Support » Plugin: Slim Maintenance Mode » Admin’s access to front-end issue

  • Resolved janrenn

    (@janrenn)


    Hi Johannes,
    thanks for plugin!

    There is an issue with Admin’s access to front-end when editing files is disabled for security reasons with define( 'DISALLOW_FILE_EDIT', true );. The condition with current_user_can('edit_themes') on line 125 then evaluates as true even if current user is Admin. It is better to use current_user_can('admin') or current_user_can('activate_plugins').

    However, there is a workaround:

    
    add_action( 'get_header', function () {
      if ( has_action( 'get_header', 'slim_maintenance_mode' ) ) {
        if ( is_user_logged_in() && current_user_can( 'activate_plugins' ) ) {
          remove_action( 'get_header', 'slim_maintenance_mode' );
        }
      }
    }, 1 );
    
    
    • This topic was modified 1 month, 2 weeks ago by janrenn.
    • This topic was modified 1 month, 2 weeks ago by janrenn.
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.