[Vladimir]

Hi Kevin,

There was one message from a client about conflict with W3 Total Cache some time ago. He planned to switch to another caching plugin.

I do not have a quick decision on hands. This issue requires the special investigation.
Did you tried to clear the cache at W3TC after updating admin menu settings in User Role Editor?

[Vladimir]

It seems I should optimize some SQL queries. How much pages (approximately) do you have at this site?
Edit restrictions are not applied to the users with ‘administrator’ role. So that query was not executed.

[Vladimir]

Thanks. I got it.

[Vladimir]

Deactivate “User Role Editor Pro” temporally and check if not logged in visitor sees the same list of jobs.

Did you setup any “Content view restrictions” for the jobs?

[Vladimir]

Hi,

“PressApps” menu is available to the role, but it’s not shown by “Admin menu” window, right?
It seems this plugin addes ‘pa_non_existent_capability’ programmatically, on the fly and uses some tricks with it (possibly filters), instead of adding it to the role directly.

You may send a copy of ‘PressApps Knowledge Base’ plugin to support email. I will investigate how to make its menu available for “Admin menu access’ module.

[Vladimir]

I see just menu definition code at the provided file. Did you define your custom post types somewhere else?

[Vladimir]

Hi Greg,

Open ‘Shop Manager’ role at Users->User Role Editor.
Revoke ‘activate_plugins’, add ‘manage_options’ capability. Click ‘Update’ to save your changes.
Test your changes. You will see that user got access to the ‘WitFTP’ menu item. But he got access to the ‘Settings’ and possibly other menus also.
That’s why I recommended you to activate ‘Admin menu access’ add-on and block with it menu items unneeded for the ‘Shop Manager’ role.

Let me know the result and if you need further help, including live site.

[Vladimir]

Yes, send your code to the support email. It will save to me some time.

[Vladimir]

I do not see the reason for that. I will make my own tests and try to repeat this.

[Vladimir]

Greg,

BackupBuddy uses ‘activate_plugins’ capability to protect all its menu items. So when you revoke ‘activate_plugins’ from ‘Shop Manager’ role it will not see ‘BackupBuddy’ menu.

You may add ‘manage_options’ capability to ‘Shop Manager’ role. It will see ‘WitFTP’ menu then. But it will see ‘Settings’ and some other menu items protected by the same ‘manage_options’ capability. You may block them for ‘Shop Manager’ role using ‘Admin menu access’ module:

Block WordPress Admin Menu Items

[Vladimir]

Hi Greg,

Permission to activate plugin does not give to a user a permission to use it.
If ‘activate/deactivate’ plugin is not critical function for your shop manager (you may activate those plugins once as administrator) you may do not give him ‘activate_plugins’ capability at all.

WitFTP protectes its menu item by ‘manage_options’ user capability.

You may use ‘Admin menu access’ add-on
https://www.role-editor.com/block-admin-menu-items
in order to block extra menu items which will become available to editor tole after you add to it the ‘manage_options’ capability.

It seems that shop manager has enough permissions to access BackupBuddy. I don’t have it on hands to check what capabilities it requires. I may check that if you send plugin copy to support email. I use such plugins for testing purpose and locally only.

[Vladimir]

WordPress uses just ‘edit_{post_type_name}’ by default. ‘create_{post_type_name}’ is added as additional restriction when you activate “edit restrictions” add-on at User Role Editor Pro settings. So restricted user without ‘create_’ capability can not add new posts.

[Vladimir]

That’s good that you found a workaround.
I did not make any tests myself yet. So, just my assumptions:
Did you define custom post type with 1st uppercase letter, like ‘News’ instead of ‘news’?
Some mess may take place with capability ID: ‘create_newss’ vs ‘create_Newss’. Last one could be not converted or converted to the lowercase somewhere.

[Vladimir]

I suppose that the 1st thing you need to re-check is the custom post type capabilities:
How did you define ‘news’ custom post type capabilities?

Generally if you define ‘video’ custom post type for example, capabilities will be ‘create_videos’, ‘edit_videos’.
What will be for ‘news’ custom post type. Are there ‘create_newss’, ‘edit_newss’?
Then ‘create_news’ in a role will not work as ‘create_newss’ will be required.

2nd, did you set any restrictions with “Admin Menu Access” add-on for this role?

[Vladimir]

No problem.

The only custom filter which is currently included to URE’s code related to the edit restrictions items at user level is ‘ure_post_edit_access_authors_list’.

$value = apply_filters('ure_post_edit_access_authors_list', $value);

I will add more custom filters with a next version possibly.

You may use a general WordPress ‘get_user_metadata’ filter from get_meta_data() function:

$check = apply_filters( "get_{$meta_type}_metadata", null, $object_id, $meta_key, $single );

Here:
$object_id : $current_user->ID,
$meta_key : $wpdb->prefix .’ure_categories_list’

In both cases you should check if you set the category for this user or not yourself inside those filters.

[Author]

Posts