[Vladimir]

I recommend to use “Admin menu access” add-on for this purpose. There is a link to the post with example at the end of that post.

[Vladimir]

BuddyPress requires ‘manage_options’ capability in order a user has access to the “Groups” and “Activity” menu items. So we have to grant to a role at least the ‘read’ and ‘manage_options’ user capabilities to allow it the access to the “Groups” at wp-admin.

It’s possible to block “Settings” and other admin menu items protected by the same ‘manage_options” capability, using User Role Editor Pro add-on “Admin Menu Access“

[Vladimir]

“Revolution Slider” menu item is protected by ‘manage_options’ user capability. If you have to give this permission to the role with a limited access you should block for such role unnecessary menu items (including critical one like “Settings”). Use “Admin menu access” add-on for this.
Example with similar menu access blocking is available here.

[Vladimir]

Thanks for letting me know.

[Vladimir]

Yes, send login credentials to support [at-sign] role-editor.com
I will look on the issue on-site.

[Vladimir]

Hi Luis,

>> if i go to see the post or edit the post in the administration, in the gallery i see all the images that i have in my website
Please give me more details on this. When you edit a post you see just a shortcode like [gallery ids="646,645,647"]. Where you can see just the images included into a gallery except of front-end?

May be you use some plugin to work with galleries?

[Vladimir]

I understood now.
Taking into account a quant of users and pages, we can not effectively realize this model with User Role Editor Pro “Content View Restrictions” add-on.

In theory, you can create 200 roles, assign them to 200 users. Setup view restrictions for every page. Then assign the unique role to every page menu item with “Nav menu roles” plugin. But it’s so large routine manual work, that a special custom decision may be a quicker and easier way for some developer.

If this is the only reason, for which you bought User Role Editor Pro, just ask for refund.

[Vladimir]

Do you place this menu item to the front-end to just to show the page content to the linked user? Will it be allowed to user A see the content of the page from user B or access to the page view should be isolated for every page: one page – one user?

Or this is about the back-end and user will be capable to edit this single page?

[Vladimir]

Could you give me more details what do you wish to achieve? Roles by definition are the groups of users with the same permissions set. So 200 users with unique roles, finally 200 roles is little beyond the usual permissions model. WordPress is not designed for the very large quant of roles:
– all roles are loaded to the memory at once;
– Roles a listed as the views at the top of users list. Imagine how the “Users” page will be looked with 200 views links at the top. With 1 user at every view such views will have no sense
– Role selection user interface is realized as a drop-down list at the most of places including User Role Editor itself. So such controls will become unusable with 200 roles inside.

May be you need to re-design your idea and use some other WordPress feature, e.g. user metadata, etc. to differentiate users from each other?

One of potential variants: it’s possible to assign some unique capability to every user directly, not via role. It depends where do you plan to use this flag/value. Will it be really used as the part of permissions system or for some other purpose, like reporting, classification, etc.?

[Vladimir]

Hi Michal,

Does users exist at the site and you need to assign them some role?
Will it be the only (primary) role or you wish to add this role to one which user has already?

[Vladimir]

Thanks for this note. I introduced some changes to the hosting environment yesterday. It involved a switching to another SSL certificate. I missed a problem with CA certificates somehow.

I re-uploaded SSL certificate data to the server with CA certificates data together. A problem should be resolved. Try to open “Settings->User Role Editor” and check the license key stated.

[Vladimir]

Hi,

1st of all, nothing was changed at the user interface / background processing of user requests at “Admin menu access” add-on with 4.29 update. As earlier plugin sends standard jQuery AJAX request to the web server and gets back the HTML data to fill the form shown at the modal dialog window.

Is there any chance to get more detailed information what thing in the AJAX request is not liked by your antivirus. May be some information from the antivirus logs?

Does antivirus block other add-on buttons like “Posts Edit”, “Posts View”, “Meta Boxes” too?

[Vladimir]

Can that user edit the same post at the back-end?
What plugin do you use for front-end post form?

[Vladimir]

Let me know if you still need a custom decision for the ‘wp-lister’ plugin product search problem when you restrict access to admin menu using “block not selected” model.
It’s possible to provide by adding wp-lister parameters to the list of allowed parameters for this URL admin.php?page=wplister.

Compare, you allowed the at admin menu access to menu item with this URL
admin.php?page=wplister
but when we try to search a product, plugin try to use this URL
admin.php?page=wplister&listing_status&s=some_word&action=-1&profile_id&paged=1&action2=-1

[Vladimir]

Hi,

It does not have sense to set any restriction to the user or role if you allow him full access to the plugins: deactivating plugins, installing new plugins use can get full access to the site. The same is right if you give to a user a full access to the User Role Editor.

If you need to provide a restricted access to the WordPress admin back-end, first of all restrict it revoking unneeded user capabilities from the role. Leave capability at the role just in case user can not access some menu item without it.

I created another test role () at your site for demonstration and excluded from it almost all user capabilities you blocks with “Admin Menu”. Just after that I blocked the rest unneeded menu items with “Admin Menu”.

There are much less menu items to block. So, in order to provide you a quick decision for the product search problem with ‘wp-lister’ plugin, I blocked admin menu items for new role with “Block selected” model. When you block menu items using ‘block selected’ URE blocks just them and does not try to block others.
When you use “block not selected” URE compares full URLs, taking in account all parameters and, even if the main menu link is allowed, but you try to open it with the additional parameters, URE may block it, if parameters are not found in the list of allowed parameters. This is a reason why “product search with module” via wp-lister does not work currently with “block not selected” model.

Please test if user with new restricted role has the access, which you try to configure.

[Author]

Posts