WordPress.org

Ready to get started?Download WordPress

Forums

User Role Editor
[resolved] Can't Edit Users (6 posts)

  1. tommcgee
    Member
    Posted 8 months ago #

    Using version 4.7 of User Role Editor, a Super Admin can't edit other users anymore. Only a white screen with "You do not have permission to edit this user" appears.

    When I disable URE, I can edit users as expected.

    I saw this thread, http://wordpress.org/support/topic/you-do-not-have-permission-to-edit-this-user-1?replies=3, but a restart didn't change anything.

    http://wordpress.org/plugins/user-role-editor/

  2. Vladimir Garagulya
    Member
    Plugin Author

    Posted 8 months ago #

    It's difficult to catch, as, again, I can not repeat this at my test multisite installations, where superadmin edits users without problems.
    Could you give any hints on the differences of your multisite WordPress installation? Other plugins installed, active theme, etc.

  3. tommcgee
    Member
    Posted 8 months ago #

    We have 25 plugins activated at the network level, which I can list if you need them. And of course blog-by-blog they vary.

    But I've found a pattern.

    There are three different places you can modify a user, at the network level, at the blog level, or at the "edit site" level.

    If a user is NOT registered with a role on the root site, they can't be edited from the network level. I tested user A, who was an administrator on many sub-blogs but had no role on the root site. I couldn't edit her, but then made her a subscriber on the root site, and I could. At the network level.

    Even if a user has a role on the network, if they are an administrator they cannot be edited on the blog level. So user A, even after I added her to the root site, could not be edited from the users screen on the blog level.

    These users cannot be modified from the Edit Site::Users screen either, BUT it's possible to change their role using the checkbox/dropdown tools.

    The problem also holds for a custom role I set up called SafeAdministrator. The image at

    http://blogs.shu.edu/?attachment_id=806

    shows the permission set.

    Hopefully this will help you experiment on one of your own setups.

  4. Vladimir Garagulya
    Member
    Plugin Author

    Posted 8 months ago #

    Thanks a lot. Using your pattern I reproduced the exact situation as you described. I will inform you as I find the decision to this issue.

  5. Vladimir Garagulya
    Member
    Plugin Author

    Posted 8 months ago #

    I found the reason, why you can not edit user if he is not registered at the main blog.
    Quick turnaround:
    1) If only superadmin creates new users at your network, switch off this option "Allow create, edit and delete users to not super-admininstrators:".
    2) If option above is critical for you, open file includes/class-user-role-editor.php, and insert after function header, line 162:

    function edit_user_permission_check() {
            global $current_user, $profileuser;
    
            $screen = get_current_screen();

    3 new code lines. You should get as the result:

    function edit_user_permission_check() {
            global $current_user, $profileuser;
    
            if (is_super_admin()) { // Superadmin may do all
                return;
            }
    
            $screen = get_current_screen();

    This will switch off further checking for the network superadmin.

    I will include this fix into the next update.

  6. tommcgee
    Member
    Posted 8 months ago #

    Option 1 worked perfectly, thank you! We didn't want non-superadmins adding people anyway.

Reply

You must log in to post.

About this Plugin

About this Topic