As of now, there is no dedicated user capability to read a reusable block; it is not possible to customize the capabilities (reading, editing, deleting) exclusively for reusable blocks. The capabilities are currently tied into in the capabilities of the post type ‘post’ so the capabilities that you give to the post type ‘post’ will … Read more
Add code – your current active theme’s functions.php file or in a custom plugin: // Step 1: Create a New Role Based on Subscriber function create_custom_role() { // Check if the role doesn’t already exist if (!get_role(‘username-role’)) { // Get the capabilities of the Subscriber role $subscriber_role = get_role(‘subscriber’); $capabilities = $subscriber_role->capabilities; // Create a … Read more
The wp_login hook you are using only triggers when a user login, while we need to trigger function when user changed their role. The correct for this will be set_user_role hook. Please update your code with the given code so User will logout on changing the role. function logout_pending_users( $user_id, $new_role, $old_roles ) { // … Read more
How do I make this (and the pages) appear for authors, now that they actually have the relevant capabilities? They don’t have the needed capabilities, just because a role can add/edit/remove users does not mean they can list_users. Similarly there are other capabilities such as role promotion etc, here’s the code for administrators, e.g. this … Read more
This works for me: // Remove WP Block add_action(‘admin_init’, ‘remove_wp_block_menu’, 100); function remove_wp_block_menu() { remove_submenu_page( ‘themes.php’, ‘edit.php?post_type=wp_block’ ); }
As mentioned by Jacob Peattie: functions not loaded yet. You will need to use hooks/actions (init, wp etc) https://codex.wordpress.org/Plugin_API/Action_Reference e.g. function callMyMethod(){ $userLoggedIn = is_user_logged_in(); echo ‘INIT Action: User Logged in: ‘.var_export($userLoggedIn, true); if ( is_admin() ) { $canAccess = user_can_access_admin_page(); } } add_action(‘init’,’callMyMethod’); This answer is assuming you’re creating a plugin and calling the … Read more
I found another piece of code on the internet which I have modified to work. add_filter(‘the_comments’, ‘edit_comments_filter_comments’); function edit_comments_filter_comments($comments){ global $pagenow; $currentuserid = get_current_user_id(); if($pagenow == ‘edit-comments.php’ && !current_user_can(‘edit_others_posts’)){ foreach($comments as $i => $comment){ $the_post = get_post($comment->comment_post_ID); if($comment->user_id != $currentuserid && $the_post->post_author != $currentuserid) unset($comments[$i]); } } return $comments; } As I understand it, this … Read more
Restrict APP REST API for users with account and capabilities
Here’s how I’d handle it (mostly you’re right, and the tweak in your answer to use init gets you closer, but — as you’ve discovered — doing a bunch of switch_to_blog() / restore_current_blog() calls on every single page load is costly). function add_opportunities_capability_to_admins() { // Set up the needed capabilities. $capabilities = array( ‘edit_opportunity’, ‘read_opportunity’, … Read more
In Multisite, Core only allows super admins to edit CSS by default. One of the reasons is that there are some security edge cases, especially in older browsers. To allow site admins, you’ll need to grant them the edit_css capability. It sounds like you tried to do that with your plugin, but without seeing the … Read more