Forum Replies Created
-
Posts
-
Thanks for the provided access. I confirm a problem and can reproduce it at my test environment to make further investigations.
The reason is that post editing ‘edit.php?…’ link is blocked via ‘Admin menu’, but WooCommerce uses the same link with another set of parameters for the product attributes deletion. Somehow URE Pro counts the ‘edit.php?post_type=product&page=product_attributes&delete=4&_wpnonce=…’ link as blocked and redirects user to the dashboard instead. I have to investigate the issue to decide if it’s possible to find the solution for this conflict.Generally, ‘Admin menu’ is the secondary level permissions tool. 1st level is always capabilities. We should revoke all unneeded capabilities from the role 1st. I see that you fully blocked for shop_manager role via “Admin menu” the “Appearance”, “Users”, “Links” menus. If revoke “edit_theme_options”, ‘list_users’ and ‘manage_links’ capabilities from shop_manager role, then this menus will be blocked for the role by WordPress itself.
The same is correct for the ‘Pages’ menu. I revoked all ‘_pages’ capabilities from shop_manager role at the demo site and this menu was disappeared from the user access.
The same is true for all custom post types menus, currently protected by ‘edit_posts’ capability. If revoke, all ‘_posts’ capabilities from shop_manager role, then you will not need to block related menus via ‘Admin menu’. It resolves the issue, when shop manager can not delete product attributes also.
Possible problem with this workaround is the ‘edit_posts’, ‘edit_published_posts’, ‘edit_others_posts’, ‘delete_posts’ capabilities are required by default for editing Media Library items.
I will inform you about the result of my further investigations on the subject.
Is it possible to look at this subsite with superadmin privileges? If Yes, send URL and admin and test users login/pwd to support [at-sign] role-editor.com
Hi,
1) Does user have single role? (just to exclude restrictions set to 2nd role granted to this user).
2) If you will turn Off temporally “Administrator menu access module” checkbox at URE Settings page will redirection disappear?
It seems you may need to work on additional configuration. If you use “Block not selected” model then read carefully this part of the documentation article for “Admin menu blocking” add-on.
Another way – swap checkboxes selection and use “Block Selected” model.
The problem is related to the “Advanced custom fields Pro” plugin included into your theme. It’s marked as compatible with WordPress 5.2. But WordPress 5.4 includes long waited related update – it calls itself the ‘wp_nav_menu_item_custom_fields’ action, which allows to add custom UI elements to the front-end menu administration page. Outdated version of “Advanced custom fields Pro” calls ‘wp_nav_menu_item_custom_fields’ itself. That was a reason of duplicate output from URE Pro. I added checking if output for menu item was done to exclude similar issues in future.
I uploaded the updated version of code to your site. Thanks for your help with investigating this problem.If it’s possible to look at your site with admin credentials send URL and username/pwd to support [at-sign] role-editor.com
Hi,
It’s a known bug. You can try the beta version 4.56.b1, which includes the fix. You may take it from the “Download” page.
Dashboard widgets are realized as meta boxes really. Try meta boxes access add-on to hide it for selected role.
Hi,
You can not make this via URE Pro user interface. Try this custom code. It hides all medial library items uploaded by user with ID=1 from users with roles event-admin or event-superadmin:
add_action('pre_get_posts', 'hide_attachments_for_role', 99); function hide_attachments_for_role( $query ) { global $pagenow, $wpdb; if ( $pagenow !== 'upload.php' ) { return; } if ($query->query['post_type']!=='attachment') { return; } $user = wp_get_current_user(); if ( $user->ID==1 ) { return; // do not restrict super admin } if ( ! (in_array( 'event-admin', $user->roles ) || !in_array( 'event-superadmin', $user->roles ) ) ) { // do not hide media items uploaded by admin from roles others than above return; } $sub_query = "SELECT ID FROM {$wpdb->posts} WHERE post_type='attachment' AND post_author=1"; $admin_list = $wpdb->get_col($sub_query); if ( empty( $query->query['post__in'] ) ) { if ( empty( $query->query['post__not_in'] ) ) { $query->set( 'post__not_in', $admin_list ); } else { $list1 = array_merge( $query['post__not_in'], $admin_list ); $query->set( 'post__not_in', $list1 ); } } else { $list1 = array(); foreach ( $query->query['post__in'] as $id ) { if ( !in_array($id, $admin_list)) { $list1[] = $id; // leave just allowed items } } if (empty( $list1 ) ) { $list1[] = -1; } $query->set( 'post__in', $list1 ); } } // end of hide_attachments_for_role()Hi,
“Settings->UpdraftPlus Backups” menu item is protected by ‘manage_options’ capability.
You may grant ‘manage_options’ capability to a role and block other items of the Settings menu via Admin menu access add-on.Hi,
It does not depend from the presence of User Role Editor Pro. WordPress itself decide where to show UI to change default role for a new user.
For WordPress multisite:
Go to “Network ADmin -> My Sites” –> “Network Admin” –> “Sites” –> “All Sites” and select “Edit” on the site that you want to set the default role for, then click “Settings”. Scroll down and you should see “Default Role”. Set the role to ‘subscriber’(whatever you want) and save.
