[Vladimir]

Hi,

You may revoke ‘manage_woocommerce’ capability from ‘shop_manager’ role. Shop manager will lost access to WooCommerce settings page.

Btw., WooCommerce restores its user roles on every activation. I can not exclude that revoked capability will be appear at the WooCommerce built-in role again with time. It’s better to create a copy of Shop Manager role and modify it to be sure.

[Vladimir]

Hi,

I suppose that the mentioned role is restricted via “Admin menu access” add-on. If you use “Block not selected” model read carefully the “Technical Details” part of the documentation article.

[Vladimir]

Generally to grant access to the custom post type, like ‘Podcasts’:
Go to the “Users->User Role Editor” page and look at the “Custom post types->Podcasts” group. If it contains unique user capabilities, like edit_podcasts, then grant needed of them to the contributor role, similar to the ‘Posts’.
If it contains the same ‘edit_posts’, etc., read this article:

Manage access to the custom post types?

In order to convert editor role back to the contributor you have to revoke from it edit_published_% (like ‘edit_published_posts’) and publish_% (like publish_posts) capabilities.

[Vladimir]

WordPress stores capabilities in the roles only. ‘administrator’ role has all existing capabilities by default. URE looks if custom capability is used by other roles before decide if it could be deleted. Custom capability does not exist after deletion, until you will not add it back manually. When you add new custom capability it’s granted to the ‘administrator’ role automatically.

[Vladimir]

Hi,

URE shows in this list only capabilities available for deletion – capabilities which are not granted to any role, except ‘administrator’. 1st, revoke capability from all existing roles, then delete it via “Delete capabilities”.

[Vladimir]

Hi,

Currently, URE does not include no such functionality.

If you block some left side admin menu item, URE should block automatically the item with the same URL at the top admin menu bar.

I plan to add ability to select what top admin menu bar item to block to one of the future versions.

[Vladimir]

Hi,

I confirm this. Simple banner plugin does not think that role may edited manually, and applies the logic: if role has ‘manage_simple_banner’ capability, thus it was granted automatically by SB plugin itself, then if role is not included into the list of roles allowed to work with SB (Pro feature), then automatically revoke ‘manage_simple_banner’ and ‘manage_options’ user capability from such role:

// Add permissions for other roles
foreach (get_editable_roles() as $role_name => $role_info) {
	if ( $role_name !== 'administrator') {
		if (in_array($role_name, explode(",", $permissions_array))) {
			$add_role = get_role( $role_name );
			$add_role->add_cap( $manage_simple_banner );
			$add_role->add_cap( $manage_options );
		} else {
			$remove_role = get_role( $role_name );
			// only remove capabilities if they were previously added
			if ($remove_role->has_cap( $manage_simple_banner )){
				$remove_role->remove_cap( $manage_simple_banner );
				$remove_role->remove_cap( $manage_options );
			}
		}
	}
}

[Vladimir]

Hi,

1. I can not use “DELETE” as it does a real “Reset”:
– removes all roles;
– executes original code from WordPress setup, which creates from the scratch 5 WordPress built-in user roles: administrator, editor, author, contributor, subscriber. That is “reset” means in this case – return WordPress user roles to its initial state.

So URE’s “reset” here not only deletes roles added by other plugins, but removes any changes made by plugins or users to WordPress built-in roles.

3. I fixed the link to external article too. Thanks for pointing me that.

[Vladimir]

You need change nothing. It will work with the same license key but the new URL.

[Vladimir]

You don’t need to add these snippets to CS plugin. I took them from its source code to show you the possibility to change ‘manage_options’ to any other user capability.
If do not change that, just grant ‘manage_options’ capability to shop manager. It will get access to the ‘Snippets’ admin menu. Also it will get access to all other admin menu items, protected by ‘manage_options’, like ‘Settings’ for example. You can block them using “Admin menu access” add-on included into URE Pro.

[Vladimir]

Hi,

1. I clarify the meaning of ‘Reset’ action in this case with 2 detailed subsequent text warnings. This is a reason, why I will not change the thing which is 8+ years old.
2. I accept and will realize this suggestion. Thank you.
3. I fixed the image links in the mentioned article. Thanks again.

[Vladimir]

Hi,

Code Snippets plugin uses ‘manage_options’ user capability and ‘manage_network_options’ for the WordPress multisite.
It allows to replace default user capability via custom filters:
code_snippets_cap :

/**
* Retrieve the name of the capability required to manage sub-site snippets
*
* @return string
*/
public function get_cap_name() {
	return apply_filters( 'code_snippets_cap', 'manage_options' );
}

and
code_snippets_network_cap:

/**
* Retrieve the name of the capability required to manage network snippets
*
* @return string
*/
public function get_network_cap_name() {
	return apply_filters( 'code_snippets_network_cap', 'manage_network_options' );
}

Take into account that user who can execute PHP code at the site server can get superadmin access in a minute. You should trust to such person.

[Vladimir]

Hi,

Send a link to plugin at wordpress.org/plugins in order we talk about the same plugin.

[Vladimir]

Hi,

Quick fix for WooCommerce roles is to deactivate and activate back WooCommerce plugin. WC restores its roles automatically on activation.

[Vladimir]

To @aakraak:

Grant subscriber role to some user and login as that user or switch to it using “User Switching plugin.

[Author]

Posts