[Vladimir]

If you need to replicate the only 1 role to all subsites you may go to the main site of your network and open User Role Editor there. Select role – ‘editor’ in your case, turn on needed capabilities, turn on ‘Apply to All Sites’ checkbox at the top:
https://storage.googleapis.com/role-editor/downloads/support/ure-apply-to-all-sites.png
Then click ‘Update’.

‘Network Update’ button in the User Role Editor at the ‘Network Admin’ center fully overwrites all roles at all sites by the roles from the main site.

[Vladimir]

Yes, add ‘No role for this site’ option to the list of roles to which you prohibited view access to the post.

https://storage.googleapis.com/role-editor/downloads/support/ure-content-view-restrictions-no-role-for-this-site.png

[Vladimir]

Pay attention that WordPress has 2 built-in post types: ‘post’ with capability type ‘post’ and ‘page’ with capability type ‘page’. When you set capability type of your custom post type as ‘page’ you will not see any new capability at ‘Custom capability’ as there is a set of WordPress built-in capabilities, like ‘edit_pages’, ‘delete_pages’, ‘publish_pages’, etc.

[Vladimir]

I tested the custom post type with “Custom Post Type UI” plugin in order to help you. Capability type was set to ‘page’. Such custom post type is unavailable to user without ‘edit_pages’ capability as expected. Open “Admin Menu” for the ‘Administrator’ role and look, what real capabilities are in use to protect your custom post type.
Some mistake takes place possibly if you define custom post type using PHP code and it takes default ‘post’ capability type then.

[Vladimir]

Hi,

Thank you. I confirm the bug with roles saving at ‘view restriction’ meta box for attachments. I fixed it in development version.

But this restriction just exclude the attachment post from listing by WordPress when attachment listing required directly. It does not protect file from download by typing its direct URL in the browser. It does not exclude this attachment from the posts or pages to which this attachment was included.

As a temporal workaround you may use URE shortcode:
https://www.role-editor.com/shortcode-content-view-access-restriction/
and show file URL or download link for the allowed role only.
It still will not prevent any visitor who knows direct URL from download this file, but download URL at the content will be available for the authorised users only.

In general you need a routine which should not show a direct URL to the file, but use the some kind of a download link, which will lead to the script where download will be started after checking user permissions only.

It’s possible that I will include such feature to the User Role Editor with time. Something like ‘digital file protection’ add-on.

Btw, may be some plugin from this list may help you to restrict access to the downloadable file using roles:
http://www.wpstuffs.com/plugins-to-manage-digital-downloads/

[Vladimir]

Hi,

I need more information: show ‘Settings->User Role Editor->Additional Modules’ tab screenshot and what value is set at the ‘CPT UI->Edit Post Types->Capability Type’ field for the ‘photo’ custom post type.

[Vladimir]

Wolf,

Does role contain ‘upload_files’ capability?
Also a theme should support this widget. Do you see that widget under editor or administrator role?

[Vladimir]

Login under that user and click on the “Screen Options” link at the top right corner and check if a “Featured image” checkbox is turned on their.

[Vladimir]

This code removes items from the list of parent pages at the ‘Page Attributes’ meta box placed to the right at the page editor screen. It does not related to any ‘main menu’.

If you name ‘main menu’ the menu to the left at the WordPress wp-admin, then use ‘Admin menu’ access add-on to block/hide that menu items from users:
https://www.role-editor.com/block-admin-menu-items
You don’t need any additional code for that.

If you write about some other menu, please clarify what menu do you mean.

[Vladimir]

Yes, replace ‘mynewrole’ with your own role name, for which you wish to setup the restriction.

[Vladimir]

Hi,

This code removes items from the “Parent” menu at the “Page attributes” meta box of the page editor.

Do not touch ’10, 2′ values. 10 – is a priority of execution, 2 – is a quant of parameters in use.

Page ID at the code sample is 47. If you need to remove a list of pages, add IDs as a comma separated list:

$args['exclude'] = array(47, 52, 67);

You may find page ID at the pages list – look post parameter value at the ‘Edit’ link under needed page. For example:

wp-admin/post.php?post=876&action=edit

Page ID is 876 for the link above.

[Vladimir]

Thanks for the feedback and suggestion.
While web-site invoice is not printable, send your company name, address, VAT Number (if needed) to [email protected] email. I will send you an invoice in PDF format then.

[Vladimir]

Hi,

replace

$thisUserPermissions =  $role;

with

$thisUserPermissions =  $name;

As user may have multiple roles assigned, it will be more universal to concatenate role names comma separated.

[Vladimir]

Thanks, Armin, for your feedback, suggestions and constructive critique.
I agree with you and try to dedicate more time for the detailed documentation of plugin features.

[Vladimir]

Hi Armin,

I will add this kind of update as an option. Thanks for the suggestion.

[Author]

Posts