeat the replication steps (Update Network) for role and user after a new subsites was added.
I make support work via off-line tools only.
You can send to my e-mail download links to .zip with your local WP installation files copy and exported MySql-database file. I will try to reproduce your issue at my own local environment then.
I just re-tested successfully with GF v. 2.1.3.8
Is it possible to look at your site on-line? If ‘Yes’, send admin credentials to support [at-sign] role-editor.comI see and can repeat a problem at my test environment. Thanks for your help in discovering it. I will publish the update in a week.
When you use ‘Block not selected’ model at ‘Admin menu’, URE allows just exact URLs linked to the selected menu items: users.php for ‘All Users’ menu in your case. Pay attention – without any parameters. But when we search a user, an URL will be:
users.php?s=edit&action=-1&new_role&paged=1&action2=-1&new_role2
Pay attention on a list of additional parameters added to it.
URE counts such URL as prohibited, that’s why contributor user is redirected to the 1st available menu item every time he try use a search feature at the ‘Users’ page.I should add those parameters to the list of allowed parameters for the user.php URL, but I missed this.
Temporal workaround – switch to the ‘Block Selected’ model at ‘Admin menu’:
– select ‘Block selected’ at the top, then click on the top left checkbox with a ‘Shift’ key together – this will invert menu items selection. Save your updates.Recommendations: try to exclude unneeded menu items by revoking the related user capabilities 1st. Use ‘Admin menu’ to block menu items just for menus which you can not exclude via user capabilities, like in case with ‘edit_posts’. ‘Admin menu’ is the extension to the core permission system. But ‘user capabilities’ is primary defence level.
You can easily exclude some menus without ‘Admin menu’, just by revoking ‘manage_links’, ‘manage_eventon’ capabilities from ‘contributor’ role.
