WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] [Plugin: Role Scoper] Problem Displaying Custom Fields with RS (27 posts)

  1. fredhead
    Member
    Posted 3 years ago #

    I'm using Custom Post Type UI to create content post types (an FAQ), Advanced Custom Fields to define field types for the custom post types, and Role Scoper to manage access to creating FAQs and viewing FAQs. All three plugins appear to work (on LAMP, PHP5).

    However, when I login with a test account set to permissions WP-Author, the custom fields do not appear. When I deactivate Role Scoper and login with the same account, the custom fields do appear. While I can't find it today, yesterday I came across one or two posts on the internets that said to set the WP-Author role as FAQ Author and WP-Editor role as FAQ Editor. That did not fix the issue. I'd appreciate help debugging.

    First, here are the assigned permissions for my author test account, what appears on the login's profile page:

    Scoped Roles
    Assigned WordPress Role: Author
    (contains Link Reader, Post Reader, Post Contributor, Post Author, Page Reader, FAQ Reader, Document Reader)

    Additional General Roles: Category Assigner, Document Contributor, FAQ Author, Post Tag Assigner, Private Document Reader
    (contains Document Reader, FAQ Reader, FAQ Contributor)

    Second, here's the output from Roles > General in Role Scoper for my FAQ custom post type:

    FAQ Reader
    Private FAQ Reader
    FAQ Contributor
    FAQ Author Groups: [WP author]
    FAQ Editor Groups: [WP administrator], [WP editor]
    Category Manager
    Category Assigner Groups: [WP author], [WP editor]
    Post Tag Manager
    Post Tag Assigner Groups: [WP author], [WP editor]

    With Role Scoper on, what this author login does see on the Add/Edit an FAQ page is the Title field and the WYSIWYG textarea (or a version of it).

    Finally, in searching yesterday, one possible solution had to do with timing for each of these plugins, when they were fired off. However, I can't find the URL and I have no idea how to make that happen. If you think that's the issue, could you also explain how to adjust what WordPress processes first, second, third.

    BTW Role Scoper works great filtering content based on categories and roles. The only issue I'm having is this one which appears to be caused by Role Scoper (because the custom fields appear fine when Role Scoper is deactivated).

    Any ideas what settings I should check? Thank you!

  2. kevinB
    Member
    Posted 3 years ago #

    Thanks for the extensive configuration data. I'll look into this after returning from vacation next week.

  3. fredhead
    Member
    Posted 3 years ago #

    Thanks, Kevin! Let me know when you're ready and I'll give you whatever data/access you need to help figure it out. Enjoy your time off.

  4. kevinB
    Member
    Posted 3 years ago #

    I'm back from vacation and will be in Role Scoper support mode for the next day or two. You can send additional data through my contact form.

  5. kevinB
    Member
    Posted 3 years ago #

    Non-display of Advanced Custom Fields metaboxes is fixed in the updated Role Scoper development code (1.3.41-dev).

  6. fredhead
    Member
    Posted 3 years ago #

    Thanks, Kevin, and welcome back (if coming back from any vacation is a good thing). I'll check out the dev code.

    While waiting I've cobbled together the hand coded custom fields in my functions.php file which did work with Role Scoper before for the most part. Having today rebuilt my test site, tomorrow I plan to re-active RS and add back all the accounts to test everything. Basically I have a set of external users who are all Subscribers in the WordPress world who I want to permission at the category level with RS. Then I have a group of internal users who I want to simply use the WordPress levels of Author, Editor, and Admin.

    I'll let you know how it goes.

  7. fredhead
    Member
    Posted 3 years ago #

    Hi Kevin, if you're still subscribed to this post:

    I have three users/roles:

    Role 1
    Role 2
    Role 3

    I also have four categories and subcategories:

    Cat 1
    Cat 2
    SubCat A
    SubCat B
    Cat 3
    Cat 4

    For testing, I have one user. My goal is to have the user be able to see only content assigned to their group and categories assigned to their group. The user is a reader, not an editor, author, or admin. In the WordPress permissions scheme, users are "No Role for this Site."

    I have this immediate scenario/problem:

    The user is assigned to Cat 2 and SubCat A. They should only see content assigned to SubCat A, not SubCatB. The problem is that assignment to Cat 2 appears to include SubCatB items when I log in as the user and view category links. How do I refine the permissions so the user, in this scenario, only sees content assigned to Cat 2 and SubCat A?

