Posted 1 year ago #
I have the multisite installation successfully up and running on a test server. How do I configure it to allow a given user to access just one of the sites without being able to access all of them. Right now my test users, despite being "assigned" to a particular site, can take their permissions with them to any of the other sites as well. Is there a plug-in I need, or am I missing something basic about user management?
Thank you in advance for any help!
Rob
Then you have another plugin interfering, becasue by default, the user permissions work out of the box exactly the same way they do at wordpress.com./
meaning, you're signed in to the entire network, but the only blog admin access you have is your own.
if you're seeing different results, disable every single plugin you have.
Posted 1 year ago #
Thank you famous Andrea_r, your reputation precedes you!
Is it because I "made" the users from the master blog account (which I did)? I'm not sure what else to call the first blog at the root level. I assigned them to a sub-blog (terminology?) from that master account, but apparently that doesn't limit them the way signing up from the sub-account initially does?
Speaking of which, are there special properties and abilities that this "master blog" has that the subsequent sub-blogs doesn't?
Thank you!
Rob
Is it because I "made" the users from the master blog account
No, I create users, while logged in as Super Admin, all the time. This DOES NOT grant my new users special access unless I specify it.
I assigned them to a sub-blog (terminology?) from that master account, but apparently that doesn't limit them the way signing up from the sub-account initially does?
Close enough :) (sub-site, but we shant get nitpicky). You created the IDs as subscribers in the main site. Then you made a new site and added them as admins. Is that correct?
Please note that, as Andrea said, if you're signed in to one site, you're signed in to ALL sites. But. You only have admin access to ONE site :) Not all. Not even if you're an admin on the #1 (main) site. You are only master of the sites you are specifically made admin of.
Speaking of which, are there special properties and abilities that this "master blog" has that the subsequent sub-blogs doesn't?
Nope. The main site is just the main site. Mine has a couple hundred subscribers :) All they can do is read and comment.
Posted 1 year ago #
Thank you ipstenu! Your comments are very helpful to me as I figure this stuff out.
if you're signed in to one site, you're signed in to ALL sites
Ah ha, so is there a way (plug-in?) to arrange it so that non-admin users of a sub-site can only access that sub-site, and not all the others?
Now I'm wondering if I just talked myself out of using multisite blogs. If I don't want my non-admin users to be able to log in to other sub-sites, what advantages do the multisite blogs still have?
Thank you!
Ah ha, so is there a way (plug-in?) to arrange it so that non-admin users of a sub-site can only access that sub-site, and not all the others?
Mmm. MAYBE this: http://wordpress.org/extend/plugins/wp-hide-dashboard/
They'd still be able to access the other backends, but not really do anything. Would that help? I'm using it on 3.0.1 multisite without any issues.
Posted 1 year ago #
Pardon my noobiness here...
What I want is to have sub-sites where only members of a that given sub-site can post to or comment to only that sub-site. I don't want them to be able to sign in on one sub-site and be able to post or comment on any of the other sub-sites.
Is that possible?
they cannot post to any blog they aren't specifically assigned to, which both Ipstenu and I already stated.
they *can* comment on all the blogs by default.
Posted 1 year ago #
Sorry, slow on the uptake here.
Thanks guys!
they *can* comment on all the blogs by default.
Though if you turn off comments on posts, then no one can post comments :) If commenting is open, the only 'difference' is that they can post as a logged in user. Doesn't really change much.
Posted 1 year ago #
Please note that, as Andrea said, if you're signed in to one site, you're signed in to ALL sites. But. You only have admin access to ONE site :) Not all. Not even if you're an admin on the #1 (main) site. You are only master of the sites you are specifically made admin of.
ipstenu, I'm having a similar issue where an "Administrator" account (which is registered on the main site as a "subscriber") of a sub-site I created as a test is able to access the "wp-admin" page of the main site despite having Mingle installed and configured to redirect all members (including myself, unless I manually access it) of the main site to the "Activity" page. This worked for that subscriber account before using it to create a sub-site, but not anymore.
The account does carry the same permissions I assigned to the sub-site, so it doesn't exactly pose much of a threat in terms of settings or pages, however it does have access to the Posts/Add Post and Media/Add Media pages which leaves it open to possible spamming.
Now, this MIGHT be an issue with the Mingle plugin, but I have noticed similar incidents before installing it where pretty much any user with a site inside the "network" can access the backend of any other site despite having measures in place to redirect them elsewhere. With that said it could also be that WordPress is a little too open, in that it sees anyone with "Administrator" role on any sub-site as that of any site in the network... :-/
In any case, it would be useful to be able to define a custom role for the "Administrator" of a sub-site when they create one. Such a thing is easy to create, but not to implement - I've tried a hard-coded option a while back and even tried a custom plugin, but neither have yielded these results.
Any help anyone could give with this would be much appreciated :-)
LJ
With that said it could also be that WordPress is a little too open, in that it sees anyone with "Administrator" role on any sub-site as that of any site in the network... :-/
This is definitely not default behavior.
You've definitely got some plugins interfering.
I just ran a test on this and cannot reproduce it. But...
I'm running http://wordpress.org/extend/plugins/wp-hide-dashboard/
My admin on Site 3 ONLY has Back End Access to Site 3.
Posted 1 year ago #
I have a slightly different issue but it is perhaps related:
I have an Editor on a sub-site who is able to add/edit Users and List Users.
He is seeing ALL Users from my main site, plus ALL Users from all other sub-sites.
Is this normal? Is there a way to limit User Lists to only the site they are assigned to as Editor so they only see their own subscribers and not all multisite subscribers from all sites?
I may have answered my own question, but need to test it to confirm.
Possibly one of these plugins will suit my needs:
More-Privacy-Options
Network-Privacy
Limit-Blogs-Per-User (maybe)
WP3.0.3 multisite, using S3 Member on sub-site but not on main site.
MileHighTechGuy - Open up a new post for this one, and list what plugsin you're running please :)
This topic has been closed to new replies.
