[Vladimir]

Hi Conrad,

What kind of the access restrictions do you need to set: for view or for editing?
For edit access there is a bulk action ‘Edit access’ at the ‘Posts’ list page. After selecting it and click ‘Apply’ you will see popup dialog window where you may input posts and/or users ID list to apply those restrictions for.

View access for the role allows to input posts ID list too.

[Vladimir]

Hi,

This filter is useful only if you restricted the list of pages available to the user for the editing.

Check if user really has ‘Staff’ role. Try to deactivate all other plugins and test.

[Vladimir]

If you have ‘Activate “Create” capability for posts/pages/custom post types’ option active at ‘Settings->User Role Editor’, role should have capability ‘create_shop_coupons’ to see missing “Add Coupon” button.
I confirm the bug – User Role Editor did not added such capability automatically. I will prepare the fix.
Quick turnaround – add ‘create_shop_coupons’ capability manually.

[Vladimir]

Hi,

Thanks for the information.
I confirm the 2 bugs you found. I will develop the fix.

[Vladimir]

There is no such feature at Pro version currently. Thanks for the idea for future development. Yes, it’s possible.

I hope this post will help:
https://www.role-editor.com/restrict-the-list-of-parent-pages/

[Vladimir]

Hi,

The best way to replicate all roles from the main site to all subsites of the network is to click “Update Network” button at User Role Editor opened under “Network Admin – Users”.

When you click “Update Network” you should see popup window like this
https://storage.googleapis.com/role-editor/downloads/support/update-network-widgets-access.png
There is an option there to copy widgets access restrictions from main site to all others with roles together. Does it work as expected?

I confirm that menu access data is not copied currently. Export/Import data include only roles itself without extra data, like menu, widgets, etc. permissions for that role.
Initially, as different sites may have different plugins and themes set I did not think that such feature will be requested by users. But I see now, that it may be useful for someone. Your report is not the 1st.

I plan to add these features to one of the future updates: replicating and export/import all User Role Editor saved data, not roles only.

[Vladimir]

@birgitEFGS: Thanks for the information. I plan to limit a list of “not selected” URL blocked by “admin menu access” add-on with the URLs only which are included to the admin menu. This should resolve issues similar to one with posts edit page blocking. I will include this fix to the next update (1-2 weeks).

[Vladimir]

Hi Robert,

Thanks a lot for so detailed recommendations/suggestions. I appreciate it. Especially, the news about Justin Tadlock “Members” plugin recent update. It costs to pay the attention for, really.

Regards,
Vladimir.

[Vladimir]

Hi Ben,

Do you write about bbPress? URE does not support bbPress capabilities currently.

Send a download link of other plugin. I will check.

[Vladimir]

Thanks for the feedback.

Just in case it will be helpful, as a ‘must use’ plugin it should work without any “include” in functions.php and thus, for any theme, just from wp-content/mu-plugins folder:
https://codex.wordpress.org/Must_Use_Plugins

[Vladimir]

I offer you to remove related code from the functions.php file. Take file from this zip
https://storage.googleapis.com/role-editor/downloads/block-pages-for-role.zip
replace ‘editor’ with ‘franchise’, input your own pages ID list and place this .php file to
wp-content/mu-plugins folder. Test that it works.
Then apply your own enhancements if needed.

[Vladimir]

Code you showed is incomplete and invalid. It lost the begin of restrict_posts_list() function. Please re-check, what you added to the functions.php

[Vladimir]

This is the updated version, which takes into account front-end and blocks editing selected pages. You need update it for your role.

add_action('pre_get_posts', 'restrict_posts_list');

function restrict_posts_list($query) {

    if ( !is_blog_admin()) { 
        return $query;
    }
    
    if (current_user_can('administrator') || !current_user_can('editor'))  {
        return $query;
    }
    
    $suppressing_filters = $query->get('suppress_filters'); // Filter suppression on?

    if ($suppressing_filters) {
        return query;
    }

    if ($query->query['post_type']=='page') {            
        $posts_restriction_type = 2; // Prohibit
        $posts_list = array(709, 763);  // comma separated list of pages IDs
        if ($posts_restriction_type==1) {   // Allow
            $query->set('post__in', $posts_list);
        } else {    // Prohibit
            $query->set('post__not_in', $posts_list);
        }
    }

    return $query;
}
// end of restrict_posts_list()

function current_user_has_role($role_to_check) {
    global $current_user;
    
    $has_role = false;
    foreach($current_user->roles as $role) {
        if ($role===$role_to_check) {
            $has_role = true;
            break;
        }
    }
    
    return $has_role;
}
// end of current_user_has_role()

function get_pages_capabilities() {
    $cap_object = new stdClass();
    $cap_object->capability_type = 'page';
    $cap_object->capabilities = array();
    $cap_object->map_meta_cap = true;
    $capabilities = (array) get_post_type_capabilities($cap_object);
    
    return $capabilities;
}

add_filter('map_meta_cap', 'block_edit_pages', 10, 4);

function block_edit_pages($caps, $cap = '', $user_id = 0, $args = array()) {

    if (current_user_has_role('administrator') || !current_user_has_role('editor')) {
        return $caps;
    }
    
    if (substr($cap, 0, 4)=='read') {   // do not block read capabilities
        return $caps;
    }
    
    $posts_restriction_type = 2; // Prohibit
    $posts_list = array(709, 763);   // comma separated list of pages IDs
    

    $capabilities = get_pages_capabilities();        
    if (!isset($capabilities[$cap])) {
        return $caps;
    }

    if (count($args) > 0) {
        $post_id = $args[0];
    } else {
        $post_id = filter_input(INPUT_GET, 'post', FILTER_SANITIZE_NUMBER_INT);
    }
    if (empty($post_id)) {
        return $caps;
    }

    $post = get_post($post_id);    
    if (empty($post) || $post->post_type!=='page') {
        return $caps;
    }

    $do_not_allow = in_array($post_id, $posts_list);    // not edit these pages
    if ($posts_restriction_type == 1) {
        $do_not_allow = !$do_not_allow;   // not edit other pages
    }
    if ($do_not_allow) {
        $caps[] = 'do_not_allow';
    }

    return $caps;
}
// end of block_edit_pages()

[Vladimir]

Hi Robert,

Thanks for the information.
Refund was done.

Regards,
Vladimir.

[Vladimir]

Add to the begin of function:

function restrict_post_list($query) {

if (is_super_admin() || current_user_can('administrator')) {
    return $query;
}
...

or change the initial if condition to:

if (is_blog_admin() && !(is_super_admin() || current_user_can('administrator')) && current_user_can('franchise')) {

[Author]

Posts