    Most likely I'm misunderstanding the nature of Role Scoper, or there are so many screens in RS my head is exploding. But let me know how to use RS to truly limit users to the categories to which they are assigned.

  8. kevinB
    Member
    Posted 3 years ago #

    Make sure the Category Role assignment on Cat 2 is "for selected category" and not "for selected and subcategories". The latter (indicated by bolded user/group name in the Roles > Categories tables) causes the role assignment to propagate to all current and future subcategories.

  9. fredhead
    Member
    Posted 3 years ago #

    Thanks, Kevin! I missed that detail.

    A follow up question. On the Category Roles page, for each category I've assigned a group that roughly mirrors a set of categories, like this:

    Group 1 = Cat 1
    Group 2 = Cat 2
    Group 3 = Cat 3
    Group 4 = Cat 4

    For some categories, I want Groups 1, 2, and 3 to see entries tagged with multiple groups in the Category Roles page, like this:

    Cat 8 = Group 1, Group 2, Group 3
    Cat 9 = Group 1, Group 3

    In this scenario, category tagged content for Group 1 is showing up in the category links on the right of my pages (2010 theme). The logged in user is assigned to Group 2 to see only category 2 content. I've determined the problem is that it's because Groups 1, 2, 3 are assigned to category 8 and so all content tagged with Category 8 displays when you click the category 8 link, regardless of any category restrictions. Category Roles appears to take precedence over Category Restrictions.

    Any way to untangle this? Specifically, is there a best practice for how to organize categories and groups?

  10. kevinB
    Member
    Posted 3 years ago #

    I don't understand your desired behavior. If you have given all 3 groups a Post Reader role for Cat 8, don't you want all those groups to see the Cat 8 posts?

  11. fredhead
    Member
    Posted 3 years ago #

    Yes except the other category relationship and restriction gets ignored in this second scenario. All content tagged with Cat 8 is displayed regardless of any other category restriction. Category Role assignment to Cat 8 appears to take precedence over limiting Cat 2 to Group 2 regardless of any other assignment. I want the reverse effect.

    It's confusing, perhaps, and my apologies. Mostly I'm looking for best practices for limiting content access based on categories, sub-categories, and groups.

  12. kevinB
    Member
    Posted 3 years ago #

    First off, access cannot be limited based on group. Category Roles (whether assigned per-user or per-group) only expand access beyond what the user has from the WP Role or RS General Role. They do not limit a category to a particular group.

    If the Post Reader role is restricted for all categories of any given post, that post will not be visible without a Category-specific or Post-specific Role assignment.

    Post Restrictions (set in Roles > Posts or in the Post Edit Form) can be set to require a post-specific role assignment (overriding WP / General and Category Roles).

    Based on what I know of your requirements, I'd suggest setting a default Category Restriction ("default for all categories") on the Post Reader role. Then simply assign Category Roles to each desired group per-category and use Post Restrictions/Roles to further customize that as needed.

  13. fredhead
    Member
    Posted 3 years ago #

    Okay, thank you for the clarification. The key, I think, is to control at the Post/Article level. I was thinking at the site admin level but, in practice, once basic permissions are set, authors will determine who sees content.

    I have one question. On the Add/Edit a Post/Article form, I see this checkbox, "Restrict for Article Item (only selected users/groups are Readers)". This appears to override any /Group Name/ settings, permissions gained by other settings. Is there a way to make this checked off by default? That would help force authors to select groups who can see the content.

    I'd also ask if there is a way to hide the Contributor and Author checkboxes on the Add/Edit forms.

    Appreciate your help and clarifications!

  14. fredhead
    Member
    Posted 3 years ago #

    Hi, now I'm getting another problem: once RS is enabled, my custom types don't show their menus properly. When I go to Roles > Options > Realms > Post Type Usage and un-check my custom content types, the full menus come back.

    I have three custom content types that work fine and use exactly the same code except for obvious differences (e.g. the type name used in calling register_post_type. The types are Articles, Documents, and FAQs. On the left side admin menu in WordPress, the menus (e.g. Articles, Add New, and Categories) display fine until I activate RS or shut off Post Type Usage.

    More weird: when I'm in the RS Role pages, the left navs display fine. When I go to another tab with the WP Dashboard and click Refresh, the navs are not fine based on the Post Type Usage settings.

    Any ideas what settings I need to access my custom content types with RS? Anything I should watch out for? I want to leave the WordPress roles "as is" for authors, editors, and admins. I only need to manage roles for site visitors. Thanks.

