WordPress.org

Forums

Shortcodes Ultimate
[resolved] Non-Administrators "Access Denied" (26 posts)

  1. aspacecodyssey
    Member
    Posted 3 years ago #

    Trying to insert any user level other than "Administrator" results in an "Access denied" message being displayed.

    WordPress version 3.5.1
    I have attempted deactivating all plugins and changing my theme.

    http://wordpress.org/extend/plugins/shortcodes-ultimate/

  2. aspacecodyssey
    Member
    Posted 3 years ago #

    EDIT: Scratch that, it's a "roles" problem. I am using the "Members" plugin and it's any *created* non-admin role (i.e. it works for the other default roles). Still, is there a fix?

  3. aspacecodyssey
    Member
    Posted 3 years ago #

    EDIT AGAIN: Line 7 in lib/generator.php makes this plugin incompatible with any custom created role.

    if ( !current_user_can( 'author' ) && !current_user_can( 'editor' ) && !current_user_can( 'administrator' ) )

    This means only those 3 user roles can use the plugin. Removing the line completely or adding your custom role to the list will fix it, however this is not permanent because a plugin update will nix this fix. I'm not sure what the proper fix would be.

  4. ELAN42.com
    Member
    Posted 3 years ago #

    I had the same problem, can someone contact the author ?

    This have no sense, I'm using a custom role, also, as explained in the codex.

    This is the only plugin giving me problems, there is no reason in "hardcoded" authorization checks.

  5. Vladimir Anokhin
    Member
    Plugin Author

    Posted 3 years ago #

    Sorry guys, absolutely have no time to make updates/fixes.
    You can fix it yourself as described in post above

    if ( !current_user_can( 'author' ) && !current_user_can( 'editor' ) && !current_user_can( 'administrator' ) )

    Next version (4.0.0) will have option at settings page to setting up roles.

  6. ELAN42.com
    Member
    Posted 3 years ago #

    Hi gn_themes. Thank you for the fast answer.

    First: The solution works, we'll look into the next release, but please don't make the same mistake (making it impossible to use custom roles as now).

    For example big plugins like Nextgen Gallery and WooCommerce have the possibility of "forcing capablities definition", in this way:
    add_role('cliente', 'Cliente', array(
    'NextGEN Manage gallery' => true,
    'manage_woocommerce' => true,
    ));

    Please keep in mind that this "keys" must be defined into your code plugin, don't know exactly how, but it's related to the moment in wich you create the page into the WP menu.

    IMHO, a plugin like yours should be just avaiable to whoever can "edit_posts" and "edit_pages".
    Give a look to "tiny mce advanced" about that purpose, it does same thing.

    Second: please consider this advices: http://wordpress.org/support/topic/you-should-add-in-next-versions?replies=1#post-3769045

  7. Vladimir Anokhin
    Member
    Plugin Author

    Posted 3 years ago #

    There is fixed version of lib/generator.php - http://pastebin.com/raw.php?i=bMAAhiU0

    Replace your file with this code and all logged users will can use shortcodes generator.

  8. Vladimir Anokhin
    Member
    Plugin Author

    Posted 3 years ago #

    >> Please keep in mind that this "keys" must be defined into your code plugin, don't know exactly how, but it's related to the moment in wich you create the page into the WP menu.

    Sure, I know that. WP has methods to get all registered user roles. I'll use that methods in next version.

  9. Vladimir Anokhin
    Member
    Plugin Author

    Posted 3 years ago #

    >> Second: please consider this advices: http://wordpress.org/support/topic/you-should-add-in-next-versions?replies=1#post-3769045

    Thank you for the awesome suggestions. I have already added some of these ideas to my todo list.

  10. ELAN42.com
    Member
    Posted 3 years ago #

    Perfect !

    I'll look into that code and write to NextGen new developers,
    they still have users "base types" hardcoded into php code.

    p.s. for your specific plugin, however, I honestly think you could put custom user roles in the end of your to do list, of course while you fix the actual problem cheking only for is_user_logged_in()

  11. Jarod Thornton
    Member
    Posted 2 years ago #

    I started experiencing this problem a week or so ago. Version 3.9.5 with WP 3.6.1 (currently upgrading).

    As suggested changing line 7

    if ( !is_user_logged_in() ) die( 'Access denied' );

    to

    if ( !current_user_can( 'author' ) && !current_user_can( 'editor' ) && !current_user_can( 'administrator' ) )

    resolved my problem.

    I am a super admin for a WPMU network and my role and editor role were denied permission.

    Thank you for the helpful information.

