How can I show user’s privileges in MySQL?
The command SHOW GRANTS [FOR user] is what you’re looking for. See here for more detail.
permissions
Prevent all users from editing posts except admins using hooks
You can take away users’ capabilities with a plugin like User Role Editor, or programmatically. What you’ll need to do is collect a list of all your post types that appear in the Editor (Core has Post and Page; plugins and themes may add more) and then remove properties with a plugin. For example, you … Read more
User Capabilities are not available in WP REST permission callback?
Ok I’ve found the problem. The issue was indeed that I was not passing the nonce of the request in the proper way. Because, as I found in the docs: If no nonce is provided the API will set the current user to 0, turning the request into an unauthenticated request, even if you’re logged … Read more
What does Apache’s “Require all granted” really do?
The access control configuration changed in 2.4, and old configurations aren’t compatible without some changes. See here. If your old config was Allow from all (no IP addresses blocked from accessing the service), then Require all granted is the new functional equivilent.
GRANT SELECT to all tables in postgresql
I thought it might be helpful to mention that, as of 9.0, postgres does have the syntax to grant privileges on all tables (as well as other objects) in a schema: GRANT SELECT ON ALL TABLES IN SCHEMA public TO user; GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO user; Here’s the link.
Amazon Cloudfront with S3. Access Denied
If you’re accessing the root of your CloudFront distribution, you need to set a default root object: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html To specify a default root object using the CloudFront console: Sign in to the AWS Management Console and open the Amazon CloudFront console at https://console.aws.amazon.com/cloudfront/. In the list of distributions in the top pane, select the distribution … Read more
How do I share a Git repository with multiple users on a machine?
Permissions are a pest. Basically, you need to make sure that all of those developers can write to everything in the git repo. Skip down to The New-Wave Solution for the superior method of granting a group of developers write capability. The Standard Solution If you put all the developers in a specially-created group, you … Read more
Why is “chmod -R 777 /” destructive?
First of all a minor terminology nitpick: chmod doesn’t remove permissions. It CHANGES them. Now the meat of the issue — The mode 777 means “Anyone can read, write or execute this file” – You have given permission for anyone to do (effectively) whatever the heck they want. Now, why is this bad? You’ve just … Read more
What permissions should my website files/folders have on a Linux webserver?
When deciding what permissions to use, you need to know exactly who your users are and what they need. A webserver interacts with two types of user. Authenticated users have a user account on the server and can be provided with specific privileges. This usually includes system administrators, developers, and service accounts. They usually make … Read more
How to disable Media Library uploads for non-Admin users?
Here are 2 methods to disable all uploading for users that are not administrators: Method 1: Remove the upload_files capability from the roles you do not want to be able to upload. e.g. removing it from author role: $role = get_role( ‘author’ ); $role->remove_cap( ‘upload_files’ ); This is saved to the database so it should … Read more