  15. kevinB
    Member
    Posted 3 years ago #

    Activating a post type for RS filtering forces its capabilities to be customized (otherwise RS filtering is impossible).

    Non-Administrators won't be able to see the CPT menus (or edit the custom posts) until you give them the corresponding capabilities as listed in RS Role Defs > * Editor. You can do so by manually editing the WP role defs or by assigning a General role to the desired WP role group.

  16. fredhead
    Member
    Posted 3 years ago #

    Well that's the mystery. I'm logged in as an admin, the original account used to set up the WP install. And I see the first CPT menu (Articles) but not the two other CPT menus. In theory, I should see all three menus. And when, in another tab, I refresh an Edit page for the blocked CPT, I get a permissions error ("You are not allowed to edit this item").

    So I went into Roles > General, selected [WP Administrator] and then checked off the Editor role for Posts, Pages, Articles. The same two CPT menus still are blocked and I still get the Edit page error for a blocked CPT.

    And in Roles > Options > Realm > Access Types, I have the last item, "Editing and administering content (admin)" unchecked. Shouldn't that take RS off WP roles and off the WP admin pages?

    What am I doing wrong?

  17. kevinB
    Member
    Posted 3 years ago #

    What "Content Administrator" capability do you show in Roles > Advanced > Administrator Defintion? Does you WP Administrator role def have that capability?

  18. fredhead
    Member
    Posted 3 years ago #

    The line is perhaps this:

    Content Administrator activate_plugins RS never applies restricting or enabling content filters

  19. kevinB
    Member
    Posted 3 years ago #

    Okay, that's the default. And your WP Administrator role still has that capability?

    What WP version are you running? Multisite?

  20. kevinB
    Member
    Posted 3 years ago #

    Do you see the same behavior with the current RS development code (1.3.43-dev)?

  21. fredhead
    Member
    Posted 3 years ago #

    WordPress version is 3.1.4, the last before 3.2. Single site. The only plugins are RS and Event Manager. Everything else (e.g. custom post types) are hard-coded in functions.php.

    What WP Administrator role has what capability? I'm able to activate plugins, manage users, and manage RS roles.

  22. fredhead
    Member
    Posted 2 years ago #

    Kevin, where can I get dev version 1.3.43?

  23. kevinB
    Member
    Posted 2 years ago #

    Kevin, where can I get dev version 1.3.43?

    Follow the "Other Versions" link on http://wordpress.org/extend/plugins/role-scoper.

    It's the "Development Version"

  24. kevinB
    Member
    Posted 2 years ago #

    Any followup on this before I release 1.3.43?

  25. fredhead
    Member
    Posted 2 years ago #

    I would not hold up the release for me.

    With the Role Scoper dev version and WP 3.2, two of my three custom post types do not appear at all on the left side navigation (before the two headings appeared but the flyout nav only showed Categories, not the heading name (e.g. Articles) and Add New [Heading Name]. However, while I have crafted my CPT code carefully, and it all works fine with RS turned off, I have not formally tested to prove my code is not the problem. With CPT documentation (how to create the code by hand) so atomized over the internet, it is theoretically possible something in my code misbehaves with RS code. That said, I've been extremely careful, have walked back broken code, and ensured everything works fine (without RS).

    So I don't know how to proceed. If you are interested in the problem, I'd be happy to grant you access since it is a tightly controlled test site. But we'd have to communicate offline (I'd report out whatever we found here, of course, for the community). If you're not interested, then I'm stuck with the option of having to try RS with whatever CPT plugin you recommend. I need a lot of control over CPT details and found, as of April 2011 last, that none of the plugins had the control I wanted.

  26. kevinB
    Member
    Posted 2 years ago #

    If you drop me a contact, we can discuss this further.

  27. fredhead
    Member
    Posted 2 years ago #

    For historical purposes, the problem was caused by the flush_rewrite_rules() called after register_post_post_type() I had in my functions.php file. I had used flush_rewrite as part of solving a problem with custom post type URLs. Removing the flush_rewrite rules left my custom post type URLs intact while resolving the issue here where RS did not display all three of my custom post types on the left navigation of the WordPress admin screen.

    On the issue of how to use RS to limit access to content, it appears that creating groups, assigning users to groups, then restricting content based on groups, proved to be the cleanest and easiest route. I have one minor issue related to categories not displaying in one or two cases but expect that to be easy to fix.

Topic Closed

This topic has been closed to new replies.

About this Topic