  12. Vladimir Anokhin
    Member
    Plugin Author

    Posted 2 years ago #

    This problem is solved in new beta version. You can try it yourself. GitHub repo. Direct download link.

    Don't forget to deactivate old version before activating new.

  13. SFGolfer
    Member
    Posted 2 years ago #

    I installed the beta and have deactivated the old version.

    However, I don't see the option in Settings to setting up roles.

    I need to be able to restrict access to the shortcodes for a certain group.

  14. Vladimir Anokhin
    Member
    Plugin Author

    Posted 2 years ago #

    You can now install version 4.1.0 from wporg repository. Access for shortcodes is granted only for users that can edit posts.

  15. Vladimir Anokhin
    Member
    Plugin Author

    Posted 2 years ago #

    This option is not needed in current plugin version.

  16. SFGolfer
    Member
    Posted 2 years ago #

    I need to be able to restrict certain roles from accessing the shortcodes (they are not very technical and will mess up their posts).

    I use the Members plugin and it has the ability to add in a custom classification such as:

    create_role
    edit_posts
    gravityforms_edit_forms

    Does your plugin have similar names?

    If not, then any suggestions?

    Thanks.

  17. Jarod Thornton
    Member
    Posted 2 years ago #

    SFGolfer I'm not sure if this will be helpful, but I also admin a network of "non technical" users. Being that they are already non-technical I simply went the direction of hiding elements using CSS. I wrote up a plugin and that is one of it's functions; load custom CSS based on user role. This gives me total control of what they see and can access.

    function load_custom_wp_admin_style()
    		{
    			echo '<link href="http://urltoyourstylesheet-1" rel="stylesheet" type="text/css">';
    
    				if (is_super_admin(1 == $current_user->ID))
    				{
    					echo '<link href="http://urltoyourstylesheet-2" rel="stylesheet" type="text/css">';
    					}
    
    				else
    				{
    					echo '<link href="http://urltoyourstylesheet-3" rel="stylesheet" type="text/css">';
    
    				}
    		}

    I basically load a default stylesheet for everyone, then a special stylesheet for me, or none if you like, and lastly a stylesheet for everyone else.

    I did just this for Shortcodes Ultimate.

    a.su-generator-button {
      display:none !important;
    }
  18. Vladimir Anokhin
    Member
    Plugin Author

    Posted 2 years ago #

    I'll try to work something out in closest versions.

  19. Vladimir Anokhin
    Member
    Plugin Author

    Posted 2 years ago #

    You can add next line of code to your theme's functions.php

    update_option( 'su_generator_access', 'administrator' );

    It will start working from next version (4.1.1).

  20. SFGolfer
    Member
    Posted 2 years ago #

    The update_option did not work.

    What does this snippet do?

    What do I put in there to prevent the Author role from accessing SU?

  21. Vladimir Anokhin
    Member
    Plugin Author

    Posted 2 years ago #

    Did you updated to 4.1.1?
    Where do you paste this snippet?
    Try to replace administrator with editor. This value defines minimal user role to access the generator.

  22. SFGolfer
    Member
    Posted 2 years ago #

    Yes, I did update to 4.1.1 but did not see an option to set the level.

    But changing it to editor worked. Now I understand it defines the minimal user level.

    Thank you!

    @jarmerson - thanks for your input as well. I'll probably use your code for another purpose.

  23. Vladimir Anokhin
    Member
    Plugin Author

    Posted 2 years ago #

    Yes, I did update to 4.1.1 but did not see an option to set the level.

    I think there is no need to overload settings page with options like this one.

  24. Vladimir Anokhin
    Member
    Plugin Author

    Posted 2 years ago #

    Thank you for review =)
    Just created article about this hack - http://gndev.info/kb/how-to-restrict-access-to-shortcode-generator/

  25. BlackSuicide
    Member
    Posted 2 years ago #

    Hi,
    Sorry for my bad english. I've got a problem with galleries utilization: administrators can manage galleries but what about other roles ?
    I need my authors or editors to be able to create galleries in order to put them into their posts. But when an author clicks onto "manage galleries", a message appears saying that they "do not have sufficient permissions to access this page". I think it's because they don't have access to plugins therefore they can't access to the tab of "Shortcode Ultimate" that allows to manage galleries. How can I solve this problem?
    Your plugin is awesome, beautiful and really easy to use and I don't want to be obliged to create everyday each gallerie for each post. Thanks a lot for your answer !

  26. Jason Poh
    Member
    Posted 2 years ago #

    I need non-admins but users with edit-posts capabilities to edit Galleries also. Please fix it. Thank you

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Shortcodes Ultimate
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic