WordPress.org

Ready to get started?Download WordPress

Forums

Page Security by Contexture
[resolved] Enhancement Requests (4 posts)

  1. gabrielinux
    Member
    Posted 3 years ago #

    Hello,

    First of all, thank you for this great plug-in! It adds some much-needed security features to WordPress. I wanted to post some ideas for future enhancements:

    • Don't redirect on search pages. Currently, in WordPress 3.0.3 with the latest Arras theme, a user will be re-directed to the error page if his search results include a protected page. For example, my site http://gabriel.mongefranco.com, has two posts with the keywords "NOAA Corps." One of these posts is protected with Page Security (for logged-in users only). When an anonymous user searches my site for "NOAA Corps," I would expect him to see only one result -- the non-protected page. However, he is instead re-directed to the error page because the title, feature image and excerpt of the protected post come up in the search results. I temporarily solved this problem by adding " && !is_search()" to the if statement in line 435, just a few lines before "function ctx_ps_security_action()."
    • Provide options to show the excerpt, title and/or feature image. Instead of redirecting to an error page, it would be nice to have the option to display posts in search results, category pages, etc., and to even show the post in single.php. However, instead of showing the whole post, it would be nice to show either the excerpt, or a small, customizable message asking the user to log-in to read the entire post. That way, users can see a teaser and have an incentive to login. This option is provided by a competing plug-in called CaPa. I would love to keep using Page Security, but without this functionality, I may have to look at other alternatives.
    • Allow the author/editor to set the page/post permissions. I write my posts under a regular account with editor rights for security reasons. I hate having to login as an administrator and editing my posts each time I want to set security options for a post.
    • Allow adding a Group to another Group. In my site, I have security setup in escalating levels of trust, similar to how government information is divided into confidential, secret, top secret, etc. A higher level, say, top secret, would have access to the same posts as the levels below it (secret and confidential). Right now, I have to remember to add a top-secret user to each level below (secret, confidential). It would be nice to be able to add groups in level to a group in another level instead, as this would save me some work.

    I hope this helps. The first item in particular is of special importance to me, since it is more of a bug fix than an enhancement. The second one is also important, and I am sure other users could see the value in it.

    Best regards,

    Gabriel Mongefranco
    http://gabriel.mongefranco.com

    http://wordpress.org/extend/plugins/contexture-page-security/

  2. Matt van Andel
    Member
    Plugin Author

    Posted 3 years ago #

    Hey Gabriel,

    GREAT feedback.

    1. Search Redirects: I will definitely look into this. Redirects shouldn't ever happen unless a page is trying to be accessed directly. If I have to upload 1.3.1 to fix this today, I will.
    2. Don't Hide Protected: This is currently planned for 1.4. The Restrict Access sidebar is getting some "advanced options" - including "Show on menus", "Don't remove from loops", and the ability to set page/section-specific AD overrides.
    3. Ownership Control: We get a lot of requests for more fine-tuned ownership control, and we definitely plan on doing something about it. This may be a 1.5 feature, though, as we haven't yet decided how to handle this (definitely open to suggestions if you have some ideas, btw).
    4. Group Inheritance: I LOVE this idea. We'll make it happen.

  3. gabrielinux
    Member
    Posted 3 years ago #

    Hi Veraxus -- I ran into plug-in last night called User Access Manager. It already implements some of the things in my suggestions, but it doesn't have the easy-to-use group/user handling that this plug-in has. Each group is connected to WordPress roles. However, you might get some ideas on how to handle ownership control from this plug-in. That is something that the author was very clever about!

    Regards,

    Gabriel Mongefranco
    http://gabriel.mongefranco.com

  4. gabrielinux
    Member
    Posted 3 years ago #

    O wow, you actually released a fix for the search page issue right away! Thank you so much. You have some great customer service skills! :)

    Gabriel Mongefranco
    http://gabriel.mongefranco.com

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic