Although users have access to go to /wp-admin/, they will not have access to do anything on there. There is no security risk involved to being able to have access /wp-admin/ for WooCommerce users. If you’d like however, you can setup an Apache protected directory with a password to /wp-admin/ that requires an additional user … Read more
Something you may use to accomplish this a plugin with a role and capability manager. You could then assign whatever permissions to either role you want, or create a new role altogether.
If this is a medical record, you probably so use a transient download URL for the session when the profile is logged on, and destroy that URL when the users logs off, this ensures that the file is not accessible to others. I used WP Customer Area plugin on a CRM project and found it … Read more
Adding these two lines to the wp-config.php file solved the problem: define(‘FS_CHMOD_FILE’, 0644); define(‘FS_CHMOD_DIR’, 0755);
I finally found the solution. function checkUserPermissionsInThisScreen(){ if (is_admin()){ $currentUserRoles = wp_get_current_user()->roles; if (in_array(‘shop_manager’, $currentUserRoles)){ $a = get_current_screen(); if ($a->id != ‘edit-shop_order’ && $a->post_type != ‘shop_order’){ wp_die(‘you do not have needed permissions to see this page’); } } } } add_action(‘current_screen’, ‘checkUserPermissionsInThisScreen’);
This code will boot out a user if they haven’t authored a post. For the purposes of this example, posts with a status of publish are considered “authored”. I’ve added some comments in the code to walk you through what’s going on – please reach out to me if you have any questions. <?php // … Read more
Here you go, and remember, this assumes that your function was already working (I did not check that it was), and if it was, then just wrap like this: <?php add_action( ‘admin_menu’, ‘wf_cli_remove_admin_menu’ ); function wf_cli_remove_admin_menu() { $wf_user = wp_get_current_user(); $wf_roles = array( ‘contributor’, ‘author’ ); if( array_intersect( $wf_roles, $wf_user->roles ) ) : remove_menu_page( ‘index.php’ … Read more
You could give the user the capability manage_options, however this will allow them to edit all options within wordpress. The best bet will be to change all the capabilites checks from manage_options to level_7 or some other editor capability(like edit_others_posts ) within the plugin. (Found 12 matches, 7 on zigconnect\zigconnect.php and 5 on zigconnect\zigconnect-admincallbacks.php )
The following excludes posts not written by the user from the edit-post screen (you can add further screen IDs if necessary) if they have the ‘contributor’ role. Normally I would suggest adding a custom capability, and comparing the capability not the role. But since it seems this plug-in isn’t for distribution, this is isn’t such … Read more
Yes this is possible. Add the following to either your plugin code or the theme’s functions.php file: function mypo_parse_query_useronly( $wp_query ) { if ( strpos( $_SERVER[ ‘REQUEST_URI’ ], ‘/wp-admin/edit.php’ ) !== false ) { if ( !current_user_can( ‘update_core’ ) ) { global $current_user; $wp_query->set( ‘author’, $current_user->id ); } } } add_filter(‘parse_query’, ‘mypo_parse_query_useronly’ ); Reference original … Read more